6 files changed, 132 insertions, 2 deletions

diff --git a/spec/controllers/projects/notes_controller_spec.rb b/spec/controllers/projects/notes_controller_spec.rb
index 6ffe41b8608..26429b57bd5 100644
--- a/spec/controllers/projects/notes_controller_spec.rb
+++ b/spec/controllers/projects/notes_controller_spec.rb
@@ -232,6 +232,47 @@ describe Projects::NotesController do
         end
       end
     end
+
+    context 'when the merge request discussion is locked' do
+      before do
+        project.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PUBLIC)
+        merge_request.update_attribute(:discussion_locked, true)
+      end
+
+      context 'when a user is a team member' do
+        it 'returns 302 status for html' do
+          post :create, request_params
+
+          expect(response).to have_http_status(302)
+        end
+
+        it 'returns 200 status for json' do
+          post :create, request_params.merge(format: :json)
+
+          expect(response).to have_http_status(200)
+        end
+
+        it 'creates a new note' do
+          expect{ post :create, request_params }.to change { Note.count }.by(1)
+        end
+      end
+
+      context 'when a user is not a team member' do
+        before do
+          project.project_member(user).destroy
+        end
+
+        it 'returns 404 status' do
+          post :create, request_params
+
+          expect(response).to have_http_status(404)
+        end
+
+        it 'does not create a new note' do
+          expect{ post :create, request_params }.not_to change { Note.count }
+        end
+      end
+    end
   end
 
   describe 'DELETE destroy' do
diff --git a/spec/lib/gitlab/import_export/safe_model_attributes.yml b/spec/lib/gitlab/import_export/safe_model_attributes.yml
index 899d17d97c2..763ab029051 100644
--- a/spec/lib/gitlab/import_export/safe_model_attributes.yml
+++ b/spec/lib/gitlab/import_export/safe_model_attributes.yml
@@ -25,6 +25,7 @@ Issue:
 - relative_position
 - last_edited_at
 - last_edited_by_id
+- discussion_locked
 Event:
 - id
 - target_type
@@ -168,6 +169,7 @@ MergeRequest:
 - last_edited_at
 - last_edited_by_id
 - head_pipeline_id
+- discussion_locked
 MergeRequestDiff:
 - id
 - state
diff --git a/spec/policies/issuable_policy_spec.rb b/spec/policies/issuable_policy_spec.rb
new file mode 100644
index 00000000000..9b399d764ea
--- /dev/null
+++ b/spec/policies/issuable_policy_spec.rb
@@ -0,0 +1,28 @@
+require 'spec_helper'
+
+describe IssuablePolicy, models: true do
+  describe '#rules' do
+    context 'when discussion is locked for the issuable' do
+      let(:user) { create(:user) }
+      let(:project) { create(:project, :public) }
+      let(:issue) { create(:issue, project: project, discussion_locked: true) }
+      let(:policies) { described_class.new(user, issue) }
+
+      context 'when the user is not a project member' do
+        it 'can not create a note' do
+          expect(policies).to be_disallowed(:create_note)
+        end
+      end
+
+      context 'when the user is a project member' do
+        before do
+          project.team << [user, :guest]
+        end
+
+        it 'can create a note' do
+          expect(policies).to be_allowed(:create_note)
+        end
+      end
+    end
+  end
+end
diff --git a/spec/policies/note_policy_spec.rb b/spec/policies/note_policy_spec.rb
new file mode 100644
index 00000000000..70a99ed0198
--- /dev/null
+++ b/spec/policies/note_policy_spec.rb
@@ -0,0 +1,54 @@
+require 'spec_helper'
+
+describe NotePolicy, mdoels: true do
+  describe '#rules' do
+    let(:user) { create(:user) }
+    let(:project) { create(:project, :public) }
+    let(:issue) { create(:issue, project: project) }
+    let(:note) { create(:note, noteable: issue, author: user, project: project) }
+
+    let(:policies) { described_class.new(user, note) }
+
+    context 'when the project is public' do
+      context 'when the note author is not a project member' do
+        it 'can edit a note' do
+          expect(policies).to be_allowed(:update_note)
+          expect(policies).to be_allowed(:admin_note)
+          expect(policies).to be_allowed(:resolve_note)
+          expect(policies).to be_allowed(:read_note)
+        end
+      end
+
+      context 'when a discussion is locked' do
+        before do
+          issue.update_attribute(:discussion_locked, true)
+        end
+
+        context 'when the note author is a project member' do
+          before do
+            project.add_developer(user)
+          end
+
+          it 'can eddit a note' do
+            expect(policies).to be_allowed(:update_note)
+            expect(policies).to be_allowed(:admin_note)
+            expect(policies).to be_allowed(:resolve_note)
+            expect(policies).to be_allowed(:read_note)
+          end
+        end
+
+        context 'when the note author is not a project member' do
+          it 'can not edit a note' do
+            expect(policies).to be_disallowed(:update_note)
+            expect(policies).to be_disallowed(:admin_note)
+            expect(policies).to be_disallowed(:resolve_note)
+          end
+
+          it 'can read a note' do
+            expect(policies).to be_allowed(:read_note)
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/spec/services/issues/update_service_spec.rb b/spec/services/issues/update_service_spec.rb
index 15a50b85f19..0ed4c2152bb 100644
--- a/spec/services/issues/update_service_spec.rb
+++ b/spec/services/issues/update_service_spec.rb
@@ -48,7 +48,8 @@ describe Issues::UpdateService, :mailer do
           assignee_ids: [user2.id],
           state_event: 'close',
           label_ids: [label.id],
-          due_date: Date.tomorrow
+          due_date: Date.tomorrow,
+          discussion_locked: true
         }
       end
 
@@ -62,6 +63,7 @@ describe Issues::UpdateService, :mailer do
         expect(issue).to be_closed
         expect(issue.labels).to match_array [label]
         expect(issue.due_date).to eq Date.tomorrow
+        expect(issue.discussion_locked).to be_truthy
       end
 
       it 'updates open issue counter for assignees when issue is reassigned' do
@@ -103,6 +105,7 @@ describe Issues::UpdateService, :mailer do
           expect(issue.labels).to be_empty
           expect(issue.milestone).to be_nil
           expect(issue.due_date).to be_nil
+          expect(issue.discussion_locked).to be_falsey
         end
       end
 
diff --git a/spec/services/merge_requests/update_service_spec.rb b/spec/services/merge_requests/update_service_spec.rb
index 681feee61d1..a07b7ac2218 100644
--- a/spec/services/merge_requests/update_service_spec.rb
+++ b/spec/services/merge_requests/update_service_spec.rb
@@ -49,7 +49,8 @@ describe MergeRequests::UpdateService, :mailer do
           state_event: 'close',
           label_ids: [label.id],
           target_branch: 'target',
-          force_remove_source_branch: '1'
+          force_remove_source_branch: '1',
+          discussion_locked: true
         }
       end
 
@@ -73,6 +74,7 @@ describe MergeRequests::UpdateService, :mailer do
         expect(@merge_request.labels.first.title).to eq(label.name)
         expect(@merge_request.target_branch).to eq('target')
         expect(@merge_request.merge_params['force_remove_source_branch']).to eq('1')
+        expect(@merge_request.discussion_locked).to be_truthy
       end
 
       it 'executes hooks with update action' do