summaryrefslogtreecommitdiff
path: root/spec/controllers/groups/group_members_controller_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/controllers/groups/group_members_controller_spec.rb')
-rw-r--r--spec/controllers/groups/group_members_controller_spec.rb66
1 files changed, 45 insertions, 21 deletions
diff --git a/spec/controllers/groups/group_members_controller_spec.rb b/spec/controllers/groups/group_members_controller_spec.rb
index 19655687028..b666f73110a 100644
--- a/spec/controllers/groups/group_members_controller_spec.rb
+++ b/spec/controllers/groups/group_members_controller_spec.rb
@@ -5,9 +5,8 @@ require 'spec_helper'
RSpec.describe Groups::GroupMembersController do
include ExternalAuthorizationServiceHelpers
- let(:user) { create(:user) }
- let(:group) { create(:group, :public) }
- let(:membership) { create(:group_member, group: group) }
+ let_it_be(:user) { create(:user) }
+ let_it_be(:group, reload: true) { create(:group, :public) }
before do
travel_to DateTime.new(2019, 4, 1)
@@ -25,14 +24,22 @@ RSpec.describe Groups::GroupMembersController do
expect(response).to render_template(:index)
end
- context 'user with owner access' do
- let!(:invited) { create_list(:group_member, 3, :invited, group: group) }
+ context 'when user can manage members' do
+ let_it_be(:invited) { create_list(:group_member, 3, :invited, group: group) }
before do
group.add_owner(user)
sign_in(user)
end
+ it 'assigns max_access_for_group' do
+ allow(controller).to receive(:current_user).and_return(user)
+
+ get :index, params: { group_id: group }
+
+ expect(user.max_access_for_group[group.id]).to eq(Gitlab::Access::OWNER)
+ end
+
it 'assigns invited members' do
get :index, params: { group_id: group }
@@ -64,9 +71,22 @@ RSpec.describe Groups::GroupMembersController do
end
end
+ context 'when user cannot manage members' do
+ before do
+ sign_in(user)
+ end
+
+ it 'does not assign invited members or skip_groups', :aggregate_failures do
+ get :index, params: { group_id: group }
+
+ expect(assigns(:invited_members)).to be_nil
+ expect(assigns(:skip_groups)).to be_nil
+ end
+ end
+
context 'when user has owner access to subgroup' do
- let(:nested_group) { create(:group, parent: group) }
- let(:nested_group_user) { create(:user) }
+ let_it_be(:nested_group) { create(:group, parent: group) }
+ let_it_be(:nested_group_user) { create(:user) }
before do
group.add_owner(user)
@@ -95,7 +115,7 @@ RSpec.describe Groups::GroupMembersController do
end
describe 'POST create' do
- let(:group_user) { create(:user) }
+ let_it_be(:group_user) { create(:user) }
before do
sign_in(user)
@@ -130,7 +150,7 @@ RSpec.describe Groups::GroupMembersController do
access_level: Gitlab::Access::GUEST
}
- expect(response).to set_flash.to 'Users were successfully added.'
+ expect(controller).to set_flash.to 'Users were successfully added.'
expect(response).to redirect_to(group_group_members_path(group))
expect(group.users).to include group_user
end
@@ -142,7 +162,7 @@ RSpec.describe Groups::GroupMembersController do
access_level: Gitlab::Access::GUEST
}
- expect(response).to set_flash.to 'No users specified.'
+ expect(controller).to set_flash.to 'No users specified.'
expect(response).to redirect_to(group_group_members_path(group))
expect(group.users).not_to include group_user
end
@@ -180,7 +200,7 @@ RSpec.describe Groups::GroupMembersController do
it 'adds user to members' do
subject
- expect(response).to set_flash.to 'Users were successfully added.'
+ expect(controller).to set_flash.to 'Users were successfully added.'
expect(response).to redirect_to(group_group_members_path(group))
expect(group.users).to include group_user
end
@@ -189,7 +209,7 @@ RSpec.describe Groups::GroupMembersController do
end
describe 'PUT update' do
- let(:requester) { create(:group_member, :access_request, group: group) }
+ let_it_be(:requester) { create(:group_member, :access_request, group: group) }
before do
group.add_owner(user)
@@ -292,9 +312,9 @@ RSpec.describe Groups::GroupMembersController do
end
describe 'DELETE destroy' do
- let(:sub_group) { create(:group, parent: group) }
- let!(:member) { create(:group_member, :developer, group: group) }
- let!(:sub_member) { create(:group_member, :developer, group: sub_group, user: member.user) }
+ let_it_be(:sub_group) { create(:group, parent: group) }
+ let_it_be(:member) { create(:group_member, :developer, group: group) }
+ let_it_be(:sub_member) { create(:group_member, :developer, group: sub_group, user: member.user) }
before do
sign_in(user)
@@ -330,7 +350,7 @@ RSpec.describe Groups::GroupMembersController do
it '[HTML] removes user from members' do
delete :destroy, params: { group_id: group, id: member }
- expect(response).to set_flash.to 'User was successfully removed from group.'
+ expect(controller).to set_flash.to 'User was successfully removed from group.'
expect(response).to redirect_to(group_group_members_path(group))
expect(group.members).not_to include member
expect(sub_group.members).to include sub_member
@@ -339,7 +359,7 @@ RSpec.describe Groups::GroupMembersController do
it '[HTML] removes user from members including subgroups and projects' do
delete :destroy, params: { group_id: group, id: member, remove_sub_memberships: true }
- expect(response).to set_flash.to 'User was successfully removed from group and any subgroups and projects.'
+ expect(controller).to set_flash.to 'User was successfully removed from group and any subgroups and projects.'
expect(response).to redirect_to(group_group_members_path(group))
expect(group.members).not_to include member
expect(sub_group.members).not_to include sub_member
@@ -377,7 +397,7 @@ RSpec.describe Groups::GroupMembersController do
it 'removes user from members' do
delete :leave, params: { group_id: group }
- expect(response).to set_flash.to "You left the \"#{group.name}\" group."
+ expect(controller).to set_flash.to "You left the \"#{group.name}\" group."
expect(response).to redirect_to(dashboard_groups_path)
expect(group.users).not_to include user
end
@@ -403,6 +423,8 @@ RSpec.describe Groups::GroupMembersController do
end
context 'and is a requester' do
+ let(:group) { create(:group, :public) }
+
before do
group.request_access(user)
end
@@ -410,7 +432,7 @@ RSpec.describe Groups::GroupMembersController do
it 'removes user from members' do
delete :leave, params: { group_id: group }
- expect(response).to set_flash.to 'Your access request to the group has been withdrawn.'
+ expect(controller).to set_flash.to 'Your access request to the group has been withdrawn.'
expect(response).to redirect_to(group_path(group))
expect(group.requesters).to be_empty
expect(group.users).not_to include user
@@ -427,7 +449,7 @@ RSpec.describe Groups::GroupMembersController do
it 'creates a new GroupMember that is not a team member' do
post :request_access, params: { group_id: group }
- expect(response).to set_flash.to 'Your request for access has been queued for review.'
+ expect(controller).to set_flash.to 'Your request for access has been queued for review.'
expect(response).to redirect_to(group_path(group))
expect(group.requesters.exists?(user_id: user)).to be_truthy
expect(group.users).not_to include user
@@ -435,7 +457,7 @@ RSpec.describe Groups::GroupMembersController do
end
describe 'POST approve_access_request' do
- let(:member) { create(:group_member, :access_request, group: group) }
+ let_it_be(:member) { create(:group_member, :access_request, group: group) }
before do
sign_in(user)
@@ -479,6 +501,8 @@ RSpec.describe Groups::GroupMembersController do
end
context 'with external authorization enabled' do
+ let_it_be(:membership) { create(:group_member, group: group) }
+
before do
enable_external_authorization_service_check
group.add_owner(user)
View Lorry Controller Status