BigW Consortium Gitlab

project_team_spec.rb 13.7 KB
Newer Older
1 2
require "spec_helper"

Douwe Maan committed
3
describe ProjectTeam, models: true do
4 5 6 7
  let(:master) { create(:user) }
  let(:reporter) { create(:user) }
  let(:guest) { create(:user) }
  let(:nonmember) { create(:user) }
8

9 10
  context 'personal project' do
    let(:project) { create(:empty_project) }
11

12
    before do
13 14 15
      project.add_master(master)
      project.add_reporter(reporter)
      project.add_guest(guest)
16
    end
17

18
    describe 'members collection' do
19 20 21 22
      it { expect(project.team.masters).to include(master) }
      it { expect(project.team.masters).not_to include(guest) }
      it { expect(project.team.masters).not_to include(reporter) }
      it { expect(project.team.masters).not_to include(nonmember) }
23 24 25
    end

    describe 'access methods' do
26 27 28 29 30 31
      it { expect(project.team.master?(master)).to be_truthy }
      it { expect(project.team.master?(guest)).to be_falsey }
      it { expect(project.team.master?(reporter)).to be_falsey }
      it { expect(project.team.master?(nonmember)).to be_falsey }
      it { expect(project.team.member?(nonmember)).to be_falsey }
      it { expect(project.team.member?(guest)).to be_truthy }
32 33 34
      it { expect(project.team.member?(reporter, Gitlab::Access::REPORTER)).to be_truthy }
      it { expect(project.team.member?(guest, Gitlab::Access::REPORTER)).to be_falsey }
      it { expect(project.team.member?(nonmember, Gitlab::Access::GUEST)).to be_falsey }
35
    end
36 37
  end

38 39
  context 'group project' do
    let(:group) { create(:group) }
40
    let!(:project) { create(:empty_project, group: group) }
41 42

    before do
43 44 45
      group.add_master(master)
      group.add_reporter(reporter)
      group.add_guest(guest)
46 47 48 49

      # If user is a group and a project member - GitLab uses highest permission
      # So we add group guest as master and add group master as guest
      # to this project to test highest access
50 51
      project.add_master(guest)
      project.add_guest(master)
52 53 54
    end

    describe 'members collection' do
55 56 57 58 59
      it { expect(project.team.reporters).to include(reporter) }
      it { expect(project.team.masters).to include(master) }
      it { expect(project.team.masters).to include(guest) }
      it { expect(project.team.masters).not_to include(reporter) }
      it { expect(project.team.masters).not_to include(nonmember) }
60 61 62
    end

    describe 'access methods' do
63 64 65 66 67 68 69
      it { expect(project.team.reporter?(reporter)).to be_truthy }
      it { expect(project.team.master?(master)).to be_truthy }
      it { expect(project.team.master?(guest)).to be_truthy }
      it { expect(project.team.master?(reporter)).to be_falsey }
      it { expect(project.team.master?(nonmember)).to be_falsey }
      it { expect(project.team.member?(nonmember)).to be_falsey }
      it { expect(project.team.member?(guest)).to be_truthy }
70 71 72
      it { expect(project.team.member?(guest, Gitlab::Access::MASTER)).to be_truthy }
      it { expect(project.team.member?(reporter, Gitlab::Access::MASTER)).to be_falsey }
      it { expect(project.team.member?(nonmember, Gitlab::Access::GUEST)).to be_falsey }
73
    end
74
  end
75

76 77 78 79 80 81
  describe '#fetch_members' do
    context 'personal project' do
      let(:project) { create(:empty_project) }

      it 'returns project members' do
        user = create(:user)
82
        project.add_guest(user)
83 84 85 86 87 88

        expect(project.team.members).to contain_exactly(user)
      end

      it 'returns project members of a specified level' do
        user = create(:user)
89
        project.add_reporter(user)
90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113

        expect(project.team.guests).to be_empty
        expect(project.team.reporters).to contain_exactly(user)
      end

      it 'returns invited members of a group' do
        group_member = create(:group_member)

        project.project_group_links.create!(
          group: group_member.group,
          group_access: Gitlab::Access::GUEST
        )

        expect(project.team.members).to contain_exactly(group_member.user)
      end

      it 'returns invited members of a group of a specified level' do
        group_member = create(:group_member)

        project.project_group_links.create!(
          group: group_member.group,
          group_access: Gitlab::Access::REPORTER
        )

114
        expect(project.team.guests).to be_empty
115 116 117 118 119 120
        expect(project.team.reporters).to contain_exactly(group_member.user)
      end
    end

    context 'group project' do
      let(:group) { create(:group) }
121
      let!(:project) { create(:empty_project, group: group) }
122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137

      it 'returns project members' do
        group_member = create(:group_member, group: group)

        expect(project.team.members).to contain_exactly(group_member.user)
      end

      it 'returns project members of a specified level' do
        group_member = create(:group_member, :reporter, group: group)

        expect(project.team.guests).to be_empty
        expect(project.team.reporters).to contain_exactly(group_member.user)
      end
    end
  end

138 139
  describe '#find_member' do
    context 'personal project' do
140
      let(:project) { create(:empty_project, :public, :access_requestable) }
141 142 143
      let(:requester) { create(:user) }

      before do
144 145 146
        project.add_master(master)
        project.add_reporter(reporter)
        project.add_guest(guest)
147 148 149 150 151 152 153 154
        project.request_access(requester)
      end

      it { expect(project.team.find_member(master.id)).to be_a(ProjectMember) }
      it { expect(project.team.find_member(reporter.id)).to be_a(ProjectMember) }
      it { expect(project.team.find_member(guest.id)).to be_a(ProjectMember) }
      it { expect(project.team.find_member(nonmember.id)).to be_nil }
      it { expect(project.team.find_member(requester.id)).to be_nil }
155 156
    end

157
    context 'group project' do
158
      let(:group) { create(:group, :access_requestable) }
159 160 161 162 163 164 165 166 167 168 169 170 171 172 173
      let(:project) { create(:empty_project, group: group) }
      let(:requester) { create(:user) }

      before do
        group.add_master(master)
        group.add_reporter(reporter)
        group.add_guest(guest)
        group.request_access(requester)
      end

      it { expect(project.team.find_member(master.id)).to be_a(GroupMember) }
      it { expect(project.team.find_member(reporter.id)).to be_a(GroupMember) }
      it { expect(project.team.find_member(guest.id)).to be_a(GroupMember) }
      it { expect(project.team.find_member(nonmember.id)).to be_nil }
      it { expect(project.team.find_member(requester.id)).to be_nil }
174 175 176
    end
  end

177 178 179 180
  describe "#human_max_access" do
    it 'returns Master role' do
      user = create(:user)
      group = create(:group)
181
      project = create(:empty_project, namespace: group)
182

183
      group.add_master(user)
184 185 186 187 188 189 190

      expect(project.team.human_max_access(user.id)).to eq 'Master'
    end

    it 'returns Owner role' do
      user = create(:user)
      group = create(:group)
191
      project = create(:empty_project, namespace: group)
192

193
      group.add_owner(user)
194 195 196 197 198

      expect(project.team.human_max_access(user.id)).to eq 'Owner'
    end
  end

199 200 201 202
  describe '#max_member_access' do
    let(:requester) { create(:user) }

    context 'personal project' do
203
      let(:project) { create(:empty_project, :public, :access_requestable) }
204 205 206

      context 'when project is not shared with group' do
        before do
207 208 209
          project.add_master(master)
          project.add_reporter(reporter)
          project.add_guest(guest)
210 211 212 213 214 215
          project.request_access(requester)
        end

        it { expect(project.team.max_member_access(master.id)).to eq(Gitlab::Access::MASTER) }
        it { expect(project.team.max_member_access(reporter.id)).to eq(Gitlab::Access::REPORTER) }
        it { expect(project.team.max_member_access(guest.id)).to eq(Gitlab::Access::GUEST) }
216 217
        it { expect(project.team.max_member_access(nonmember.id)).to eq(Gitlab::Access::NO_ACCESS) }
        it { expect(project.team.max_member_access(requester.id)).to eq(Gitlab::Access::NO_ACCESS) }
218 219 220 221 222 223 224 225 226 227 228 229 230 231 232
      end

      context 'when project is shared with group' do
        before do
          group = create(:group)
          project.project_group_links.create(
            group: group,
            group_access: Gitlab::Access::DEVELOPER)

          group.add_master(master)
          group.add_reporter(reporter)
        end

        it { expect(project.team.max_member_access(master.id)).to eq(Gitlab::Access::DEVELOPER) }
        it { expect(project.team.max_member_access(reporter.id)).to eq(Gitlab::Access::REPORTER) }
233 234
        it { expect(project.team.max_member_access(nonmember.id)).to eq(Gitlab::Access::NO_ACCESS) }
        it { expect(project.team.max_member_access(requester.id)).to eq(Gitlab::Access::NO_ACCESS) }
235 236 237 238

        context 'but share_with_group_lock is true' do
          before { project.namespace.update(share_with_group_lock: true) }

239 240
          it { expect(project.team.max_member_access(master.id)).to eq(Gitlab::Access::NO_ACCESS) }
          it { expect(project.team.max_member_access(reporter.id)).to eq(Gitlab::Access::NO_ACCESS) }
241 242
        end
      end
243 244
    end

245
    context 'group project' do
246
      let(:group) { create(:group, :access_requestable) }
247
      let!(:project) { create(:empty_project, group: group) }
248 249 250 251 252 253 254 255 256 257 258

      before do
        group.add_master(master)
        group.add_reporter(reporter)
        group.add_guest(guest)
        group.request_access(requester)
      end

      it { expect(project.team.max_member_access(master.id)).to eq(Gitlab::Access::MASTER) }
      it { expect(project.team.max_member_access(reporter.id)).to eq(Gitlab::Access::REPORTER) }
      it { expect(project.team.max_member_access(guest.id)).to eq(Gitlab::Access::GUEST) }
259 260 261 262 263
      it { expect(project.team.max_member_access(nonmember.id)).to eq(Gitlab::Access::NO_ACCESS) }
      it { expect(project.team.max_member_access(requester.id)).to eq(Gitlab::Access::NO_ACCESS) }
    end
  end

264 265 266 267
  describe '#member?' do
    let(:group) { create(:group) }
    let(:developer) { create(:user) }
    let(:master) { create(:user) }
268 269 270 271
    let(:personal_project) { create(:empty_project, namespace: developer.namespace) }
    let(:group_project) { create(:empty_project, namespace: group) }
    let(:members_project) { create(:empty_project) }
    let(:shared_project) { create(:empty_project) }
272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314

    before do
      group.add_master(master)
      group.add_developer(developer)

      members_project.team << [developer, :developer]
      members_project.team << [master, :master]

      create(:project_group_link, project: shared_project, group: group)
    end

    it 'returns false for no user' do
      expect(personal_project.team.member?(nil)).to be(false)
    end

    it 'returns true for personal projects of the user' do
      expect(personal_project.team.member?(developer)).to be(true)
    end

    it 'returns true for projects of groups the user is a member of' do
      expect(group_project.team.member?(developer)).to be(true)
    end

    it 'returns true for projects for which the user is a member of' do
      expect(members_project.team.member?(developer)).to be(true)
    end

    it 'returns true for projects shared on a group the user is a member of' do
      expect(shared_project.team.member?(developer)).to be(true)
    end

    it 'checks for the correct minimum level access' do
      expect(group_project.team.member?(developer, Gitlab::Access::MASTER)).to be(false)
      expect(group_project.team.member?(master, Gitlab::Access::MASTER)).to be(true)
      expect(members_project.team.member?(developer, Gitlab::Access::MASTER)).to be(false)
      expect(members_project.team.member?(master, Gitlab::Access::MASTER)).to be(true)
      expect(shared_project.team.member?(developer, Gitlab::Access::MASTER)).to be(false)
      expect(shared_project.team.member?(master, Gitlab::Access::MASTER)).to be(false)
      expect(shared_project.team.member?(developer, Gitlab::Access::DEVELOPER)).to be(true)
      expect(shared_project.team.member?(master, Gitlab::Access::DEVELOPER)).to be(true)
    end
  end

315 316 317 318 319
  shared_examples_for "#max_member_access_for_users" do |enable_request_store|
    describe "#max_member_access_for_users" do
      before do
        RequestStore.begin! if enable_request_store
      end
320

321 322 323 324 325 326
      after do
        if enable_request_store
          RequestStore.end!
          RequestStore.clear!
        end
      end
327

328 329 330 331 332
      it 'returns correct roles for different users' do
        master = create(:user)
        reporter = create(:user)
        promoted_guest = create(:user)
        guest = create(:user)
333
        project = create(:empty_project)
334

335 336 337 338
        project.add_master(master)
        project.add_reporter(reporter)
        project.add_guest(promoted_guest)
        project.add_guest(guest)
339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369

        group = create(:group)
        group_developer = create(:user)
        second_developer = create(:user)
        project.project_group_links.create(
          group: group,
          group_access: Gitlab::Access::DEVELOPER)

        group.add_master(promoted_guest)
        group.add_developer(group_developer)
        group.add_developer(second_developer)

        second_group = create(:group)
        project.project_group_links.create(
          group: second_group,
          group_access: Gitlab::Access::MASTER)
        second_group.add_master(second_developer)

        users = [master, reporter, promoted_guest, guest, group_developer, second_developer].map(&:id)

        expected = {
          master.id => Gitlab::Access::MASTER,
          reporter.id => Gitlab::Access::REPORTER,
          promoted_guest.id => Gitlab::Access::DEVELOPER,
          guest.id => Gitlab::Access::GUEST,
          group_developer.id => Gitlab::Access::DEVELOPER,
          second_developer.id => Gitlab::Access::MASTER
        }

        expect(project.team.max_member_access_for_user_ids(users)).to eq(expected)
      end
370 371
    end
  end
372 373 374 375 376 377 378 379

  describe '#max_member_access_for_users with RequestStore' do
    it_behaves_like "#max_member_access_for_users", true
  end

  describe '#max_member_access_for_users without RequestStore' do
    it_behaves_like "#max_member_access_for_users", false
  end
380
end