diff options
Diffstat (limited to 'spec/requests/api/projects_spec.rb')
-rw-r--r-- | spec/requests/api/projects_spec.rb | 34 |
1 files changed, 32 insertions, 2 deletions
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb index 02df82d14a8..fc1d815a64e 100644 --- a/spec/requests/api/projects_spec.rb +++ b/spec/requests/api/projects_spec.rb @@ -1077,6 +1077,7 @@ RSpec.describe API::Projects do attrs[:operations_access_level] = 'disabled' attrs[:analytics_access_level] = 'disabled' attrs[:container_registry_access_level] = 'private' + attrs[:security_and_compliance_access_level] = 'private' end post api('/projects', user), params: project @@ -1100,6 +1101,7 @@ RSpec.describe API::Projects do expect(project.operations_access_level).to eq(ProjectFeature::DISABLED) expect(project.project_feature.analytics_access_level).to eq(ProjectFeature::DISABLED) expect(project.project_feature.container_registry_access_level).to eq(ProjectFeature::PRIVATE) + expect(project.project_feature.security_and_compliance_access_level).to eq(ProjectFeature::PRIVATE) end it 'assigns container_registry_enabled to project', :aggregate_failures do @@ -2227,6 +2229,7 @@ RSpec.describe API::Projects do expect(json_response['restrict_user_defined_variables']).to eq(project.restrict_user_defined_variables?) expect(json_response['only_allow_merge_if_all_discussions_are_resolved']).to eq(project.only_allow_merge_if_all_discussions_are_resolved) expect(json_response['operations_access_level']).to be_present + expect(json_response['security_and_compliance_access_level']).to be_present end it 'exposes all necessary attributes' do @@ -2295,6 +2298,7 @@ RSpec.describe API::Projects do expect(json_response['wiki_access_level']).to be_present expect(json_response['builds_access_level']).to be_present expect(json_response['operations_access_level']).to be_present + expect(json_response['security_and_compliance_access_level']).to be_present expect(json_response).to have_key('emails_disabled') expect(json_response['resolve_outdated_diff_discussions']).to eq(project.resolve_outdated_diff_discussions) expect(json_response['remove_source_branch_after_merge']).to be_truthy @@ -2542,9 +2546,11 @@ RSpec.describe API::Projects do get api("/projects", user) expect(response).to have_gitlab_http_status(:ok) - expect(json_response.first['permissions']['project_access']['access_level']) + detail_of_project = json_response.find { |detail| detail['id'] == project.id } + + expect(detail_of_project.dig('permissions', 'project_access', 'access_level')) .to eq(Gitlab::Access::MAINTAINER) - expect(json_response.first['permissions']['group_access']).to be_nil + expect(detail_of_project.dig('permissions', 'group_access')).to be_nil end end @@ -3220,6 +3226,30 @@ RSpec.describe API::Projects do expect(project.reload.container_registry_access_level).to eq(ProjectFeature::ENABLED) end + it 'sets security_and_compliance_access_level', :aggregate_failures do + put api("/projects/#{project.id}", user), params: { security_and_compliance_access_level: 'private' } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response['security_and_compliance_access_level']).to eq('private') + expect(Project.find_by(path: project[:path]).security_and_compliance_access_level).to eq(ProjectFeature::PRIVATE) + end + + it 'sets operations_access_level', :aggregate_failures do + put api("/projects/#{project.id}", user), params: { operations_access_level: 'private' } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response['operations_access_level']).to eq('private') + expect(Project.find_by(path: project[:path]).operations_access_level).to eq(ProjectFeature::PRIVATE) + end + + it 'sets analytics_access_level', :aggregate_failures do + put api("/projects/#{project.id}", user), params: { analytics_access_level: 'private' } + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response['analytics_access_level']).to eq('private') + expect(Project.find_by(path: project[:path]).analytics_access_level).to eq(ProjectFeature::PRIVATE) + end + it 'returns 400 when nothing sent' do project_param = {} |