2016-04-05 07:29:48 -04:00
|
|
|
require('spec_helper')
|
|
|
|
|
|
|
|
describe Projects::ProjectMembersController do
|
2016-10-19 08:13:59 -04:00
|
|
|
let(:user) { create(:user) }
|
2016-11-11 07:51:50 -05:00
|
|
|
let(:project) { create(:empty_project, :public, :access_requestable) }
|
2016-10-19 08:13:59 -04:00
|
|
|
|
|
|
|
describe 'GET index' do
|
2016-12-26 11:12:24 -05:00
|
|
|
it 'should have the settings/members address with a 302 status code' do
|
2016-10-19 08:13:59 -04:00
|
|
|
get :index, namespace_id: project.namespace, project_id: project
|
2016-04-15 11:04:07 -04:00
|
|
|
|
2016-12-23 13:23:04 -05:00
|
|
|
expect(response).to have_http_status(302)
|
2016-12-26 11:12:24 -05:00
|
|
|
expect(response.location).to include namespace_project_settings_members_path(project.namespace, project)
|
2016-04-15 11:04:07 -04:00
|
|
|
end
|
|
|
|
end
|
2016-04-18 12:53:32 -04:00
|
|
|
|
2016-10-20 03:59:36 -04:00
|
|
|
describe 'POST create' do
|
2016-10-28 06:55:33 -04:00
|
|
|
let(:project_user) { create(:user) }
|
2016-10-20 03:59:36 -04:00
|
|
|
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
sign_in(user)
|
|
|
|
end
|
2016-10-05 15:58:34 -04:00
|
|
|
|
2016-10-28 06:55:33 -04:00
|
|
|
context 'when user does not have enough rights' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
project.team << [user, :developer]
|
|
|
|
end
|
2016-10-05 15:58:34 -04:00
|
|
|
|
2016-10-28 06:55:33 -04:00
|
|
|
it 'returns 404' do
|
|
|
|
post :create, namespace_id: project.namespace,
|
|
|
|
project_id: project,
|
|
|
|
user_ids: project_user.id,
|
|
|
|
access_level: Gitlab::Access::GUEST
|
|
|
|
|
|
|
|
expect(response).to have_http_status(404)
|
|
|
|
expect(project.users).not_to include project_user
|
2016-10-05 15:58:34 -04:00
|
|
|
end
|
2016-10-28 06:55:33 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user has enough rights' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
project.team << [user, :master]
|
|
|
|
end
|
2016-10-28 06:55:33 -04:00
|
|
|
|
|
|
|
it 'adds user to members' do
|
2017-06-06 10:55:12 -04:00
|
|
|
expect_any_instance_of(Members::CreateService).to receive(:execute).and_return(status: :success)
|
2016-10-28 06:55:33 -04:00
|
|
|
|
|
|
|
post :create, namespace_id: project.namespace,
|
|
|
|
project_id: project,
|
|
|
|
user_ids: project_user.id,
|
|
|
|
access_level: Gitlab::Access::GUEST
|
|
|
|
|
|
|
|
expect(response).to set_flash.to 'Users were successfully added.'
|
2016-12-23 13:23:04 -05:00
|
|
|
expect(response).to redirect_to(namespace_project_settings_members_path(project.namespace, project))
|
2016-10-28 06:55:33 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'adds no user to members' do
|
2017-06-06 10:55:12 -04:00
|
|
|
expect_any_instance_of(Members::CreateService).to receive(:execute).and_return(status: :failure, message: 'Message')
|
2016-10-28 06:55:33 -04:00
|
|
|
|
|
|
|
post :create, namespace_id: project.namespace,
|
|
|
|
project_id: project,
|
|
|
|
user_ids: '',
|
|
|
|
access_level: Gitlab::Access::GUEST
|
2016-10-05 15:58:34 -04:00
|
|
|
|
2017-06-06 10:55:12 -04:00
|
|
|
expect(response).to set_flash.to 'Message'
|
2016-12-23 13:23:04 -05:00
|
|
|
expect(response).to redirect_to(namespace_project_settings_members_path(project.namespace, project))
|
2016-10-05 15:58:34 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-10-19 08:13:59 -04:00
|
|
|
describe 'DELETE destroy' do
|
|
|
|
let(:member) { create(:project_member, :developer, project: project) }
|
|
|
|
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
sign_in(user)
|
|
|
|
end
|
2016-04-18 12:53:32 -04:00
|
|
|
|
|
|
|
context 'when member is not found' do
|
|
|
|
it 'returns 404' do
|
|
|
|
delete :destroy, namespace_id: project.namespace,
|
|
|
|
project_id: project,
|
|
|
|
id: 42
|
|
|
|
|
2016-06-27 14:10:42 -04:00
|
|
|
expect(response).to have_http_status(404)
|
2016-04-18 12:53:32 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when member is found' do
|
|
|
|
context 'when user does not have enough rights' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
project.team << [user, :developer]
|
|
|
|
end
|
2016-04-18 12:53:32 -04:00
|
|
|
|
|
|
|
it 'returns 404' do
|
|
|
|
delete :destroy, namespace_id: project.namespace,
|
|
|
|
project_id: project,
|
|
|
|
id: member
|
|
|
|
|
2016-06-27 14:10:42 -04:00
|
|
|
expect(response).to have_http_status(404)
|
2016-10-19 08:13:59 -04:00
|
|
|
expect(project.members).to include member
|
2016-04-18 12:53:32 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user has enough rights' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
project.team << [user, :master]
|
|
|
|
end
|
2016-04-18 12:53:32 -04:00
|
|
|
|
|
|
|
it '[HTML] removes user from members' do
|
|
|
|
delete :destroy, namespace_id: project.namespace,
|
|
|
|
project_id: project,
|
|
|
|
id: member
|
|
|
|
|
|
|
|
expect(response).to redirect_to(
|
2016-12-23 13:23:04 -05:00
|
|
|
namespace_project_settings_members_path(project.namespace, project)
|
2016-04-18 12:53:32 -04:00
|
|
|
)
|
2016-10-19 08:13:59 -04:00
|
|
|
expect(project.members).not_to include member
|
2016-04-18 12:53:32 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
it '[JS] removes user from members' do
|
|
|
|
xhr :delete, :destroy, namespace_id: project.namespace,
|
|
|
|
project_id: project,
|
|
|
|
id: member
|
|
|
|
|
|
|
|
expect(response).to be_success
|
2016-10-19 08:13:59 -04:00
|
|
|
expect(project.members).not_to include member
|
2016-04-18 12:53:32 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-10-19 08:13:59 -04:00
|
|
|
describe 'DELETE leave' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
sign_in(user)
|
|
|
|
end
|
2016-04-18 12:53:32 -04:00
|
|
|
|
|
|
|
context 'when member is not found' do
|
2016-09-09 12:51:31 -04:00
|
|
|
it 'returns 404' do
|
2016-04-18 12:53:32 -04:00
|
|
|
delete :leave, namespace_id: project.namespace,
|
|
|
|
project_id: project
|
|
|
|
|
2016-09-09 12:51:31 -04:00
|
|
|
expect(response).to have_http_status(404)
|
2016-04-18 12:53:32 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when member is found' do
|
|
|
|
context 'and is not an owner' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
project.team << [user, :developer]
|
|
|
|
end
|
2016-04-18 12:53:32 -04:00
|
|
|
|
|
|
|
it 'removes user from members' do
|
|
|
|
delete :leave, namespace_id: project.namespace,
|
|
|
|
project_id: project
|
|
|
|
|
2016-06-02 12:05:06 -04:00
|
|
|
expect(response).to set_flash.to "You left the \"#{project.human_name}\" project."
|
2016-04-18 12:53:32 -04:00
|
|
|
expect(response).to redirect_to(dashboard_projects_path)
|
|
|
|
expect(project.users).not_to include user
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'and is an owner' do
|
2017-01-25 16:44:33 -05:00
|
|
|
let(:project) { create(:empty_project, namespace: user.namespace) }
|
2016-10-19 08:13:59 -04:00
|
|
|
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
project.team << [user, :master]
|
|
|
|
end
|
2016-04-18 12:53:32 -04:00
|
|
|
|
2016-06-02 12:05:06 -04:00
|
|
|
it 'cannot remove himself from the project' do
|
2016-04-18 12:53:32 -04:00
|
|
|
delete :leave, namespace_id: project.namespace,
|
|
|
|
project_id: project
|
|
|
|
|
2016-06-27 14:10:42 -04:00
|
|
|
expect(response).to have_http_status(403)
|
2016-04-18 12:53:32 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'and is a requester' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
project.request_access(user)
|
|
|
|
end
|
2016-04-18 12:53:32 -04:00
|
|
|
|
|
|
|
it 'removes user from members' do
|
|
|
|
delete :leave, namespace_id: project.namespace,
|
|
|
|
project_id: project
|
|
|
|
|
2016-06-02 12:05:06 -04:00
|
|
|
expect(response).to set_flash.to 'Your access request to the project has been withdrawn.'
|
2016-06-17 10:33:10 -04:00
|
|
|
expect(response).to redirect_to(namespace_project_path(project.namespace, project))
|
2016-06-27 10:20:57 -04:00
|
|
|
expect(project.requesters).to be_empty
|
2016-04-18 12:53:32 -04:00
|
|
|
expect(project.users).not_to include user
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-10-19 08:13:59 -04:00
|
|
|
describe 'POST request_access' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
sign_in(user)
|
|
|
|
end
|
2016-04-18 12:53:32 -04:00
|
|
|
|
|
|
|
it 'creates a new ProjectMember that is not a team member' do
|
|
|
|
post :request_access, namespace_id: project.namespace,
|
|
|
|
project_id: project
|
|
|
|
|
|
|
|
expect(response).to set_flash.to 'Your request for access has been queued for review.'
|
|
|
|
expect(response).to redirect_to(
|
|
|
|
namespace_project_path(project.namespace, project)
|
|
|
|
)
|
2016-06-27 10:20:57 -04:00
|
|
|
expect(project.requesters.exists?(user_id: user)).to be_truthy
|
2016-04-18 12:53:32 -04:00
|
|
|
expect(project.users).not_to include user
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-10-19 08:13:59 -04:00
|
|
|
describe 'POST approve' do
|
|
|
|
let(:member) { create(:project_member, :access_request, project: project) }
|
|
|
|
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
sign_in(user)
|
|
|
|
end
|
2016-04-18 12:53:32 -04:00
|
|
|
|
|
|
|
context 'when member is not found' do
|
|
|
|
it 'returns 404' do
|
2016-06-01 12:07:23 -04:00
|
|
|
post :approve_access_request, namespace_id: project.namespace,
|
2016-06-02 12:05:06 -04:00
|
|
|
project_id: project,
|
|
|
|
id: 42
|
2016-04-18 12:53:32 -04:00
|
|
|
|
2016-06-27 14:10:42 -04:00
|
|
|
expect(response).to have_http_status(404)
|
2016-04-18 12:53:32 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when member is found' do
|
|
|
|
context 'when user does not have enough rights' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
project.team << [user, :developer]
|
|
|
|
end
|
2016-04-18 12:53:32 -04:00
|
|
|
|
|
|
|
it 'returns 404' do
|
2016-06-01 12:07:23 -04:00
|
|
|
post :approve_access_request, namespace_id: project.namespace,
|
2016-06-02 12:05:06 -04:00
|
|
|
project_id: project,
|
|
|
|
id: member
|
2016-04-18 12:53:32 -04:00
|
|
|
|
2016-06-27 14:10:42 -04:00
|
|
|
expect(response).to have_http_status(404)
|
2016-10-19 08:13:59 -04:00
|
|
|
expect(project.members).not_to include member
|
2016-04-18 12:53:32 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user has enough rights' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
project.team << [user, :master]
|
|
|
|
end
|
2016-04-18 12:53:32 -04:00
|
|
|
|
|
|
|
it 'adds user to members' do
|
2016-06-01 12:07:23 -04:00
|
|
|
post :approve_access_request, namespace_id: project.namespace,
|
2016-06-02 12:05:06 -04:00
|
|
|
project_id: project,
|
|
|
|
id: member
|
2016-04-18 12:53:32 -04:00
|
|
|
|
|
|
|
expect(response).to redirect_to(
|
2017-04-17 10:44:30 -04:00
|
|
|
namespace_project_settings_members_path(project.namespace, project)
|
2016-04-18 12:53:32 -04:00
|
|
|
)
|
2016-10-19 08:13:59 -04:00
|
|
|
expect(project.members).to include member
|
2016-04-18 12:53:32 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2016-10-19 15:14:57 -04:00
|
|
|
|
|
|
|
describe 'POST apply_import' do
|
2017-01-25 16:44:33 -05:00
|
|
|
let(:another_project) { create(:empty_project, :private) }
|
2016-10-19 15:14:57 -04:00
|
|
|
let(:member) { create(:user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
project.team << [user, :master]
|
|
|
|
another_project.team << [member, :guest]
|
|
|
|
sign_in(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
shared_context 'import applied' do
|
|
|
|
before do
|
|
|
|
post(:apply_import, namespace_id: project.namespace,
|
|
|
|
project_id: project,
|
|
|
|
source_project_id: another_project.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user can access source project members' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
another_project.team << [user, :guest]
|
|
|
|
end
|
|
|
|
|
2016-10-19 15:14:57 -04:00
|
|
|
include_context 'import applied'
|
|
|
|
|
|
|
|
it 'imports source project members' do
|
|
|
|
expect(project.team_members).to include member
|
|
|
|
expect(response).to set_flash.to 'Successfully imported'
|
|
|
|
expect(response).to redirect_to(
|
2016-12-23 13:23:04 -05:00
|
|
|
namespace_project_settings_members_path(project.namespace, project)
|
2016-10-19 15:14:57 -04:00
|
|
|
)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not member of a source project' do
|
|
|
|
include_context 'import applied'
|
|
|
|
|
|
|
|
it 'does not import team members' do
|
|
|
|
expect(project.team_members).not_to include member
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'responds with not found' do
|
|
|
|
expect(response.status).to eq 404
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2016-10-18 09:49:19 -04:00
|
|
|
|
|
|
|
describe 'POST create' do
|
|
|
|
let(:stranger) { create(:user) }
|
|
|
|
|
|
|
|
context 'when creating owner' do
|
|
|
|
before do
|
|
|
|
project.team << [user, :master]
|
|
|
|
sign_in(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not create a member' do
|
|
|
|
expect do
|
|
|
|
post :create, user_ids: stranger.id,
|
|
|
|
namespace_id: project.namespace,
|
|
|
|
access_level: Member::OWNER,
|
|
|
|
project_id: project
|
|
|
|
end.to change { project.members.count }.by(0)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when create master' do
|
|
|
|
before do
|
|
|
|
project.team << [user, :master]
|
|
|
|
sign_in(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'creates a member' do
|
|
|
|
expect do
|
|
|
|
post :create, user_ids: stranger.id,
|
|
|
|
namespace_id: project.namespace,
|
|
|
|
access_level: Member::MASTER,
|
|
|
|
project_id: project
|
|
|
|
end.to change { project.members.count }.by(1)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2016-04-05 07:29:48 -04:00
|
|
|
end
|