blob: 1ee86376e02b051e8dbfbda7aa70f73721e9e857 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe MemberRole, feature_category: :system_access do
describe 'associations' do
it { is_expected.to belong_to(:namespace) }
it { is_expected.to have_many(:members) }
end
describe 'validation' do
subject(:member_role) { build(:member_role) }
it { is_expected.to validate_presence_of(:namespace) }
it { is_expected.to validate_presence_of(:base_access_level) }
context 'for attributes_locked_after_member_associated' do
context 'when assigned to member' do
it 'cannot be changed' do
member_role.save!
member_role.members << create(:project_member)
expect(member_role).not_to be_valid
expect(member_role.errors.messages[:base]).to include(
s_("MemberRole|cannot be changed because it is already assigned to a user. "\
"Please create a new Member Role instead")
)
end
end
context 'when not assigned to member' do
it 'can be changed' do
expect(member_role).to be_valid
end
end
end
context 'when for namespace' do
let_it_be(:root_group) { create(:group) }
context 'when namespace is a subgroup' do
it 'is invalid' do
subgroup = create(:group, parent: root_group)
member_role.namespace = subgroup
expect(member_role).to be_invalid
expect(member_role.errors[:namespace]).to include(
s_("MemberRole|must be top-level namespace")
)
end
end
context 'when namespace is a root group' do
it 'is valid' do
member_role.namespace = root_group
expect(member_role).to be_valid
end
end
context 'when namespace is not present' do
it 'is invalid with a different error message' do
member_role.namespace = nil
expect(member_role).to be_invalid
expect(member_role.errors[:namespace]).to include(_("can't be blank"))
end
end
context 'when namespace is outside hierarchy of member' do
it 'creates a validation error' do
member_role.save!
member_role.namespace = create(:group)
expect(member_role).not_to be_valid
expect(member_role.errors[:namespace]).to include(s_("MemberRole|can't be changed"))
end
end
end
end
describe 'callbacks' do
context 'for preventing deletion after member is associated' do
let_it_be(:member_role) { create(:member_role) }
subject(:destroy_member_role) { member_role.destroy } # rubocop: disable Rails/SaveBang
it 'allows deletion without any member associated' do
expect(destroy_member_role).to be_truthy
end
it 'prevent deletion when member is associated' do
create(:group_member, { group: member_role.namespace,
access_level: Gitlab::Access::DEVELOPER,
member_role: member_role })
member_role.members.reload
expect(destroy_member_role).to be_falsey
expect(member_role.errors.messages[:base])
.to(
include(s_("MemberRole|cannot be deleted because it is already assigned to a user. "\
"Please disassociate the member role from all users before deletion."))
)
end
end
end
end
|
