summaryrefslogtreecommitdiff
path: root/spec/models/group_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/models/group_spec.rb')
-rw-r--r--spec/models/group_spec.rb168
1 files changed, 81 insertions, 87 deletions
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 576ac880fca..a4e49f88115 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -24,6 +24,8 @@ describe Group do
it { is_expected.to have_many(:cluster_groups).class_name('Clusters::Group') }
it { is_expected.to have_many(:clusters).class_name('Clusters::Cluster') }
it { is_expected.to have_many(:container_repositories) }
+ it { is_expected.to have_many(:milestones) }
+ it { is_expected.to have_many(:iterations) }
describe '#members & #requesters' do
let(:requester) { create(:user) }
@@ -553,114 +555,72 @@ describe Group do
group_access: GroupMember::DEVELOPER })
end
- context 'when feature flag share_group_with_group is enabled' do
- before do
- stub_feature_flags(share_group_with_group: true)
- end
-
- context 'with user in the group' do
- let(:user) { group_user }
-
- it 'returns correct access level' do
- expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::DEVELOPER)
- expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::DEVELOPER)
- end
+ context 'with user in the group' do
+ let(:user) { group_user }
- context 'with lower group access level than max access level for share' do
- let(:user) { create(:user) }
-
- it 'returns correct access level' do
- group.add_reporter(user)
-
- expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::REPORTER)
- expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::REPORTER)
- end
- end
+ it 'returns correct access level' do
+ expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
+ expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::DEVELOPER)
+ expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::DEVELOPER)
end
- context 'with user in the parent group' do
- let(:user) { parent_group_user }
+ context 'with lower group access level than max access level for share' do
+ let(:user) { create(:user) }
it 'returns correct access level' do
- expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- end
- end
-
- context 'with user in the child group' do
- let(:user) { child_group_user }
+ group.add_reporter(user)
- it 'returns correct access level' do
expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
+ expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::REPORTER)
+ expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::REPORTER)
end
end
+ end
- context 'unrelated project owner' do
- let(:common_id) { [Project.maximum(:id).to_i, Namespace.maximum(:id).to_i].max + 999 }
- let!(:group) { create(:group, id: common_id) }
- let!(:unrelated_project) { create(:project, id: common_id) }
- let(:user) { unrelated_project.owner }
+ context 'with user in the parent group' do
+ let(:user) { parent_group_user }
- it 'returns correct access level' do
- expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- end
+ it 'returns correct access level' do
+ expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
+ expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
+ expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
end
+ end
- context 'user without accepted access request' do
- let!(:user) { create(:user) }
-
- before do
- create(:group_member, :developer, :access_request, user: user, group: group)
- end
+ context 'with user in the child group' do
+ let(:user) { child_group_user }
- it 'returns correct access level' do
- expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- end
+ it 'returns correct access level' do
+ expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
+ expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
+ expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
end
end
- context 'when feature flag share_group_with_group is disabled' do
- before do
- stub_feature_flags(share_group_with_group: false)
- end
-
- context 'with user in the group' do
- let(:user) { group_user }
+ context 'unrelated project owner' do
+ let(:common_id) { [Project.maximum(:id).to_i, Namespace.maximum(:id).to_i].max + 999 }
+ let!(:group) { create(:group, id: common_id) }
+ let!(:unrelated_project) { create(:project, id: common_id) }
+ let(:user) { unrelated_project.owner }
- it 'returns correct access level' do
- expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- end
+ it 'returns correct access level' do
+ expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
+ expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
+ expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
end
+ end
- context 'with user in the parent group' do
- let(:user) { parent_group_user }
+ context 'user without accepted access request' do
+ let!(:user) { create(:user) }
- it 'returns correct access level' do
- expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- end
+ before do
+ create(:group_member, :developer, :access_request, user: user, group: group)
end
- context 'with user in the child group' do
- let(:user) { child_group_user }
-
- it 'returns correct access level' do
- expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
- end
+ it 'returns correct access level' do
+ expect(shared_group_parent.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
+ expect(shared_group.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
+ expect(shared_group_child.max_member_access_for_user(user)).to eq(Gitlab::Access::NO_ACCESS)
end
end
end
@@ -672,8 +632,6 @@ describe Group do
let(:shared_group) { create(:group, :private, parent: shared_group_parent) }
before do
- stub_feature_flags(share_group_with_group: true)
-
group.add_owner(user)
create(:group_group_link, { shared_with_group: group,
@@ -701,6 +659,42 @@ describe Group do
end
end
+ describe '#members_from_self_and_ancestors_with_effective_access_level' do
+ let!(:group_parent) { create(:group, :private) }
+ let!(:group) { create(:group, :private, parent: group_parent) }
+ let!(:group_child) { create(:group, :private, parent: group) }
+
+ let!(:user) { create(:user) }
+
+ let(:parent_group_access_level) { Gitlab::Access::REPORTER }
+ let(:group_access_level) { Gitlab::Access::DEVELOPER }
+ let(:child_group_access_level) { Gitlab::Access::MAINTAINER }
+
+ before do
+ create(:group_member, user: user, group: group_parent, access_level: parent_group_access_level)
+ create(:group_member, user: user, group: group, access_level: group_access_level)
+ create(:group_member, user: user, group: group_child, access_level: child_group_access_level)
+ end
+
+ it 'returns effective access level for user' do
+ expect(group_parent.members_from_self_and_ancestors_with_effective_access_level.as_json).to(
+ contain_exactly(
+ hash_including('user_id' => user.id, 'access_level' => parent_group_access_level)
+ )
+ )
+ expect(group.members_from_self_and_ancestors_with_effective_access_level.as_json).to(
+ contain_exactly(
+ hash_including('user_id' => user.id, 'access_level' => group_access_level)
+ )
+ )
+ expect(group_child.members_from_self_and_ancestors_with_effective_access_level.as_json).to(
+ contain_exactly(
+ hash_including('user_id' => user.id, 'access_level' => child_group_access_level)
+ )
+ )
+ end
+ end
+
describe '#direct_and_indirect_members' do
let!(:group) { create(:group, :nested) }
let!(:sub_group) { create(:group, parent: group) }