1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'Updating a Note' do
include GraphqlHelpers
let!(:note) { create(:note, note: original_body) }
let(:original_body) { 'Initial body text' }
let(:updated_body) { 'Updated body text' }
let(:params) { { body: updated_body, confidential: true } }
let(:mutation) do
variables = params.merge(id: GitlabSchema.id_from_object(note).to_s)
graphql_mutation(:update_note, variables)
end
def mutation_response
graphql_mutation_response(:update_note)
end
context 'when the user does not have permission' do
let_it_be(:current_user) { create(:user) }
it_behaves_like 'a mutation that returns a top-level access error'
it 'does not update the Note' do
post_graphql_mutation(mutation, current_user: current_user)
expect(note.reload.note).to eq(original_body)
expect(note.confidential).to be_falsey
end
end
context 'when the user has permission' do
let(:current_user) { note.author }
it_behaves_like 'a Note mutation when the given resource id is not for a Note'
it 'updates the Note' do
post_graphql_mutation(mutation, current_user: current_user)
expect(note.reload.note).to eq(updated_body)
expect(note.confidential).to be_truthy
end
it 'returns the updated Note' do
post_graphql_mutation(mutation, current_user: current_user)
expect(mutation_response['note']['body']).to eq(updated_body)
expect(mutation_response['note']['confidential']).to be_truthy
end
context 'when only confidential param is present' do
let(:params) { { confidential: true } }
it 'updates only the note confidentiality' do
post_graphql_mutation(mutation, current_user: current_user)
expect(note.reload.note).to eq(original_body)
expect(note.confidential).to be_truthy
end
end
context 'when only body param is present' do
let(:params) { { body: updated_body } }
before do
note.update_column(:confidential, true)
end
it 'updates only the note body' do
post_graphql_mutation(mutation, current_user: current_user)
expect(note.reload.note).to eq(updated_body)
expect(note.confidential).to be_truthy
end
end
context 'when there are ActiveRecord validation errors' do
let(:updated_body) { '' }
it_behaves_like 'a mutation that returns errors in the response', errors: ["Note can't be blank"]
it 'does not update the Note' do
post_graphql_mutation(mutation, current_user: current_user)
expect(note.reload.note).to eq(original_body)
expect(note.confidential).to be_falsey
end
it 'returns the original Note' do
post_graphql_mutation(mutation, current_user: current_user)
expect(mutation_response['note']['body']).to eq(original_body)
expect(mutation_response['note']['confidential']).to be_falsey
end
end
context 'when body only contains quick actions' do
let(:updated_body) { '/close' }
it 'returns a nil note and empty errors' do
post_graphql_mutation(mutation, current_user: current_user)
expect(mutation_response).to include(
'errors' => [],
'note' => nil
)
end
end
end
end
|