summaryrefslogtreecommitdiff
path: root/spec/finders/labels_finder_spec.rb
blob: e344591dd5dc0fdf4070372e7b8927b98c3f1eae (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
# frozen_string_literal: true

require 'spec_helper'

RSpec.describe LabelsFinder do
  describe '#execute' do
    let_it_be(:group_1) { create(:group) }
    let_it_be(:group_2) { create(:group) }
    let_it_be(:group_3) { create(:group) }
    let_it_be(:private_group_1) { create(:group, :private) }
    let_it_be(:private_subgroup_1) { create(:group, :private, parent: private_group_1) }

    let_it_be(:project_1, reload: true) { create(:project, namespace: group_1) }
    let_it_be(:project_2) { create(:project, namespace: group_2) }
    let_it_be(:project_3) { create(:project) }
    let_it_be(:project_4) { create(:project, :public) }
    let_it_be(:project_5) { create(:project, namespace: group_1) }

    let_it_be(:project_label_1) { create(:label, project: project_1, title: 'Label 1', description: 'awesome label') }
    let_it_be(:project_label_2) { create(:label, project: project_2, title: 'Label 2') }
    let_it_be(:project_label_4) { create(:label, project: project_4, title: 'Label 4') }
    let_it_be(:project_label_5) { create(:label, project: project_5, title: 'Label 5') }

    let_it_be(:group_label_1) { create(:group_label, group: group_1, title: 'Label 1 (group)') }
    let_it_be(:group_label_2) { create(:group_label, group: group_1, title: 'Group Label 2') }
    let_it_be(:group_label_3) { create(:group_label, group: group_2, title: 'Group Label 3') }
    let_it_be(:private_group_label_1) { create(:group_label, group: private_group_1, title: 'Private Group Label 1') }
    let_it_be(:private_subgroup_label_1) { create(:group_label, group: private_subgroup_1, title: 'Private Sub Group Label 1') }

    let_it_be(:unused_label) { create(:label, project: project_3, title: 'Label 3') }
    let_it_be(:unused_group_label) { create(:group_label, group: group_3, title: 'Group Label 4') }

    let_it_be(:user) { create(:user) }

    before do
      project_1.add_developer(user)
    end

    context 'with no filter' do
      it 'returns labels from projects the user have access' do
        group_2.add_developer(user)

        finder = described_class.new(user)

        expect(finder.execute).to match_array([group_label_2, group_label_3, project_label_1, group_label_1, project_label_2, project_label_4])
      end

      it 'returns labels available if nil title is supplied' do
        group_2.add_developer(user)
        # params[:title] will return `nil` regardless whether it is specified
        finder = described_class.new(user, title: nil)

        expect(finder.execute).to match_array([group_label_2, group_label_3, project_label_1, group_label_1, project_label_2, project_label_4])
      end
    end

    shared_examples 'filtering by group' do
      it 'returns labels available for any non-archived project within the group' do
        group_1.add_developer(user)
        ::Projects::UpdateService.new(project_1, user, archived: true).execute
        finder = described_class.new(user, **group_params(group_1))

        expect(finder.execute).to match_array([group_label_2, group_label_1, project_label_5])
      end

      context 'when only_group_labels is true' do
        it 'returns only group labels' do
          group_1.add_developer(user)

          finder = described_class.new(user, only_group_labels: true, **group_params(group_1))

          expect(finder.execute).to match_array([group_label_2, group_label_1])
        end
      end

      context 'when group has no projects' do
        let(:empty_group) { create(:group) }
        let!(:empty_group_label_1) { create(:group_label, group: empty_group, title: 'Label 1 (empty group)') }
        let!(:empty_group_label_2) { create(:group_label, group: empty_group, title: 'Label 2 (empty group)') }

        before do
          empty_group.add_developer(user)
        end

        context 'when only group labels is false' do
          it 'returns group labels' do
            finder = described_class.new(user, **group_params(empty_group))

            expect(finder.execute).to match_array([empty_group_label_1, empty_group_label_2])
          end
        end
      end

      context 'when including labels from group ancestors' do
        it 'returns labels from group and its ancestors' do
          private_group_1.add_developer(user)
          private_subgroup_1.add_developer(user)

          finder = described_class.new(user, **group_params(private_subgroup_1), only_group_labels: true, include_ancestor_groups: true)

          expect(finder.execute).to match_array([private_group_label_1, private_subgroup_label_1])
        end

        it 'ignores labels from groups which user can not read' do
          private_subgroup_1.add_developer(user)

          finder = described_class.new(user, **group_params(private_subgroup_1), only_group_labels: true, include_ancestor_groups: true)

          expect(finder.execute).to match_array([private_subgroup_label_1])
        end
      end

      context 'when including labels from group descendants' do
        it 'returns labels from group and its descendants' do
          private_group_1.add_developer(user)
          private_subgroup_1.add_developer(user)

          finder = described_class.new(user, **group_params(private_group_1), only_group_labels: true, include_descendant_groups: true)

          expect(finder.execute).to match_array([private_group_label_1, private_subgroup_label_1])
        end

        it 'ignores labels from groups which user can not read' do
          private_subgroup_1.add_developer(user)

          finder = described_class.new(user, **group_params(private_group_1), only_group_labels: true, include_descendant_groups: true)

          expect(finder.execute).to match_array([private_subgroup_label_1])
        end
      end

      context 'when including labels from group projects with limited visibility' do
        let(:finder)                     { described_class.new(user, **group_params(group_4)) }
        let(:group_4)                    { create(:group) }
        let(:limited_visibility_project) { create(:project, :public, group: group_4) }
        let(:visible_project)            { create(:project, :public, group: group_4) }
        let!(:group_label_1)             { create(:group_label, group: group_4) }
        let!(:limited_visibility_label)  { create(:label, project: limited_visibility_project) }
        let!(:visible_label)             { create(:label, project: visible_project) }

        shared_examples 'with full visibility' do
          it 'returns all projects labels' do
            expect(finder.execute).to match_array([group_label_1, limited_visibility_label, visible_label])
          end
        end

        shared_examples 'with limited visibility' do
          it 'returns only authorized projects labels' do
            expect(finder.execute).to match_array([group_label_1, visible_label])
          end
        end

        context 'when merge requests and issues are not visible for non members' do
          before do
            limited_visibility_project.project_feature.update!(
              merge_requests_access_level: ProjectFeature::PRIVATE,
              issues_access_level: ProjectFeature::PRIVATE
            )
          end

          context 'when user is not a group member' do
            it_behaves_like 'with limited visibility'
          end

          context 'when user is a group member' do
            before do
              group_4.add_developer(user)
            end

            it_behaves_like 'with full visibility'
          end
        end

        context 'when merge requests are not visible for non members' do
          before do
            limited_visibility_project.project_feature.update!(
              merge_requests_access_level: ProjectFeature::PRIVATE
            )
          end

          context 'when user is not a group member' do
            it_behaves_like 'with full visibility'
          end

          context 'when user is a group member' do
            before do
              group_4.add_developer(user)
            end

            it_behaves_like 'with full visibility'
          end
        end

        context 'when issues are not visible for non members' do
          before do
            limited_visibility_project.project_feature.update!(
              issues_access_level: ProjectFeature::PRIVATE
            )
          end

          context 'when user is not a group member' do
            it_behaves_like 'with full visibility'
          end

          context 'when user is a group member' do
            before do
              group_4.add_developer(user)
            end

            it_behaves_like 'with full visibility'
          end
        end
      end
    end

    it_behaves_like 'filtering by group' do
      def group_params(group)
        { group: group }
      end
    end

    it_behaves_like 'filtering by group' do
      def group_params(group)
        { group_id: group.id }
      end
    end

    it_behaves_like 'filtering by group' do
      def group_params(group)
        { group: '', group_id: group.id }
      end
    end

    context 'filtering by project_id' do
      context 'when include_ancestor_groups is true' do
        let!(:sub_project) { create(:project, namespace: private_subgroup_1 ) }
        let!(:project_label) { create(:label, project: sub_project, title: 'Label 5') }
        let(:finder) { described_class.new(user, project_id: sub_project.id, include_ancestor_groups: true) }

        before do
          private_group_1.add_developer(user)
        end

        it 'returns all ancestor labels' do
          expect(finder.execute).to match_array([private_subgroup_label_1, private_group_label_1, project_label])
        end
      end

      it 'returns labels available for the project' do
        finder = described_class.new(user, project_id: project_1.id)

        expect(finder.execute).to match_array([group_label_2, project_label_1, group_label_1])
      end

      context 'as an administrator' do
        it 'does not return labels from another project' do
          # Purposefully creating a project with _nothing_ associated to it
          isolated_project = create(:project)
          admin = create(:admin)

          # project_3 has a label associated to it, which we don't want coming
          # back when we ask for the isolated project's labels
          project_3.add_reporter(admin)
          finder = described_class.new(admin, project_id: isolated_project.id)

          expect(finder.execute).to be_empty
        end
      end
    end

    context 'filtering by title' do
      it 'returns label with that title' do
        finder = described_class.new(user, title: 'Group Label 2')

        expect(finder.execute).to match_array([group_label_2])
      end

      it 'returns label with title alias' do
        finder = described_class.new(user, name: 'Group Label 2')

        expect(finder.execute).to match_array([group_label_2])
      end

      it 'returns no labels if empty title is supplied' do
        finder = described_class.new(user, title: [])

        expect(finder.execute).to be_empty
      end

      it 'returns no labels if blank title is supplied' do
        finder = described_class.new(user, title: '')

        expect(finder.execute).to be_empty
      end

      it 'returns no labels if empty name is supplied' do
        finder = described_class.new(user, name: [])

        expect(finder.execute).to be_empty
      end
    end

    context 'search by title and description' do
      it 'returns labels with a partially matching title' do
        finder = described_class.new(user, search: '(group)')

        expect(finder.execute).to match_array([group_label_1])
      end

      it 'returns labels with a partially matching description' do
        finder = described_class.new(user, search: 'awesome')

        expect(finder.execute).to match_array([project_label_1])
      end

      it 'returns labels matching a single character' do
        finder = described_class.new(user, search: '(')

        expect(finder.execute).to match_array([group_label_1])
      end
    end

    context 'filter by subscription' do
      it 'returns labels user subscribed to' do
        project_label_1.subscribe(user)

        finder = described_class.new(user, subscribed: 'true')

        expect(finder.execute).to match_array([project_label_1])
      end
    end

    context 'external authorization' do
      it_behaves_like 'a finder with external authorization service' do
        let!(:subject) { create(:label, project: project) }
        let(:project_params) { { project_id: project.id } }
      end
    end
  end
end