summaryrefslogtreecommitdiff
path: root/spec/requests/api/graphql/group/issues_spec.rb
blob: 332bf242e9ca4792facf694f20760403433d9477 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# frozen_string_literal: true

require 'spec_helper'

RSpec.describe 'getting an issue list for a group' do
  include GraphqlHelpers

  let_it_be(:current_user) { create(:user) }
  let_it_be(:group1) { create(:group) }
  let_it_be(:group2) { create(:group) }
  let_it_be(:project1) { create(:project, :public, group: group1) }
  let_it_be(:project2) { create(:project, :private, group: group1) }
  let_it_be(:project3) { create(:project, :public, group: group2) }
  let_it_be(:issue1) { create(:issue, project: project1) }
  let_it_be(:issue2) { create(:issue, project: project2) }
  let_it_be(:issue3) { create(:issue, project: project3) }

  let(:issue1_gid) { issue1.to_global_id.to_s }
  let(:issue2_gid) { issue2.to_global_id.to_s }
  let(:issues_data) { graphql_data['group']['issues']['edges'] }
  let(:issue_filter_params) { {} }

  let(:fields) do
    <<~QUERY
    edges {
      node {
        #{all_graphql_fields_for('issues'.classify)}
      }
    }
    QUERY
  end

  let(:query) do
    graphql_query_for(
      'group',
      { 'fullPath' => group1.full_path },
      query_graphql_field('issues', issue_filter_params, fields)
    )
  end

  it_behaves_like 'a working graphql query' do
    before do
      post_graphql(query, current_user: current_user)
    end
  end

  context 'when there is a confidential issue' do
    let_it_be(:confidential_issue1) { create(:issue, :confidential, project: project1) }
    let_it_be(:confidential_issue2) { create(:issue, :confidential, project: project2) }
    let_it_be(:confidential_issue3) { create(:issue, :confidential, project: project3) }

    let(:confidential_issue1_gid) { confidential_issue1.to_global_id.to_s }
    let(:confidential_issue2_gid) { confidential_issue2.to_global_id.to_s }

    context 'when the user cannot see confidential issues' do
      before do
        group1.add_guest(current_user)
      end

      it 'returns issues without confidential issues for the group' do
        post_graphql(query, current_user: current_user)

        expect(issues_ids).to contain_exactly(issue1_gid, issue2_gid)
      end

      context 'filtering for confidential issues' do
        let(:issue_filter_params) { { confidential: true } }

        it 'returns no issues' do
          post_graphql(query, current_user: current_user)

          expect(issues_ids).to be_empty
        end
      end

      context 'filtering for non-confidential issues' do
        let(:issue_filter_params) { { confidential: false } }

        it 'returns correctly filtered issues' do
          post_graphql(query, current_user: current_user)

          expect(issues_ids).to contain_exactly(issue1_gid, issue2_gid)
        end
      end
    end

    context 'when the user can see confidential issues' do
      before do
        group1.add_developer(current_user)
      end

      it 'returns issues with confidential issues for the group' do
        post_graphql(query, current_user: current_user)

        expect(issues_ids).to contain_exactly(issue1_gid, issue2_gid, confidential_issue1_gid, confidential_issue2_gid)
      end

      context 'filtering for confidential issues' do
        let(:issue_filter_params) { { confidential: true } }

        it 'returns correctly filtered issues' do
          post_graphql(query, current_user: current_user)

          expect(issues_ids).to contain_exactly(confidential_issue1_gid, confidential_issue2_gid)
        end
      end

      context 'filtering for non-confidential issues' do
        let(:issue_filter_params) { { confidential: false } }

        it 'returns correctly filtered issues' do
          post_graphql(query, current_user: current_user)

          expect(issues_ids).to contain_exactly(issue1_gid, issue2_gid)
        end
      end
    end
  end

  def issues_ids
    graphql_dig_at(issues_data, :node, :id)
  end
end