diff options
Diffstat (limited to 'spec/services/users/destroy_service_spec.rb')
| -rw-r--r-- | spec/services/users/destroy_service_spec.rb | 88 |
1 files changed, 49 insertions, 39 deletions
diff --git a/spec/services/users/destroy_service_spec.rb b/spec/services/users/destroy_service_spec.rb index 6de685dd89a..76b84e3b4ab 100644 --- a/spec/services/users/destroy_service_spec.rb +++ b/spec/services/users/destroy_service_spec.rb @@ -3,14 +3,14 @@ require 'spec_helper' RSpec.describe Users::DestroyService do - describe "Deletes a user and all their personal projects" do - let!(:user) { create(:user) } - let!(:admin) { create(:admin) } - let!(:namespace) { user.namespace } - let!(:project) { create(:project, namespace: namespace) } - let(:service) { described_class.new(admin) } - let(:gitlab_shell) { Gitlab::Shell.new } - + let!(:user) { create(:user) } + let!(:admin) { create(:admin) } + let!(:namespace) { user.namespace } + let!(:project) { create(:project, namespace: namespace) } + let(:service) { described_class.new(admin) } + let(:gitlab_shell) { Gitlab::Shell.new } + + describe "Deletes a user and all their personal projects", :enable_admin_mode do context 'no options are given' do it 'deletes the user' do user_data = service.execute(user) @@ -108,7 +108,7 @@ RSpec.describe Users::DestroyService do context 'projects in pending_delete' do before do project.pending_delete = true - project.save + project.save! end it 'destroys a project in pending_delete' do @@ -215,35 +215,6 @@ RSpec.describe Users::DestroyService do end end - context "deletion permission checks" do - it 'does not delete the user when user is not an admin' do - other_user = create(:user) - - expect { described_class.new(other_user).execute(user) }.to raise_error(Gitlab::Access::AccessDeniedError) - expect(User.exists?(user.id)).to be(true) - end - - it 'allows admins to delete anyone' do - described_class.new(admin).execute(user) - - expect(User.exists?(user.id)).to be(false) - end - - it 'allows users to delete their own account' do - described_class.new(user).execute(user) - - expect(User.exists?(user.id)).to be(false) - end - - it 'allows user to be deleted if skip_authorization: true' do - other_user = create(:user) - - described_class.new(user).execute(other_user, skip_authorization: true) - - expect(User.exists?(other_user.id)).to be(false) - end - end - context "migrating associated records" do let!(:issue) { create(:issue, author: user) } @@ -310,7 +281,7 @@ RSpec.describe Users::DestroyService do it 'of group_members' do group_member = create(:group_member) - group_member.group.group_members.create(user: user, access_level: 40) + group_member.group.group_members.create!(user: user, access_level: 40) expect_any_instance_of(GroupMember).to receive(:run_callbacks).with(:find).once expect_any_instance_of(GroupMember).to receive(:run_callbacks).with(:initialize).once @@ -320,4 +291,43 @@ RSpec.describe Users::DestroyService do end end end + + describe "Deletion permission checks" do + it 'does not delete the user when user is not an admin' do + other_user = create(:user) + + expect { described_class.new(other_user).execute(user) }.to raise_error(Gitlab::Access::AccessDeniedError) + expect(User.exists?(user.id)).to be(true) + end + + context 'when admin mode is enabled', :enable_admin_mode do + it 'allows admins to delete anyone' do + described_class.new(admin).execute(user) + + expect(User.exists?(user.id)).to be(false) + end + end + + context 'when admin mode is disabled' do + it 'disallows admins to delete anyone' do + expect { described_class.new(admin).execute(user) }.to raise_error(Gitlab::Access::AccessDeniedError) + + expect(User.exists?(user.id)).to be(true) + end + end + + it 'allows users to delete their own account' do + described_class.new(user).execute(user) + + expect(User.exists?(user.id)).to be(false) + end + + it 'allows user to be deleted if skip_authorization: true' do + other_user = create(:user) + + described_class.new(user).execute(other_user, skip_authorization: true) + + expect(User.exists?(other_user.id)).to be(false) + end + end end |