spec/serializers/deploy_key_entity_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe DeployKeyEntity do
  include RequestAwareEntity

  let(:user) { create(:user) }
  let(:project) { create(:project, :internal)}
  let(:project_private) { create(:project, :private)}
  let(:deploy_key) { create(:deploy_key) }
  let(:options) { { user: user } }

  let(:entity) { described_class.new(deploy_key, options) }

  before do
    project.deploy_keys << deploy_key
    project_private.deploy_keys << deploy_key
  end

  describe 'returns deploy keys with projects a user can read' do
    let(:expected_result) do
      {
        id: deploy_key.id,
        user_id: deploy_key.user_id,
        title: deploy_key.title,
        fingerprint: deploy_key.fingerprint,
        fingerprint_sha256: deploy_key.fingerprint_sha256,
        destroyed_when_orphaned: true,
        almost_orphaned: false,
        created_at: deploy_key.created_at,
        updated_at: deploy_key.updated_at,
        can_edit: false,
        deploy_keys_projects: [
          {
            can_push: false,
            project:
            {
              id: project.id,
              name: project.name,
              full_path: project_path(project),
              full_name: project.full_name
            }
          }
        ]
      }
    end

    it { expect(entity.as_json).to eq(expected_result) }
  end

  context 'user is an admin' do
    let(:user) { create(:user, :admin) }

    it { expect(entity.as_json).to include(can_edit: true) }
  end

  context 'user is a project maintainer' do
    before do
      project.add_maintainer(user)
    end

    context 'project deploy key' do
      it { expect(entity.as_json).to include(can_edit: true) }
    end

    context 'public deploy key' do
      let(:deploy_key_public) { create(:deploy_key, public: true) }
      let(:entity_public) { described_class.new(deploy_key_public, { user: user, project: project }) }

      before do
        project.deploy_keys << deploy_key_public
      end

      it { expect(entity_public.as_json).to include(can_edit: true) }
    end
  end

  describe 'with_owner option' do
    it 'does not return an owner payload when it is set to false' do
      options[:with_owner] = false

      payload = entity.as_json

      expect(payload[:owner]).not_to be_present
    end

    describe 'when with_owner is set to true' do
      before do
        options[:with_owner] = true
      end

      it 'returns an owner payload' do
        payload = entity.as_json

        expect(payload[:owner]).to be_present
        expect(payload[:owner].keys).to include(:id, :name, :username, :avatar_url)
      end

      it 'does not return an owner if current_user cannot read the owner' do
        allow(Ability).to receive(:allowed?).and_call_original
        allow(Ability).to receive(:allowed?).with(options[:user], :read_user, deploy_key.user).and_return(false)

        payload = entity.as_json

        expect(payload[:owner]).to be_nil
      end
    end
  end

  it 'does not return an owner payload with_owner option not passed in' do
    payload = entity.as_json

    expect(payload[:owner]).not_to be_present
  end
end