diff options
Diffstat (limited to 'spec/lib/gitlab/background_migration/recalculate_project_authorizations_spec.rb')
-rw-r--r-- | spec/lib/gitlab/background_migration/recalculate_project_authorizations_spec.rb | 241 |
1 files changed, 0 insertions, 241 deletions
diff --git a/spec/lib/gitlab/background_migration/recalculate_project_authorizations_spec.rb b/spec/lib/gitlab/background_migration/recalculate_project_authorizations_spec.rb deleted file mode 100644 index 1c55b50ea3f..00000000000 --- a/spec/lib/gitlab/background_migration/recalculate_project_authorizations_spec.rb +++ /dev/null @@ -1,241 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -RSpec.describe Gitlab::BackgroundMigration::RecalculateProjectAuthorizations, schema: 20200204113223 do - let(:users_table) { table(:users) } - let(:namespaces_table) { table(:namespaces) } - let(:projects_table) { table(:projects) } - let(:project_authorizations_table) { table(:project_authorizations) } - let(:members_table) { table(:members) } - let(:group_group_links) { table(:group_group_links) } - let(:project_group_links) { table(:project_group_links) } - - let(:user) { users_table.create!(id: 1, email: 'user@example.com', projects_limit: 10) } - let(:group) { namespaces_table.create!(type: 'Group', name: 'group', path: 'group') } - - subject { described_class.new.perform([user.id]) } - - context 'missing authorization' do - context 'personal project' do - before do - user_namespace = namespaces_table.create!(owner_id: user.id, name: 'User', path: 'user') - projects_table.create!(id: 1, - name: 'personal-project', - path: 'personal-project', - visibility_level: 0, - namespace_id: user_namespace.id) - end - - it 'creates correct authorization' do - expect { subject }.to change { project_authorizations_table.count }.from(0).to(1) - expect(project_authorizations_table.all).to( - match_array([have_attributes(user_id: 1, project_id: 1, access_level: 40)])) - end - end - - context 'group membership' do - before do - projects_table.create!(id: 1, name: 'group-project', path: 'group-project', - visibility_level: 0, namespace_id: group.id) - members_table.create!(user_id: user.id, source_id: group.id, source_type: 'Namespace', - type: 'GroupMember', access_level: 20, notification_level: 3) - end - - it 'creates correct authorization' do - expect { subject }.to change { project_authorizations_table.count }.from(0).to(1) - expect(project_authorizations_table.all).to( - match_array([have_attributes(user_id: 1, project_id: 1, access_level: 20)])) - end - end - - context 'inherited group membership' do - before do - sub_group = namespaces_table.create!(type: 'Group', name: 'subgroup', - path: 'subgroup', parent_id: group.id) - projects_table.create!(id: 1, name: 'group-project', path: 'group-project', - visibility_level: 0, namespace_id: sub_group.id) - members_table.create!(user_id: user.id, source_id: group.id, source_type: 'Namespace', - type: 'GroupMember', access_level: 20, notification_level: 3) - end - - it 'creates correct authorization' do - expect { subject }.to change { project_authorizations_table.count }.from(0).to(1) - expect(project_authorizations_table.all).to( - match_array([have_attributes(user_id: 1, project_id: 1, access_level: 20)])) - end - end - - context 'project membership' do - before do - project = projects_table.create!(id: 1, name: 'group-project', path: 'group-project', - visibility_level: 0, namespace_id: group.id) - members_table.create!(user_id: user.id, source_id: project.id, source_type: 'Project', - type: 'ProjectMember', access_level: 20, notification_level: 3) - end - - it 'creates correct authorization' do - expect { subject }.to change { project_authorizations_table.count }.from(0).to(1) - expect(project_authorizations_table.all).to( - match_array([have_attributes(user_id: 1, project_id: 1, access_level: 20)])) - end - end - - context 'shared group' do - before do - members_table.create!(user_id: user.id, source_id: group.id, source_type: 'Namespace', - type: 'GroupMember', access_level: 30, notification_level: 3) - - shared_group = namespaces_table.create!(type: 'Group', name: 'shared group', - path: 'shared-group') - projects_table.create!(id: 1, name: 'project', path: 'project', visibility_level: 0, - namespace_id: shared_group.id) - - group_group_links.create!(shared_group_id: shared_group.id, shared_with_group_id: group.id, - group_access: 20) - end - - it 'creates correct authorization' do - expect { subject }.to change { project_authorizations_table.count }.from(0).to(1) - expect(project_authorizations_table.all).to( - match_array([have_attributes(user_id: 1, project_id: 1, access_level: 20)])) - end - end - - context 'shared project' do - before do - members_table.create!(user_id: user.id, source_id: group.id, source_type: 'Namespace', - type: 'GroupMember', access_level: 30, notification_level: 3) - - another_group = namespaces_table.create!(type: 'Group', name: 'another group', path: 'another-group') - shared_project = projects_table.create!(id: 1, name: 'shared project', path: 'shared-project', - visibility_level: 0, namespace_id: another_group.id) - - project_group_links.create!(project_id: shared_project.id, group_id: group.id, group_access: 20) - end - - it 'creates correct authorization' do - expect { subject }.to change { project_authorizations_table.count }.from(0).to(1) - expect(project_authorizations_table.all).to( - match_array([have_attributes(user_id: 1, project_id: 1, access_level: 20)])) - end - end - end - - context 'unapproved access requests' do - context 'group membership' do - before do - projects_table.create!(id: 1, name: 'group-project', path: 'group-project', - visibility_level: 0, namespace_id: group.id) - members_table.create!(user_id: user.id, source_id: group.id, source_type: 'Namespace', - type: 'GroupMember', access_level: 20, requested_at: Time.now, notification_level: 3) - end - - it 'does not create authorization' do - expect { subject }.not_to change { project_authorizations_table.count }.from(0) - end - end - - context 'inherited group membership' do - before do - sub_group = namespaces_table.create!(type: 'Group', name: 'subgroup', path: 'subgroup', - parent_id: group.id) - projects_table.create!(id: 1, name: 'group-project', path: 'group-project', - visibility_level: 0, namespace_id: sub_group.id) - members_table.create!(user_id: user.id, source_id: group.id, source_type: 'Namespace', - type: 'GroupMember', access_level: 20, requested_at: Time.now, notification_level: 3) - end - - it 'does not create authorization' do - expect { subject }.not_to change { project_authorizations_table.count }.from(0) - end - end - - context 'project membership' do - before do - project = projects_table.create!(id: 1, name: 'group-project', path: 'group-project', - visibility_level: 0, namespace_id: group.id) - members_table.create!(user_id: user.id, source_id: project.id, source_type: 'Project', - type: 'ProjectMember', access_level: 20, requested_at: Time.now, notification_level: 3) - end - - it 'does not create authorization' do - expect { subject }.not_to change { project_authorizations_table.count }.from(0) - end - end - - context 'shared group' do - before do - members_table.create!(user_id: user.id, source_id: group.id, source_type: 'Namespace', - type: 'GroupMember', access_level: 30, requested_at: Time.now, notification_level: 3) - - shared_group = namespaces_table.create!(type: 'Group', name: 'shared group', - path: 'shared-group') - projects_table.create!(id: 1, name: 'project', path: 'project', visibility_level: 0, - namespace_id: shared_group.id) - - group_group_links.create!(shared_group_id: shared_group.id, shared_with_group_id: group.id, - group_access: 20) - end - - it 'does not create authorization' do - expect { subject }.not_to change { project_authorizations_table.count }.from(0) - end - end - - context 'shared project' do - before do - members_table.create!(user_id: user.id, source_id: group.id, source_type: 'Namespace', - type: 'GroupMember', access_level: 30, requested_at: Time.now, notification_level: 3) - - another_group = namespaces_table.create!(type: 'Group', name: 'another group', path: 'another-group') - shared_project = projects_table.create!(id: 1, name: 'shared project', path: 'shared-project', - visibility_level: 0, namespace_id: another_group.id) - - project_group_links.create!(project_id: shared_project.id, group_id: group.id, group_access: 20) - end - - it 'does not create authorization' do - expect { subject }.not_to change { project_authorizations_table.count }.from(0) - end - end - end - - context 'incorrect authorization' do - before do - project = projects_table.create!(id: 1, name: 'group-project', path: 'group-project', - visibility_level: 0, namespace_id: group.id) - members_table.create!(user_id: user.id, source_id: group.id, source_type: 'Namespace', - type: 'GroupMember', access_level: 30, notification_level: 3) - - project_authorizations_table.create!(user_id: user.id, project_id: project.id, - access_level: 10) - end - - it 'fixes authorization' do - expect { subject }.not_to change { project_authorizations_table.count }.from(1) - expect(project_authorizations_table.all).to( - match_array([have_attributes(user_id: 1, project_id: 1, access_level: 30)])) - end - end - - context 'unwanted authorization' do - before do - project = projects_table.create!(name: 'group-project', path: 'group-project', - visibility_level: 0, namespace_id: group.id) - - project_authorizations_table.create!(user_id: user.id, project_id: project.id, - access_level: 10) - end - - it 'deletes authorization' do - expect { subject }.to change { project_authorizations_table.count }.from(1).to(0) - end - end - - context 'deleted user' do - it 'does not fail' do - expect { described_class.new.perform([non_existing_record_id]) }.not_to raise_error - end - end -end |