2019-04-11 08:17:24 -04:00
|
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
2016-03-16 18:44:33 -04:00
|
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
2020-06-24 11:08:50 -04:00
|
|
|
|
RSpec.describe Groups::CreateService, '#execute' do
|
2016-12-26 04:56:19 -05:00
|
|
|
|
let!(:user) { create(:user) }
|
2016-03-18 08:28:16 -04:00
|
|
|
|
let!(:group_params) { { path: "group_path", visibility_level: Gitlab::VisibilityLevel::PUBLIC } }
|
2016-03-16 18:44:33 -04:00
|
|
|
|
|
2017-02-03 05:29:56 -05:00
|
|
|
|
subject { service.execute }
|
|
|
|
|
|
|
2016-12-26 04:56:19 -05:00
|
|
|
|
describe 'visibility level restrictions' do
|
|
|
|
|
|
let!(:service) { described_class.new(user, group_params) }
|
|
|
|
|
|
|
2016-03-16 18:44:33 -04:00
|
|
|
|
context "create groups without restricted visibility level" do
|
2016-03-17 18:42:46 -04:00
|
|
|
|
it { is_expected.to be_persisted }
|
2016-03-16 18:44:33 -04:00
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
context "cannot create group with restricted visibility level" do
|
2017-06-14 14:18:56 -04:00
|
|
|
|
before do
|
|
|
|
|
|
allow_any_instance_of(ApplicationSetting).to receive(:restricted_visibility_levels).and_return([Gitlab::VisibilityLevel::PUBLIC])
|
|
|
|
|
|
end
|
2016-12-26 04:56:19 -05:00
|
|
|
|
|
2016-05-23 19:37:59 -04:00
|
|
|
|
it { is_expected.not_to be_persisted }
|
2016-03-16 18:44:33 -04:00
|
|
|
|
end
|
|
|
|
|
|
end
|
2016-12-26 04:56:19 -05:00
|
|
|
|
|
2021-11-18 10:10:19 -05:00
|
|
|
|
context 'when `setup_for_company:true` is passed' do
|
|
|
|
|
|
let(:params) { group_params.merge(setup_for_company: true) }
|
|
|
|
|
|
let(:service) { described_class.new(user, params) }
|
|
|
|
|
|
let(:created_group) { service.execute }
|
|
|
|
|
|
|
|
|
|
|
|
it 'creates group with the specified setup_for_company' do
|
|
|
|
|
|
expect(created_group.setup_for_company).to eq(true)
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
|
2020-04-24 05:09:44 -04:00
|
|
|
|
context 'creating a group with `default_branch_protection` attribute' do
|
|
|
|
|
|
let(:params) { group_params.merge(default_branch_protection: Gitlab::Access::PROTECTION_NONE) }
|
|
|
|
|
|
let(:service) { described_class.new(user, params) }
|
|
|
|
|
|
let(:created_group) { service.execute }
|
|
|
|
|
|
|
|
|
|
|
|
context 'for users who have the ability to create a group with `default_branch_protection`' do
|
|
|
|
|
|
it 'creates group with the specified branch protection level' do
|
|
|
|
|
|
expect(created_group.default_branch_protection).to eq(Gitlab::Access::PROTECTION_NONE)
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
context 'for users who do not have the ability to create a group with `default_branch_protection`' do
|
|
|
|
|
|
it 'does not create the group with the specified branch protection level' do
|
|
|
|
|
|
allow(Ability).to receive(:allowed?).and_call_original
|
|
|
|
|
|
allow(Ability).to receive(:allowed?).with(user, :create_group_with_default_branch_protection) { false }
|
|
|
|
|
|
|
|
|
|
|
|
expect(created_group.default_branch_protection).not_to eq(Gitlab::Access::PROTECTION_NONE)
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
2020-10-15 17:09:12 -04:00
|
|
|
|
|
|
|
|
|
|
context 'creating a group with `allow_mfa_for_subgroups` attribute' do
|
|
|
|
|
|
let(:params) { group_params.merge(allow_mfa_for_subgroups: false) }
|
|
|
|
|
|
let(:service) { described_class.new(user, params) }
|
|
|
|
|
|
|
|
|
|
|
|
it 'creates group without error' do
|
|
|
|
|
|
expect(service.execute).to be_persisted
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
2020-04-24 05:09:44 -04:00
|
|
|
|
|
2017-09-07 14:35:45 -04:00
|
|
|
|
describe 'creating a top level group' do
|
|
|
|
|
|
let(:service) { described_class.new(user, group_params) }
|
|
|
|
|
|
|
|
|
|
|
|
context 'when user can create a group' do
|
|
|
|
|
|
before do
|
|
|
|
|
|
user.update_attribute(:can_create_group, true)
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
it { is_expected.to be_persisted }
|
2021-01-11 07:10:41 -05:00
|
|
|
|
|
|
|
|
|
|
it 'adds an onboarding progress record' do
|
|
|
|
|
|
expect { subject }.to change(OnboardingProgress, :count).from(0).to(1)
|
|
|
|
|
|
end
|
2017-09-07 14:35:45 -04:00
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
context 'when user can not create a group' do
|
|
|
|
|
|
before do
|
|
|
|
|
|
user.update_attribute(:can_create_group, false)
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
it { is_expected.not_to be_persisted }
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
|
2019-07-24 05:20:54 -04:00
|
|
|
|
describe 'creating subgroup' do
|
2016-12-26 04:56:19 -05:00
|
|
|
|
let!(:group) { create(:group) }
|
|
|
|
|
|
let!(:service) { described_class.new(user, group_params.merge(parent_id: group.id)) }
|
|
|
|
|
|
|
|
|
|
|
|
context 'as group owner' do
|
2017-06-14 14:18:56 -04:00
|
|
|
|
before do
|
|
|
|
|
|
group.add_owner(user)
|
|
|
|
|
|
end
|
2016-12-26 04:56:19 -05:00
|
|
|
|
|
|
|
|
|
|
it { is_expected.to be_persisted }
|
2021-01-11 07:10:41 -05:00
|
|
|
|
|
|
|
|
|
|
it 'does not add an onboarding progress record' do
|
|
|
|
|
|
expect { subject }.not_to change(OnboardingProgress, :count).from(0)
|
|
|
|
|
|
end
|
2019-07-24 05:20:54 -04:00
|
|
|
|
end
|
2017-08-09 06:58:00 -04:00
|
|
|
|
|
2019-07-24 05:20:54 -04:00
|
|
|
|
context 'as guest' do
|
|
|
|
|
|
it 'does not save group and returns an error' do
|
|
|
|
|
|
is_expected.not_to be_persisted
|
2017-08-09 06:58:00 -04:00
|
|
|
|
|
2019-12-12 07:07:33 -05:00
|
|
|
|
expect(subject.errors[:parent_id].first).to eq(s_('CreateGroup|You don’t have permission to create a subgroup in this group.'))
|
2019-07-24 05:20:54 -04:00
|
|
|
|
expect(subject.parent_id).to be_nil
|
2017-08-09 06:58:00 -04:00
|
|
|
|
end
|
2016-12-26 04:56:19 -05:00
|
|
|
|
end
|
|
|
|
|
|
|
2019-07-24 05:20:54 -04:00
|
|
|
|
context 'as owner' do
|
2017-09-07 14:35:45 -04:00
|
|
|
|
before do
|
2019-07-24 05:20:54 -04:00
|
|
|
|
group.add_owner(user)
|
2017-09-07 14:35:45 -04:00
|
|
|
|
end
|
|
|
|
|
|
|
2019-07-24 05:20:54 -04:00
|
|
|
|
it { is_expected.to be_persisted }
|
|
|
|
|
|
end
|
2017-08-09 06:58:00 -04:00
|
|
|
|
|
2019-07-24 05:20:54 -04:00
|
|
|
|
context 'as maintainer' do
|
|
|
|
|
|
before do
|
|
|
|
|
|
group.add_maintainer(user)
|
2016-12-26 04:56:19 -05:00
|
|
|
|
end
|
2019-06-16 14:07:17 -04:00
|
|
|
|
|
2019-07-24 05:20:54 -04:00
|
|
|
|
it { is_expected.to be_persisted }
|
2016-12-26 04:56:19 -05:00
|
|
|
|
end
|
|
|
|
|
|
end
|
2017-02-03 05:29:56 -05:00
|
|
|
|
|
2019-04-12 01:00:50 -04:00
|
|
|
|
describe "when visibility level is passed as a string" do
|
|
|
|
|
|
let(:service) { described_class.new(user, group_params) }
|
|
|
|
|
|
let(:group_params) { { path: 'group_path', visibility: 'public' } }
|
|
|
|
|
|
|
|
|
|
|
|
it "assigns the correct visibility level" do
|
|
|
|
|
|
group = service.execute
|
|
|
|
|
|
|
|
|
|
|
|
expect(group.visibility_level).to eq(Gitlab::VisibilityLevel::PUBLIC)
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
|
2017-02-03 05:29:56 -05:00
|
|
|
|
describe 'creating a mattermost team' do
|
2017-02-24 07:25:42 -05:00
|
|
|
|
let!(:params) { group_params.merge(create_chat_team: "true") }
|
2017-02-03 05:29:56 -05:00
|
|
|
|
let!(:service) { described_class.new(user, params) }
|
|
|
|
|
|
|
2017-02-24 07:25:42 -05:00
|
|
|
|
before do
|
2017-03-28 08:12:32 -04:00
|
|
|
|
stub_mattermost_setting(enabled: true)
|
2017-02-24 07:25:42 -05:00
|
|
|
|
end
|
|
|
|
|
|
|
2017-02-20 07:41:50 -05:00
|
|
|
|
it 'create the chat team with the group' do
|
2021-05-31 23:10:06 -04:00
|
|
|
|
allow_any_instance_of(::Mattermost::Team).to receive(:create)
|
2017-02-20 07:41:50 -05:00
|
|
|
|
.and_return({ 'name' => 'tanuki', 'id' => 'lskdjfwlekfjsdifjj' })
|
|
|
|
|
|
|
|
|
|
|
|
expect { subject }.to change { ChatTeam.count }.from(0).to(1)
|
|
|
|
|
|
end
|
2017-02-03 05:29:56 -05:00
|
|
|
|
end
|
2020-07-16 11:09:38 -04:00
|
|
|
|
|
|
|
|
|
|
describe 'creating a setting record' do
|
|
|
|
|
|
let(:service) { described_class.new(user, group_params) }
|
|
|
|
|
|
|
|
|
|
|
|
it 'create the settings record connected to the group' do
|
|
|
|
|
|
group = subject
|
|
|
|
|
|
expect(group.namespace_settings).to be_persisted
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
2020-09-28 02:09:56 -04:00
|
|
|
|
|
|
|
|
|
|
describe 'create service for the group' do
|
|
|
|
|
|
let(:service) { described_class.new(user, group_params) }
|
|
|
|
|
|
let(:created_group) { service.execute }
|
|
|
|
|
|
|
|
|
|
|
|
context 'with an active instance-level integration' do
|
2021-06-18 17:10:06 -04:00
|
|
|
|
let!(:instance_integration) { create(:prometheus_integration, :instance, api_url: 'https://prometheus.instance.com/') }
|
2020-09-28 02:09:56 -04:00
|
|
|
|
|
|
|
|
|
|
it 'creates a service from the instance-level integration' do
|
2021-05-12 08:10:24 -04:00
|
|
|
|
expect(created_group.integrations.count).to eq(1)
|
|
|
|
|
|
expect(created_group.integrations.first.api_url).to eq(instance_integration.api_url)
|
|
|
|
|
|
expect(created_group.integrations.first.inherit_from_id).to eq(instance_integration.id)
|
2020-09-28 02:09:56 -04:00
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
context 'with an active group-level integration' do
|
|
|
|
|
|
let(:service) { described_class.new(user, group_params.merge(parent_id: group.id)) }
|
2021-11-12 01:10:23 -05:00
|
|
|
|
let!(:group_integration) { create(:prometheus_integration, :group, group: group, api_url: 'https://prometheus.group.com/') }
|
2020-09-28 02:09:56 -04:00
|
|
|
|
let(:group) do
|
|
|
|
|
|
create(:group).tap do |group|
|
|
|
|
|
|
group.add_owner(user)
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
it 'creates a service from the group-level integration' do
|
2021-05-12 08:10:24 -04:00
|
|
|
|
expect(created_group.integrations.count).to eq(1)
|
|
|
|
|
|
expect(created_group.integrations.first.api_url).to eq(group_integration.api_url)
|
|
|
|
|
|
expect(created_group.integrations.first.inherit_from_id).to eq(group_integration.id)
|
2020-09-28 02:09:56 -04:00
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
context 'with an active subgroup' do
|
|
|
|
|
|
let(:service) { described_class.new(user, group_params.merge(parent_id: subgroup.id)) }
|
2021-11-12 01:10:23 -05:00
|
|
|
|
let!(:subgroup_integration) { create(:prometheus_integration, :group, group: subgroup, api_url: 'https://prometheus.subgroup.com/') }
|
2020-09-28 02:09:56 -04:00
|
|
|
|
let(:subgroup) do
|
|
|
|
|
|
create(:group, parent: group).tap do |subgroup|
|
|
|
|
|
|
subgroup.add_owner(user)
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
it 'creates a service from the subgroup-level integration' do
|
2021-05-12 08:10:24 -04:00
|
|
|
|
expect(created_group.integrations.count).to eq(1)
|
|
|
|
|
|
expect(created_group.integrations.first.api_url).to eq(subgroup_integration.api_url)
|
|
|
|
|
|
expect(created_group.integrations.first.inherit_from_id).to eq(subgroup_integration.id)
|
2020-09-28 02:09:56 -04:00
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
2020-09-30 11:09:46 -04:00
|
|
|
|
|
|
|
|
|
|
context 'shared runners configuration' do
|
|
|
|
|
|
context 'parent group present' do
|
|
|
|
|
|
using RSpec::Parameterized::TableSyntax
|
|
|
|
|
|
|
|
|
|
|
|
where(:shared_runners_config, :descendants_override_disabled_shared_runners_config) do
|
|
|
|
|
|
true | false
|
|
|
|
|
|
false | false
|
|
|
|
|
|
# true | true # invalid at the group level, leaving as comment to make explicit
|
|
|
|
|
|
false | true
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
with_them do
|
|
|
|
|
|
let!(:group) { create(:group, shared_runners_enabled: shared_runners_config, allow_descendants_override_disabled_shared_runners: descendants_override_disabled_shared_runners_config) }
|
|
|
|
|
|
let!(:service) { described_class.new(user, group_params.merge(parent_id: group.id)) }
|
|
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
|
group.add_owner(user)
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
it 'creates group following the parent config' do
|
|
|
|
|
|
new_group = service.execute
|
|
|
|
|
|
|
|
|
|
|
|
expect(new_group.shared_runners_enabled).to eq(shared_runners_config)
|
|
|
|
|
|
expect(new_group.allow_descendants_override_disabled_shared_runners).to eq(descendants_override_disabled_shared_runners_config)
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
context 'root group' do
|
|
|
|
|
|
let!(:service) { described_class.new(user) }
|
|
|
|
|
|
|
|
|
|
|
|
it 'follows default config' do
|
|
|
|
|
|
new_group = service.execute
|
|
|
|
|
|
|
|
|
|
|
|
expect(new_group.shared_runners_enabled).to eq(true)
|
|
|
|
|
|
expect(new_group.allow_descendants_override_disabled_shared_runners).to eq(false)
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
2021-11-09 04:10:06 -05:00
|
|
|
|
|
|
|
|
|
|
describe 'invite team email' do
|
|
|
|
|
|
let(:service) { described_class.new(user, group_params) }
|
|
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
|
allow(Namespaces::InviteTeamEmailWorker).to receive(:perform_in)
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
it 'is sent' do
|
|
|
|
|
|
group = service.execute
|
|
|
|
|
|
delay = Namespaces::InviteTeamEmailService::DELIVERY_DELAY_IN_MINUTES
|
|
|
|
|
|
expect(Namespaces::InviteTeamEmailWorker).to have_received(:perform_in).with(delay, group.id, user.id)
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
context 'when group has not been persisted' do
|
|
|
|
|
|
let(:service) { described_class.new(user, group_params.merge(name: '<script>alert("Attack!")</script>')) }
|
|
|
|
|
|
|
|
|
|
|
|
it 'not sent' do
|
|
|
|
|
|
expect(Namespaces::InviteTeamEmailWorker).not_to receive(:perform_in)
|
|
|
|
|
|
service.execute
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
context 'when group is not root' do
|
|
|
|
|
|
let(:parent_group) { create :group }
|
|
|
|
|
|
let(:service) { described_class.new(user, group_params.merge(parent_id: parent_group.id)) }
|
|
|
|
|
|
|
|
|
|
|
|
before do
|
|
|
|
|
|
parent_group.add_owner(user)
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
it 'not sent' do
|
|
|
|
|
|
expect(Namespaces::InviteTeamEmailWorker).not_to receive(:perform_in)
|
|
|
|
|
|
service.execute
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
|
|
|
|
|
end
|
2016-03-16 18:44:33 -04:00
|
|
|
|
end
|
