1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Todos::AllowedTargetFilterService do
include DesignManagementTestHelpers
let_it_be(:authorized_group) { create(:group, :private) }
let_it_be(:authorized_project) { create(:project, group: authorized_group) }
let_it_be(:unauthorized_group) { create(:group, :private) }
let_it_be(:unauthorized_project) { create(:project, group: unauthorized_group) }
let_it_be(:user) { create(:user) }
let_it_be(:authorized_issue) { create(:issue, project: authorized_project) }
let_it_be(:authorized_issue_todo) { create(:todo, project: authorized_project, target: authorized_issue, user: user) }
let_it_be(:authorized_note) { create(:note, noteable: authorized_issue, project: authorized_project) }
let_it_be(:authorized_note_todo) { create(:todo, project: authorized_project, target: authorized_issue, note: authorized_note, user: user) }
let_it_be(:confidential_issue) { create(:issue, :confidential, project: authorized_project) }
let_it_be(:confidential_issue_todo) { create(:todo, project: authorized_project, target: confidential_issue, user: user) }
let_it_be(:confidential_note) { create(:note, :confidential, noteable: confidential_issue, project: authorized_project) }
let_it_be(:confidential_note_todo) { create(:todo, project: authorized_project, target: authorized_issue, note: confidential_note, user: user) }
let_it_be(:unauthorized_issue) { create(:issue, project: unauthorized_project) }
let_it_be(:unauthorized_issue_todo) { create(:todo, project: unauthorized_project, target: unauthorized_issue, user: user) }
let_it_be(:authorized_design) { create(:design, issue: authorized_issue) }
let_it_be(:authorized_design_todo) { create(:todo, project: authorized_project, target: authorized_design, user: user) }
let_it_be(:unauthorized_design) { create(:design, issue: unauthorized_issue) }
let_it_be(:unauthorized_design_todo) { create(:todo, project: unauthorized_project, target: unauthorized_design, user: user) }
let_it_be(:unauthorized_note) { create(:note, noteable: unauthorized_issue, project: unauthorized_project) }
let_it_be(:unauthorized_note_todo) { create(:todo, project: unauthorized_project, target: unauthorized_issue, note: unauthorized_note, user: user) }
# Cannot use let_it_be with MRs
let(:authorized_mr) { create(:merge_request, source_project: authorized_project) }
let(:authorized_mr_todo) { create(:todo, project: authorized_project, user: user, target: authorized_mr) }
let(:unauthorized_mr) { create(:merge_request, source_project: unauthorized_project) }
let(:unauthorized_mr_todo) { create(:todo, project: unauthorized_project, user: user, target: unauthorized_mr) }
describe '#execute' do
let(:all_todos) { authorized_todos + unauthorized_todos }
subject(:execute_service) { described_class.new(all_todos, user).execute }
shared_examples 'allowed Todos filter' do
before do
enable_design_management
end
it { is_expected.to match_array(authorized_todos) }
end
context 'with reporter user' do
before_all do
authorized_group.add_reporter(user)
end
it_behaves_like 'allowed Todos filter' do
let(:authorized_todos) do
[
authorized_mr_todo,
authorized_issue_todo,
confidential_issue_todo,
confidential_note_todo,
authorized_design_todo
]
end
let(:unauthorized_todos) do
[
unauthorized_mr_todo,
unauthorized_issue_todo,
unauthorized_note_todo,
unauthorized_design_todo
]
end
end
end
context 'with guest user' do
before_all do
authorized_group.add_guest(user)
end
it_behaves_like 'allowed Todos filter' do
let(:authorized_todos) do
[
authorized_issue_todo,
authorized_design_todo
]
end
let(:unauthorized_todos) do
[
authorized_mr_todo,
confidential_issue_todo,
confidential_note_todo,
unauthorized_mr_todo,
unauthorized_issue_todo,
unauthorized_note_todo,
unauthorized_design_todo
]
end
end
end
context 'with a non-member user' do
it_behaves_like 'allowed Todos filter' do
let(:authorized_todos) { [] }
let(:unauthorized_todos) do
[
authorized_issue_todo,
authorized_design_todo,
authorized_mr_todo,
confidential_issue_todo,
confidential_note_todo,
unauthorized_mr_todo,
unauthorized_issue_todo,
unauthorized_note_todo,
unauthorized_design_todo
]
end
end
end
end
end
|