diff options
Diffstat (limited to 'spec/controllers/groups/group_members_controller_spec.rb')
-rw-r--r-- | spec/controllers/groups/group_members_controller_spec.rb | 66 |
1 files changed, 45 insertions, 21 deletions
diff --git a/spec/controllers/groups/group_members_controller_spec.rb b/spec/controllers/groups/group_members_controller_spec.rb index 19655687028..b666f73110a 100644 --- a/spec/controllers/groups/group_members_controller_spec.rb +++ b/spec/controllers/groups/group_members_controller_spec.rb @@ -5,9 +5,8 @@ require 'spec_helper' RSpec.describe Groups::GroupMembersController do include ExternalAuthorizationServiceHelpers - let(:user) { create(:user) } - let(:group) { create(:group, :public) } - let(:membership) { create(:group_member, group: group) } + let_it_be(:user) { create(:user) } + let_it_be(:group, reload: true) { create(:group, :public) } before do travel_to DateTime.new(2019, 4, 1) @@ -25,14 +24,22 @@ RSpec.describe Groups::GroupMembersController do expect(response).to render_template(:index) end - context 'user with owner access' do - let!(:invited) { create_list(:group_member, 3, :invited, group: group) } + context 'when user can manage members' do + let_it_be(:invited) { create_list(:group_member, 3, :invited, group: group) } before do group.add_owner(user) sign_in(user) end + it 'assigns max_access_for_group' do + allow(controller).to receive(:current_user).and_return(user) + + get :index, params: { group_id: group } + + expect(user.max_access_for_group[group.id]).to eq(Gitlab::Access::OWNER) + end + it 'assigns invited members' do get :index, params: { group_id: group } @@ -64,9 +71,22 @@ RSpec.describe Groups::GroupMembersController do end end + context 'when user cannot manage members' do + before do + sign_in(user) + end + + it 'does not assign invited members or skip_groups', :aggregate_failures do + get :index, params: { group_id: group } + + expect(assigns(:invited_members)).to be_nil + expect(assigns(:skip_groups)).to be_nil + end + end + context 'when user has owner access to subgroup' do - let(:nested_group) { create(:group, parent: group) } - let(:nested_group_user) { create(:user) } + let_it_be(:nested_group) { create(:group, parent: group) } + let_it_be(:nested_group_user) { create(:user) } before do group.add_owner(user) @@ -95,7 +115,7 @@ RSpec.describe Groups::GroupMembersController do end describe 'POST create' do - let(:group_user) { create(:user) } + let_it_be(:group_user) { create(:user) } before do sign_in(user) @@ -130,7 +150,7 @@ RSpec.describe Groups::GroupMembersController do access_level: Gitlab::Access::GUEST } - expect(response).to set_flash.to 'Users were successfully added.' + expect(controller).to set_flash.to 'Users were successfully added.' expect(response).to redirect_to(group_group_members_path(group)) expect(group.users).to include group_user end @@ -142,7 +162,7 @@ RSpec.describe Groups::GroupMembersController do access_level: Gitlab::Access::GUEST } - expect(response).to set_flash.to 'No users specified.' + expect(controller).to set_flash.to 'No users specified.' expect(response).to redirect_to(group_group_members_path(group)) expect(group.users).not_to include group_user end @@ -180,7 +200,7 @@ RSpec.describe Groups::GroupMembersController do it 'adds user to members' do subject - expect(response).to set_flash.to 'Users were successfully added.' + expect(controller).to set_flash.to 'Users were successfully added.' expect(response).to redirect_to(group_group_members_path(group)) expect(group.users).to include group_user end @@ -189,7 +209,7 @@ RSpec.describe Groups::GroupMembersController do end describe 'PUT update' do - let(:requester) { create(:group_member, :access_request, group: group) } + let_it_be(:requester) { create(:group_member, :access_request, group: group) } before do group.add_owner(user) @@ -292,9 +312,9 @@ RSpec.describe Groups::GroupMembersController do end describe 'DELETE destroy' do - let(:sub_group) { create(:group, parent: group) } - let!(:member) { create(:group_member, :developer, group: group) } - let!(:sub_member) { create(:group_member, :developer, group: sub_group, user: member.user) } + let_it_be(:sub_group) { create(:group, parent: group) } + let_it_be(:member) { create(:group_member, :developer, group: group) } + let_it_be(:sub_member) { create(:group_member, :developer, group: sub_group, user: member.user) } before do sign_in(user) @@ -330,7 +350,7 @@ RSpec.describe Groups::GroupMembersController do it '[HTML] removes user from members' do delete :destroy, params: { group_id: group, id: member } - expect(response).to set_flash.to 'User was successfully removed from group.' + expect(controller).to set_flash.to 'User was successfully removed from group.' expect(response).to redirect_to(group_group_members_path(group)) expect(group.members).not_to include member expect(sub_group.members).to include sub_member @@ -339,7 +359,7 @@ RSpec.describe Groups::GroupMembersController do it '[HTML] removes user from members including subgroups and projects' do delete :destroy, params: { group_id: group, id: member, remove_sub_memberships: true } - expect(response).to set_flash.to 'User was successfully removed from group and any subgroups and projects.' + expect(controller).to set_flash.to 'User was successfully removed from group and any subgroups and projects.' expect(response).to redirect_to(group_group_members_path(group)) expect(group.members).not_to include member expect(sub_group.members).not_to include sub_member @@ -377,7 +397,7 @@ RSpec.describe Groups::GroupMembersController do it 'removes user from members' do delete :leave, params: { group_id: group } - expect(response).to set_flash.to "You left the \"#{group.name}\" group." + expect(controller).to set_flash.to "You left the \"#{group.name}\" group." expect(response).to redirect_to(dashboard_groups_path) expect(group.users).not_to include user end @@ -403,6 +423,8 @@ RSpec.describe Groups::GroupMembersController do end context 'and is a requester' do + let(:group) { create(:group, :public) } + before do group.request_access(user) end @@ -410,7 +432,7 @@ RSpec.describe Groups::GroupMembersController do it 'removes user from members' do delete :leave, params: { group_id: group } - expect(response).to set_flash.to 'Your access request to the group has been withdrawn.' + expect(controller).to set_flash.to 'Your access request to the group has been withdrawn.' expect(response).to redirect_to(group_path(group)) expect(group.requesters).to be_empty expect(group.users).not_to include user @@ -427,7 +449,7 @@ RSpec.describe Groups::GroupMembersController do it 'creates a new GroupMember that is not a team member' do post :request_access, params: { group_id: group } - expect(response).to set_flash.to 'Your request for access has been queued for review.' + expect(controller).to set_flash.to 'Your request for access has been queued for review.' expect(response).to redirect_to(group_path(group)) expect(group.requesters.exists?(user_id: user)).to be_truthy expect(group.users).not_to include user @@ -435,7 +457,7 @@ RSpec.describe Groups::GroupMembersController do end describe 'POST approve_access_request' do - let(:member) { create(:group_member, :access_request, group: group) } + let_it_be(:member) { create(:group_member, :access_request, group: group) } before do sign_in(user) @@ -479,6 +501,8 @@ RSpec.describe Groups::GroupMembersController do end context 'with external authorization enabled' do + let_it_be(:membership) { create(:group_member, group: group) } + before do enable_external_authorization_service_check group.add_owner(user) |