spec/finders/members_finder_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe MembersFinder, '#execute' do
  let_it_be(:group) { create(:group) }
  let_it_be(:nested_group) { create(:group, parent: group) }
  let_it_be(:project, reload: true) { create(:project, namespace: nested_group) }
  let_it_be(:user1) { create(:user) }
  let_it_be(:user2) { create(:user) }
  let_it_be(:user3) { create(:user) }
  let_it_be(:user4) { create(:user) }

  it 'returns members for project and parent groups' do
    nested_group.request_access(user1)
    member1 = group.add_maintainer(user2)
    member2 = nested_group.add_maintainer(user3)
    member3 = project.add_maintainer(user4)

    result = described_class.new(project, user2).execute

    expect(result).to contain_exactly(member1, member2, member3)
  end

  it 'includes only non-invite members if user do not have amdin permissions on project' do
    create(:project_member, :invited, project: project, invite_email: create(:user).email)
    member1 = project.add_maintainer(user1)
    member2 = project.add_developer(user2)

    result = described_class.new(project, user2).execute(include_relations: [:direct])

    expect(result).to contain_exactly(member1, member2)
  end

  it 'includes invited members if user have admin permissions on project' do
    member_invite = create(:project_member, :invited, project: project, invite_email: create(:user).email)
    member1 = project.add_maintainer(user1)
    member2 = project.add_maintainer(user2)

    result = described_class.new(project, user2).execute(include_relations: [:direct])

    expect(result).to contain_exactly(member1, member2, member_invite)
  end

  it 'includes nested group members if asked', :nested_groups do
    nested_group.request_access(user1)
    member1 = group.add_maintainer(user2)
    member2 = nested_group.add_maintainer(user3)
    member3 = project.add_maintainer(user4)

    result = described_class.new(project, user2).execute(include_relations: [:direct, :descendants])

    expect(result).to contain_exactly(member1, member2, member3)
  end

  it 'returns only members of project if asked' do
    nested_group.request_access(user1)
    group.add_maintainer(user2)
    nested_group.add_maintainer(user3)
    member4 = project.add_maintainer(user4)

    result = described_class.new(project, user2).execute(include_relations: [:direct])

    expect(result).to contain_exactly(member4)
  end

  it 'returns only inherited members of project if asked' do
    nested_group.request_access(user1)
    member2 = group.add_maintainer(user2)
    member3 = nested_group.add_maintainer(user3)
    project.add_maintainer(user4)

    result = described_class.new(project, user2).execute(include_relations: [:inherited])

    expect(result).to contain_exactly(member2, member3)
  end

  it 'returns only inherited members of a personal project' do
    project = create(:project, namespace: user1.namespace)
    member = project.members.first

    result = described_class.new(project, user1).execute(include_relations: [:inherited])

    expect(result).to contain_exactly(member)
  end

  it 'returns the members.access_level when the user is invited', :nested_groups do
    member_invite = create(:project_member, :invited, project: project, invite_email: create(:user).email)
    member1 = group.add_maintainer(user2)

    result = described_class.new(project, user2).execute(include_relations: [:direct, :descendants])

    expect(result).to contain_exactly(member1, member_invite)
    expect(result.last.access_level).to eq(member_invite.access_level)
  end

  it 'returns the highest access_level for the user', :nested_groups do
    member1 = project.add_guest(user1)
    group.add_developer(user1)
    nested_group.add_reporter(user1)

    result = described_class.new(project, user1).execute(include_relations: [:direct, :descendants])

    expect(result).to contain_exactly(member1)
    expect(result.first.access_level).to eq(Gitlab::Access::DEVELOPER)
  end

  it 'returns searched members if requested' do
    project.add_maintainer(user2)
    project.add_maintainer(user3)
    member3 = project.add_maintainer(user4)

    result = described_class.new(project, user2, params: { search: user4.name }).execute

    expect(result).to contain_exactly(member3)
  end

  it 'returns members sorted by id_desc' do
    member1 = project.add_maintainer(user2)
    member2 = project.add_maintainer(user3)
    member3 = project.add_maintainer(user4)

    result = described_class.new(project, user2, params: { sort: 'id_desc' }).execute

    expect(result).to eq([member3, member2, member1])
  end

  context 'when include_invited_groups_members == true' do
    subject { described_class.new(project, user2).execute(include_relations: [:inherited, :direct, :invited_groups_members]) }

    let_it_be(:linked_group) { create(:group, :public) }
    let_it_be(:nested_linked_group) { create(:group, parent: linked_group) }
    let_it_be(:linked_group_member) { linked_group.add_guest(user1) }
    let_it_be(:nested_linked_group_member) { nested_linked_group.add_guest(user2) }

    it 'includes all the invited_groups members including members inherited from ancestor groups' do
      create(:project_group_link, project: project, group: nested_linked_group)

      expect(subject).to contain_exactly(linked_group_member, nested_linked_group_member)
    end

    it 'includes all the invited_groups members' do
      create(:project_group_link, project: project, group: linked_group)

      expect(subject).to contain_exactly(linked_group_member)
    end

    it 'excludes group_members not visible to the user' do
      create(:project_group_link, project: project, group: linked_group)
      private_linked_group = create(:group, :private)
      private_linked_group.add_developer(user3)
      create(:project_group_link, project: project, group: private_linked_group)

      expect(subject).to contain_exactly(linked_group_member)
    end

    context 'when the user is a member of invited group and ancestor groups' do
      it 'returns the highest access_level for the user limited by project_group_link.group_access', :nested_groups do
        create(:project_group_link, project: project, group: nested_linked_group, group_access: Gitlab::Access::REPORTER)
        nested_linked_group.add_developer(user1)

        expect(subject.map(&:user)).to contain_exactly(user1, user2)
        expect(subject.max_by(&:access_level).access_level).to eq(Gitlab::Access::REPORTER)
      end
    end
  end
end