1 files changed, 22 insertions, 1 deletions

diff --git a/spec/models/members/member_role_spec.rb b/spec/models/members/member_role_spec.rb
index f9d6757bb90..b118a3c0968 100644
--- a/spec/models/members/member_role_spec.rb
+++ b/spec/models/members/member_role_spec.rb
@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-RSpec.describe MemberRole do
+RSpec.describe MemberRole, feature_category: :authentication_and_authorization do
   describe 'associations' do
     it { is_expected.to belong_to(:namespace) }
     it { is_expected.to have_many(:members) }
@@ -14,6 +14,27 @@ RSpec.describe MemberRole do
     it { is_expected.to validate_presence_of(:namespace) }
     it { is_expected.to validate_presence_of(:base_access_level) }
 
+    context 'for attributes_locked_after_member_associated' do
+      context 'when assigned to member' do
+        it 'cannot be changed' do
+          member_role.save!
+          member_role.members << create(:project_member)
+
+          expect(member_role).not_to be_valid
+          expect(member_role.errors.messages[:base]).to include(
+            s_("MemberRole|cannot be changed because it is already assigned to a user. "\
+              "Please create a new Member Role instead")
+          )
+        end
+      end
+
+      context 'when not assigned to member' do
+        it 'can be changed' do
+          expect(member_role).to be_valid
+        end
+      end
+    end
+
     context 'when for namespace' do
       let_it_be(:root_group) { create(:group) }