From 03386633a42bd56b0b0b31b70eebaaaa33e1494e Mon Sep 17 00:00:00 2001 From: Paco Guzman Date: Fri, 5 Aug 2016 15:29:20 +0200 Subject: Move to project dropdown with infinite scroll for better performance Use just SQL to check is a user can admin_issue on a project Tradeoff - we duplicate how we check admin_issue in a SQL relation in the Ability class --- spec/controllers/autocomplete_controller_spec.rb | 292 +++++++++++++++-------- 1 file changed, 188 insertions(+), 104 deletions(-) (limited to 'spec/controllers') diff --git a/spec/controllers/autocomplete_controller_spec.rb b/spec/controllers/autocomplete_controller_spec.rb index ed0b7f9e240..44128a43362 100644 --- a/spec/controllers/autocomplete_controller_spec.rb +++ b/spec/controllers/autocomplete_controller_spec.rb @@ -2,178 +2,262 @@ require 'spec_helper' describe AutocompleteController do let!(:project) { create(:project) } - let!(:user) { create(:user) } - let!(:user2) { create(:user) } - let!(:non_member) { create(:user) } + let!(:user) { create(:user) } - context 'project members' do - before do - sign_in(user) - project.team << [user, :master] - end + context 'users and members' do + let!(:user2) { create(:user) } + let!(:non_member) { create(:user) } - describe 'GET #users with project ID' do + context 'project members' do before do - get(:users, project_id: project.id) + sign_in(user) + project.team << [user, :master] end - let(:body) { JSON.parse(response.body) } + describe 'GET #users with project ID' do + before do + get(:users, project_id: project.id) + end - it { expect(body).to be_kind_of(Array) } - it { expect(body.size).to eq 1 } - it { expect(body.map { |u| u["username"] }).to include(user.username) } - end + let(:body) { JSON.parse(response.body) } - describe 'GET #users with unknown project' do - before do - get(:users, project_id: 'unknown') + it { expect(body).to be_kind_of(Array) } + it { expect(body.size).to eq 1 } + it { expect(body.map { |u| u["username"] }).to include(user.username) } end - it { expect(response).to have_http_status(404) } - end - end - - context 'group members' do - let(:group) { create(:group) } + describe 'GET #users with unknown project' do + before do + get(:users, project_id: 'unknown') + end - before do - sign_in(user) - group.add_owner(user) + it { expect(response).to have_http_status(404) } + end end - let(:body) { JSON.parse(response.body) } + context 'group members' do + let(:group) { create(:group) } - describe 'GET #users with group ID' do before do - get(:users, group_id: group.id) + sign_in(user) + group.add_owner(user) end - it { expect(body).to be_kind_of(Array) } - it { expect(body.size).to eq 1 } - it { expect(body.first["username"]).to eq user.username } + let(:body) { JSON.parse(response.body) } + + describe 'GET #users with group ID' do + before do + get(:users, group_id: group.id) + end + + it { expect(body).to be_kind_of(Array) } + it { expect(body.size).to eq 1 } + it { expect(body.first["username"]).to eq user.username } + end + + describe 'GET #users with unknown group ID' do + before do + get(:users, group_id: 'unknown') + end + + it { expect(response).to have_http_status(404) } + end end - describe 'GET #users with unknown group ID' do + context 'non-member login for public project' do + let!(:project) { create(:project, :public) } + before do - get(:users, group_id: 'unknown') + sign_in(non_member) + project.team << [user, :master] end - it { expect(response).to have_http_status(404) } - end - end + let(:body) { JSON.parse(response.body) } - context 'non-member login for public project' do - let!(:project) { create(:project, :public) } + describe 'GET #users with project ID' do + before do + get(:users, project_id: project.id, current_user: true) + end - before do - sign_in(non_member) - project.team << [user, :master] + it { expect(body).to be_kind_of(Array) } + it { expect(body.size).to eq 2 } + it { expect(body.map { |u| u['username'] }).to match_array([user.username, non_member.username]) } + end end - let(:body) { JSON.parse(response.body) } - - describe 'GET #users with project ID' do + context 'all users' do before do - get(:users, project_id: project.id, current_user: true) + sign_in(user) + get(:users) end + let(:body) { JSON.parse(response.body) } + it { expect(body).to be_kind_of(Array) } - it { expect(body.size).to eq 2 } - it { expect(body.map { |u| u['username'] }).to match_array([user.username, non_member.username]) } + it { expect(body.size).to eq User.count } end - end - context 'all users' do - before do - sign_in(user) - get(:users) - end + context 'unauthenticated user' do + let(:public_project) { create(:project, :public) } + let(:body) { JSON.parse(response.body) } - let(:body) { JSON.parse(response.body) } + describe 'GET #users with public project' do + before do + public_project.team << [user, :guest] + get(:users, project_id: public_project.id) + end - it { expect(body).to be_kind_of(Array) } - it { expect(body.size).to eq User.count } - end + it { expect(body).to be_kind_of(Array) } + it { expect(body.size).to eq 1 } + end - context 'unauthenticated user' do - let(:public_project) { create(:project, :public) } - let(:body) { JSON.parse(response.body) } + describe 'GET #users with project' do + before do + get(:users, project_id: project.id) + end - describe 'GET #users with public project' do - before do - public_project.team << [user, :guest] - get(:users, project_id: public_project.id) + it { expect(response).to have_http_status(404) } end - it { expect(body).to be_kind_of(Array) } - it { expect(body.size).to eq 1 } - end + describe 'GET #users with unknown project' do + before do + get(:users, project_id: 'unknown') + end - describe 'GET #users with project' do - before do - get(:users, project_id: project.id) + it { expect(response).to have_http_status(404) } end - it { expect(response).to have_http_status(404) } - end + describe 'GET #users with inaccessible group' do + before do + project.team << [user, :guest] + get(:users, group_id: user.namespace.id) + end - describe 'GET #users with unknown project' do - before do - get(:users, project_id: 'unknown') + it { expect(response).to have_http_status(404) } end - it { expect(response).to have_http_status(404) } + describe 'GET #users with no project' do + before do + get(:users) + end + + it { expect(body).to be_kind_of(Array) } + it { expect(body.size).to eq 0 } + end end - describe 'GET #users with inaccessible group' do + context 'author of issuable included' do before do - project.team << [user, :guest] - get(:users, group_id: user.namespace.id) + sign_in(user) end - it { expect(response).to have_http_status(404) } - end + let(:body) { JSON.parse(response.body) } - describe 'GET #users with no project' do - before do - get(:users) + it 'includes the author' do + get(:users, author_id: non_member.id) + + expect(body.first["username"]).to eq non_member.username end - it { expect(body).to be_kind_of(Array) } - it { expect(body.size).to eq 0 } + it 'rejects non existent user ids' do + get(:users, author_id: 99999) + + expect(body.collect { |u| u['id'] }).not_to include(99999) + end + end + + context 'skip_users parameter included' do + before { sign_in(user) } + + it 'skips the user IDs passed' do + get(:users, skip_users: [user, user2].map(&:id)) + + other_user_ids = [non_member, project.owner, project.creator].map(&:id) + response_user_ids = JSON.parse(response.body).map { |user| user['id'] } + + expect(response_user_ids).to contain_exactly(*other_user_ids) + end end end - context 'author of issuable included' do + context 'projects' do + let(:authorized_project) { create(:project) } + let(:authorized_search_project) { create(:project, name: 'rugged') } + before do sign_in(user) + project.team << [user, :master] end - let(:body) { JSON.parse(response.body) } + context 'authorized projects' do + before do + authorized_project.team << [user, :master] + end + + describe 'GET #projects with project ID' do + before do + get(:projects, project_id: project.id) + end + + let(:body) { JSON.parse(response.body) } + + it do + expect(body).to be_kind_of(Array) + expect(body.size).to eq 2 - it 'includes the author' do - get(:users, author_id: non_member.id) + expect(body.first['id']).to eq 0 + expect(body.first['name_with_namespace']).to eq 'No project' - expect(body.first["username"]).to eq non_member.username + expect(body.last['id']).to eq authorized_project.id + expect(body.last['name_with_namespace']).to eq authorized_project.name_with_namespace + end + end end - it 'rejects non existent user ids' do - get(:users, author_id: 99999) + context 'authorized projects and search' do + before do + authorized_project.team << [user, :master] + authorized_search_project.team << [user, :master] + end + + describe 'GET #projects with project ID and search' do + before do + get(:projects, project_id: project.id, search: 'rugged') + end + + let(:body) { JSON.parse(response.body) } - expect(body.collect { |u| u['id'] }).not_to include(99999) + it do + expect(body).to be_kind_of(Array) + expect(body.size).to eq 2 + + expect(body.last['id']).to eq authorized_search_project.id + expect(body.last['name_with_namespace']).to eq authorized_search_project.name_with_namespace + end + end end - end - context 'skip_users parameter included' do - before { sign_in(user) } + context 'authorized projects without admin_issue ability' do + before(:each) do + authorized_project.team << [user, :guest] + + expect(user.can?(:admin_issue, authorized_project)).to eq(false) + end - it 'skips the user IDs passed' do - get(:users, skip_users: [user, user2].map(&:id)) + describe 'GET #projects with project ID' do + before do + get(:projects, project_id: project.id) + end - other_user_ids = [non_member, project.owner, project.creator].map(&:id) - response_user_ids = JSON.parse(response.body).map { |user| user['id'] } + let(:body) { JSON.parse(response.body) } - expect(response_user_ids).to contain_exactly(*other_user_ids) + it do + expect(body).to be_kind_of(Array) + expect(body.size).to eq 1 # 'No project' + + expect(body.first['id']).to eq 0 + end + end end end end -- cgit v1.2.1