BigW Consortium Gitlab

Commit 68faad16 by Douwe Maan Committed by Dmitriy Zaporozhets

Don't allow a project to be shared with an ancestor of the group it is in

parent 71fbbc9d
...@@ -33,8 +33,15 @@ class ProjectGroupLink < ActiveRecord::Base ...@@ -33,8 +33,15 @@ class ProjectGroupLink < ActiveRecord::Base
private private
def different_group def different_group
if self.group && self.project && self.project.group == self.group return unless self.group && self.project
errors.add(:base, "Project cannot be shared with the project it is in.")
project_group = self.project.group
return unless project_group
group_ids = project_group.ancestors.map(&:id).push(project_group.id)
if group_ids.include?(self.group.id)
errors.add(:base, "Project cannot be shared with the group it is in or one of its ancestors.")
end end
end end
......
...@@ -7,12 +7,27 @@ describe ProjectGroupLink do ...@@ -7,12 +7,27 @@ describe ProjectGroupLink do
end end
describe "Validation" do describe "Validation" do
let!(:project_group_link) { create(:project_group_link) } let(:parent_group) { create(:group) }
let(:group) { create(:group, parent: parent_group) }
let(:project) { create(:project, group: group) }
let!(:project_group_link) { create(:project_group_link, project: project) }
it { should validate_presence_of(:project_id) } it { should validate_presence_of(:project_id) }
it { should validate_uniqueness_of(:group_id).scoped_to(:project_id).with_message(/already shared/) } it { should validate_uniqueness_of(:group_id).scoped_to(:project_id).with_message(/already shared/) }
it { should validate_presence_of(:group) } it { should validate_presence_of(:group) }
it { should validate_presence_of(:group_access) } it { should validate_presence_of(:group_access) }
it "doesn't allow a project to be shared with the group it is in" do
project_group_link.group = group
expect(project_group_link).not_to be_valid
end
it "doesn't allow a project to be shared with an ancestor of the group it is in" do
project_group_link.group = parent_group
expect(project_group_link).not_to be_valid
end
end end
describe "destroying a record", truncate: true do describe "destroying a record", truncate: true do
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment