BigW Consortium Gitlab

Commit 8b830b8c by Felipe Artur

Fix specs

parent b959ae55
...@@ -969,8 +969,9 @@ class Project < ActiveRecord::Base ...@@ -969,8 +969,9 @@ class Project < ActiveRecord::Base
end end
def visibility_level_allowed?(level = self.visibility_level) def visibility_level_allowed?(level = self.visibility_level)
allowed_by_forks = if forked? allowed_by_forks = if forked? && forked_project_link.forked_from_project_id.present?
Gitlab::VisibilityLevel.allowed_fork_levels(forked_from_project.visibility_level).include?(level) from_project = eager_load_forked_from_project
Gitlab::VisibilityLevel.allowed_fork_levels(from_project.visibility_level).include?(level)
else else
true true
end end
...@@ -980,6 +981,11 @@ class Project < ActiveRecord::Base ...@@ -980,6 +981,11 @@ class Project < ActiveRecord::Base
allowed_by_forks && allowed_by_groups allowed_by_forks && allowed_by_groups
end end
#Necessary to retrieve many-to-many associations on new forks before validating visibility level
def eager_load_forked_from_project
Project.find(forked_project_link.forked_from_project_id)
end
def runners_token def runners_token
ensure_runners_token! ensure_runners_token!
end end
......
...@@ -10,7 +10,10 @@ module Projects ...@@ -10,7 +10,10 @@ module Projects
@project = Project.new(params) @project = Project.new(params)
# Make sure that the user is allowed to use the specified visibility level # Make sure that the user is allowed to use the specified visibility level
return @project unless visibility_level_allowed? unless visibility_level_allowed?
deny_visibility_level(@project)
return @project
end
# Set project name from path # Set project name from path
if @project.name.present? && @project.path.present? if @project.name.present? && @project.path.present?
......
...@@ -38,7 +38,7 @@ module SharedGroup ...@@ -38,7 +38,7 @@ module SharedGroup
def is_member_of(username, groupname, role) def is_member_of(username, groupname, role)
@project_count ||= 0 @project_count ||= 0
user = User.find_by(name: username) || create(:user, name: username) user = User.find_by(name: username) || create(:user, name: username)
group = Group.find_by(name: groupname) || create(:group, name: groupname) group = Group.find_by(name: groupname) || create(:group, name: groupname, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
group.add_user(user, role) group.add_user(user, role)
project ||= create(:project, namespace: group, path: "project#{@project_count}") project ||= create(:project, namespace: group, path: "project#{@project_count}")
create(:closed_issue_event, project: project) create(:closed_issue_event, project: project)
...@@ -47,6 +47,6 @@ module SharedGroup ...@@ -47,6 +47,6 @@ module SharedGroup
end end
def owned_group def owned_group
@owned_group ||= Group.find_by(name: "Owned") @owned_group ||= Group.find_by(name: "Owned", visibility_level: Gitlab::VisibilityLevel::PUBLIC)
end end
end end
...@@ -15,7 +15,7 @@ describe NamespacesController do ...@@ -15,7 +15,7 @@ describe NamespacesController do
end end
context "when the namespace belongs to a group" do context "when the namespace belongs to a group" do
let!(:group) { create(:group) } let!(:group) { create(:group, visibility_level: Gitlab::VisibilityLevel::PUBLIC) }
let!(:project) { create(:project, namespace: group) } let!(:project) { create(:project, namespace: group) }
context "when the group has public projects" do context "when the group has public projects" do
......
...@@ -30,7 +30,7 @@ describe UploadsController do ...@@ -30,7 +30,7 @@ describe UploadsController do
end end
end end
end end
context "when not signed in" do context "when not signed in" do
it "responds with status 200" do it "responds with status 200" do
get :show, model: "user", mounted_as: "avatar", id: user.id, filename: "image.png" get :show, model: "user", mounted_as: "avatar", id: user.id, filename: "image.png"
...@@ -126,11 +126,12 @@ describe UploadsController do ...@@ -126,11 +126,12 @@ describe UploadsController do
end end
context "when viewing a group avatar" do context "when viewing a group avatar" do
let!(:group) { create(:group, avatar: fixture_file_upload(Rails.root + "spec/fixtures/dk.png", "image/png")) } let!(:group) { create(:group, avatar: fixture_file_upload(Rails.root + "spec/fixtures/dk.png", "image/png")) }
let!(:project) { create(:project, namespace: group) } let!(:project) { create(:project, namespace: group) }
context "when the group has public projects" do context "when the group has public projects" do
before do before do
group.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PUBLIC)
project.update_attribute(:visibility_level, Project::PUBLIC) project.update_attribute(:visibility_level, Project::PUBLIC)
end end
......
...@@ -12,25 +12,25 @@ feature 'Project', feature: true do ...@@ -12,25 +12,25 @@ feature 'Project', feature: true do
it 'parses Markdown' do it 'parses Markdown' do
project.update_attribute(:description, 'This is **my** project') project.update_attribute(:description, 'This is **my** project')
visit path visit path
expect(page).to have_css('.project-home-desc > p > strong') expect(page).to have_css('.cover-title > p > strong')
end end
it 'passes through html-pipeline' do it 'passes through html-pipeline' do
project.update_attribute(:description, 'This project is the :poop:') project.update_attribute(:description, 'This project is the :poop:')
visit path visit path
expect(page).to have_css('.project-home-desc > p > img') expect(page).to have_css('.cover-title > p > img')
end end
it 'sanitizes unwanted tags' do it 'sanitizes unwanted tags' do
project.update_attribute(:description, "```\ncode\n```") project.update_attribute(:description, "```\ncode\n```")
visit path visit path
expect(page).not_to have_css('.project-home-desc code') expect(page).not_to have_css('.cover-title code')
end end
it 'permits `rel` attribute on links' do it 'permits `rel` attribute on links' do
project.update_attribute(:description, 'https://google.com/') project.update_attribute(:description, 'https://google.com/')
visit path visit path
expect(page).to have_css('.project-home-desc a[rel]') expect(page).to have_css('.cover-title a[rel]')
end end
end end
......
...@@ -4,7 +4,7 @@ describe 'Group access', feature: true do ...@@ -4,7 +4,7 @@ describe 'Group access', feature: true do
include AccessMatchers include AccessMatchers
def group def group
@group ||= create(:group) @group ||= create(:group, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
end end
def create_project(access_level) def create_project(access_level)
......
...@@ -3,7 +3,7 @@ require 'spec_helper' ...@@ -3,7 +3,7 @@ require 'spec_helper'
describe ProjectsFinder do describe ProjectsFinder do
describe '#execute' do describe '#execute' do
let(:user) { create(:user) } let(:user) { create(:user) }
let(:group) { create(:group) } let(:group) { create(:group, visibility_level: Gitlab::VisibilityLevel::PUBLIC) }
let!(:private_project) do let!(:private_project) do
create(:project, :private, name: 'A', path: 'A') create(:project, :private, name: 'A', path: 'A')
......
...@@ -3,7 +3,7 @@ require 'spec_helper' ...@@ -3,7 +3,7 @@ require 'spec_helper'
describe SnippetsFinder do describe SnippetsFinder do
let(:user) { create :user } let(:user) { create :user }
let(:user1) { create :user } let(:user1) { create :user }
let(:group) { create :group } let(:group) { create :group, visibility_level: Gitlab::VisibilityLevel::PUBLIC }
let(:project1) { create(:empty_project, :public, group: group) } let(:project1) { create(:empty_project, :public, group: group) }
let(:project2) { create(:empty_project, :private, group: group) } let(:project2) { create(:empty_project, :private, group: group) }
......
...@@ -442,7 +442,7 @@ describe Project, models: true do ...@@ -442,7 +442,7 @@ describe Project, models: true do
end end
describe '.trending' do describe '.trending' do
let(:group) { create(:group) } let(:group) { create(:group, :public) }
let(:project1) { create(:empty_project, :public, group: group) } let(:project1) { create(:empty_project, :public, group: group) }
let(:project2) { create(:empty_project, :public, group: group) } let(:project2) { create(:empty_project, :public, group: group) }
......
...@@ -275,6 +275,7 @@ describe API::API, api: true do ...@@ -275,6 +275,7 @@ describe API::API, api: true do
it 'should not allow a non-admin to use a restricted visibility level' do it 'should not allow a non-admin to use a restricted visibility level' do
post api('/projects', user), @project post api('/projects', user), @project
expect(response.status).to eq(400) expect(response.status).to eq(400)
expect(json_response['message']['visibility_level'].first).to( expect(json_response['message']['visibility_level'].first).to(
match('restricted by your GitLab administrator') match('restricted by your GitLab administrator')
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment