summaryrefslogtreecommitdiff
path: root/spec/controllers/projects/group_links_controller_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/controllers/projects/group_links_controller_spec.rb')
-rw-r--r--spec/controllers/projects/group_links_controller_spec.rb77
1 files changed, 76 insertions, 1 deletions
diff --git a/spec/controllers/projects/group_links_controller_spec.rb b/spec/controllers/projects/group_links_controller_spec.rb
index 96705d82ac5..a5c00d24e30 100644
--- a/spec/controllers/projects/group_links_controller_spec.rb
+++ b/spec/controllers/projects/group_links_controller_spec.rb
@@ -2,7 +2,7 @@
require 'spec_helper'
-RSpec.describe Projects::GroupLinksController do
+RSpec.describe Projects::GroupLinksController, feature_category: :authentication_and_authorization do
let_it_be(:group) { create(:group, :private) }
let_it_be(:group2) { create(:group, :private) }
let_it_be(:project) { create(:project, :private, group: group2) }
@@ -60,4 +60,79 @@ RSpec.describe Projects::GroupLinksController do
end
end
end
+
+ describe '#destroy' do
+ let(:group_owner) { create(:user) }
+
+ let(:link) do
+ create(:project_group_link, project: project, group: group, group_access: Gitlab::Access::DEVELOPER)
+ end
+
+ subject(:destroy_link) do
+ post(:destroy, params: { namespace_id: project.namespace.to_param,
+ project_id: project.to_param,
+ id: link.id })
+ end
+
+ shared_examples 'success response' do
+ it 'deletes the project group link' do
+ destroy_link
+
+ expect(response).to redirect_to(project_project_members_path(project))
+ expect(response).to have_gitlab_http_status(:found)
+ end
+ end
+
+ context 'when user is group owner' do
+ before do
+ link.group.add_owner(group_owner)
+ sign_in(group_owner)
+ end
+
+ context 'when user is not project maintainer' do
+ it 'deletes the project group link and redirects to group show page' do
+ destroy_link
+
+ expect(response).to redirect_to(group_path(group))
+ expect(response).to have_gitlab_http_status(:found)
+ end
+ end
+
+ context 'when user is a project maintainer' do
+ before do
+ project.add_maintainer(group_owner)
+ end
+
+ it 'deletes the project group link and redirects to group show page' do
+ destroy_link
+
+ expect(response).to redirect_to(group_path(group))
+ expect(response).to have_gitlab_http_status(:found)
+ end
+ end
+ end
+
+ context 'when user is not a group owner' do
+ context 'when user is a project maintainer' do
+ before do
+ sign_in(user)
+ end
+
+ it_behaves_like 'success response'
+ end
+
+ context 'when user is not a project maintainer' do
+ before do
+ project.add_developer(user)
+ sign_in(user)
+ end
+
+ it 'renders 404' do
+ destroy_link
+
+ expect(response).to have_gitlab_http_status(:not_found)
+ end
+ end
+ end
+ end
end
View Lorry Controller Status