BigW Consortium Gitlab

autocomplete_controller_spec.rb 8.3 KB
Newer Older
1 2 3
require 'spec_helper'

describe AutocompleteController do
4
  let!(:project) { create(:empty_project) }
5
  let!(:user) { create(:user) }
6

7
  context 'GET users' do
8 9
    let!(:user2) { create(:user) }
    let!(:non_member) { create(:user) }
10

11
    context 'project members' do
12
      before do
13
        sign_in(user)
14
        project.add_master(user)
15 16
      end

17 18 19 20
      describe 'GET #users with project ID' do
        before do
          get(:users, project_id: project.id)
        end
21

22
        let(:body) { JSON.parse(response.body) }
23

24 25 26
        it { expect(body).to be_kind_of(Array) }
        it { expect(body.size).to eq 1 }
        it { expect(body.map { |u| u["username"] }).to include(user.username) }
27 28
      end

29 30 31 32
      describe 'GET #users with unknown project' do
        before do
          get(:users, project_id: 'unknown')
        end
33

34 35
        it { expect(response).to have_http_status(404) }
      end
36 37
    end

38 39
    context 'group members' do
      let(:group) { create(:group) }
40

41
      before do
42 43
        sign_in(user)
        group.add_owner(user)
44 45
      end

46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64
      let(:body) { JSON.parse(response.body) }

      describe 'GET #users with group ID' do
        before do
          get(:users, group_id: group.id)
        end

        it { expect(body).to be_kind_of(Array) }
        it { expect(body.size).to eq 1 }
        it { expect(body.first["username"]).to eq user.username }
      end

      describe 'GET #users with unknown group ID' do
        before do
          get(:users, group_id: 'unknown')
        end

        it { expect(response).to have_http_status(404) }
      end
65 66
    end

67 68 69
    context 'non-member login for public project' do
      let!(:project) { create(:project, :public) }

70
      before do
71
        sign_in(non_member)
72
        project.add_master(user)
73 74
      end

75
      let(:body) { JSON.parse(response.body) }
76

77 78 79 80
      describe 'GET #users with project ID' do
        before do
          get(:users, project_id: project.id, current_user: true)
        end
81

82 83 84 85
        it { expect(body).to be_kind_of(Array) }
        it { expect(body.size).to eq 2 }
        it { expect(body.map { |u| u['username'] }).to match_array([user.username, non_member.username]) }
      end
86 87
    end

88
    context 'all users' do
89
      before do
90 91
        sign_in(user)
        get(:users)
92 93
      end

94 95
      let(:body) { JSON.parse(response.body) }

96
      it { expect(body).to be_kind_of(Array) }
97
      it { expect(body.size).to eq User.count }
98 99
    end

100 101 102
    context 'unauthenticated user' do
      let(:public_project) { create(:project, :public) }
      let(:body) { JSON.parse(response.body) }
103

104 105
      describe 'GET #users with public project' do
        before do
106
          public_project.add_guest(user)
107 108
          get(:users, project_id: public_project.id)
        end
109

110 111 112
        it { expect(body).to be_kind_of(Array) }
        it { expect(body.size).to eq 1 }
      end
113

114 115 116 117
      describe 'GET #users with project' do
        before do
          get(:users, project_id: project.id)
        end
118

119
        it { expect(response).to have_http_status(404) }
120 121
      end

122 123 124 125
      describe 'GET #users with unknown project' do
        before do
          get(:users, project_id: 'unknown')
        end
126

127
        it { expect(response).to have_http_status(404) }
128 129
      end

130 131
      describe 'GET #users with inaccessible group' do
        before do
132
          project.add_guest(user)
133 134
          get(:users, group_id: user.namespace.id)
        end
135

136
        it { expect(response).to have_http_status(404) }
137 138
      end

139 140 141 142 143 144 145 146
      describe 'GET #users with no project' do
        before do
          get(:users)
        end

        it { expect(body).to be_kind_of(Array) }
        it { expect(body.size).to eq 0 }
      end
147 148 149 150 151 152 153 154 155

      describe 'GET #users with todo filter' do
        it 'gives an array of users' do
          get :users, todo_filter: true

          expect(response.status).to eq 200
          expect(body).to be_kind_of(Array)
        end
      end
156 157
    end

158
    context 'author of issuable included' do
159
      before do
160
        sign_in(user)
161 162
      end

163
      let(:body) { JSON.parse(response.body) }
164

165 166 167 168
      it 'includes the author' do
        get(:users, author_id: non_member.id)

        expect(body.first["username"]).to eq non_member.username
169 170
      end

171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188
      it 'rejects non existent user ids' do
        get(:users, author_id: 99999)

        expect(body.collect { |u| u['id'] }).not_to include(99999)
      end
    end

    context 'skip_users parameter included' do
      before { sign_in(user) }

      it 'skips the user IDs passed' do
        get(:users, skip_users: [user, user2].map(&:id))

        other_user_ids    = [non_member, project.owner, project.creator].map(&:id)
        response_user_ids = JSON.parse(response.body).map { |user| user['id'] }

        expect(response_user_ids).to contain_exactly(*other_user_ids)
      end
189 190
    end
  end
191

192
  context 'GET projects' do
193 194 195
    let(:authorized_project) { create(:project) }
    let(:authorized_search_project) { create(:project, name: 'rugged') }

196 197
    before do
      sign_in(user)
198
      project.add_master(user)
199 200
    end

201 202
    context 'authorized projects' do
      before do
203
        authorized_project.add_master(user)
204 205 206 207 208 209 210 211 212 213 214 215
      end

      describe 'GET #projects with project ID' do
        before do
          get(:projects, project_id: project.id)
        end

        let(:body) { JSON.parse(response.body) }

        it do
          expect(body).to be_kind_of(Array)
          expect(body.size).to eq 2
216

217 218
          expect(body.first['id']).to eq 0
          expect(body.first['name_with_namespace']).to eq 'No project'
219

220 221 222 223
          expect(body.last['id']).to eq authorized_project.id
          expect(body.last['name_with_namespace']).to eq authorized_project.name_with_namespace
        end
      end
224
    end
225

226 227
    context 'authorized projects and search' do
      before do
228 229
        authorized_project.add_master(user)
        authorized_search_project.add_master(user)
230 231 232 233 234 235 236 237
      end

      describe 'GET #projects with project ID and search' do
        before do
          get(:projects, project_id: project.id, search: 'rugged')
        end

        let(:body) { JSON.parse(response.body) }
238

239 240 241 242 243 244 245 246
        it do
          expect(body).to be_kind_of(Array)
          expect(body.size).to eq 2

          expect(body.last['id']).to eq authorized_search_project.id
          expect(body.last['name_with_namespace']).to eq authorized_search_project.name_with_namespace
        end
      end
247
    end
248

249 250 251 252 253
    context 'authorized projects apply limit' do
      before do
        authorized_project2 = create(:project)
        authorized_project3 = create(:project)

254 255 256
        authorized_project.add_master(user)
        authorized_project2.add_master(user)
        authorized_project3.add_master(user)
257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279

        stub_const 'MoveToProjectFinder::PAGE_SIZE', 2
      end

      describe 'GET #projects with project ID' do
        before do
          get(:projects, project_id: project.id)
        end

        let(:body) { JSON.parse(response.body) }

        it do
          expect(body).to be_kind_of(Array)
          expect(body.size).to eq 3 # Of a total of 4
        end
      end
    end

    context 'authorized projects with offset' do
      before do
        authorized_project2 = create(:project)
        authorized_project3 = create(:project)

280 281 282
        authorized_project.add_master(user)
        authorized_project2.add_master(user)
        authorized_project3.add_master(user)
283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298
      end

      describe 'GET #projects with project ID and offset_id' do
        before do
          get(:projects, project_id: project.id, offset_id: authorized_project.id)
        end

        let(:body) { JSON.parse(response.body) }

        it do
          expect(body.detect { |item| item['id'] == 0 }).to be_nil # 'No project' is not there
          expect(body.detect { |item| item['id'] == authorized_project.id }).to be_nil # Offset project is not there either
        end
      end
    end

299 300
    context 'authorized projects without admin_issue ability' do
      before(:each) do
301
        authorized_project.add_guest(user)
302 303 304

        expect(user.can?(:admin_issue, authorized_project)).to eq(false)
      end
305

306 307 308 309
      describe 'GET #projects with project ID' do
        before do
          get(:projects, project_id: project.id)
        end
310

311
        let(:body) { JSON.parse(response.body) }
312

313 314 315 316 317 318 319
        it do
          expect(body).to be_kind_of(Array)
          expect(body.size).to eq 1 # 'No project'

          expect(body.first['id']).to eq 0
        end
      end
320 321
    end
  end
322
end