2016-03-14 06:18:03 -04:00
|
|
|
require 'spec_helper'
|
|
|
|
|
2016-08-13 08:45:31 -04:00
|
|
|
describe Users::DestroyService, services: true do
|
2016-03-14 06:18:03 -04:00
|
|
|
describe "Deletes a user and all their personal projects" do
|
2017-02-04 03:14:17 -05:00
|
|
|
let!(:user) { create(:user) }
|
|
|
|
let!(:admin) { create(:admin) }
|
|
|
|
let!(:namespace) { create(:namespace, owner: user) }
|
2017-03-27 17:14:01 -04:00
|
|
|
let!(:project) { create(:empty_project, namespace: namespace) }
|
2017-02-04 03:14:17 -05:00
|
|
|
let(:service) { described_class.new(admin) }
|
2016-03-14 06:18:03 -04:00
|
|
|
|
|
|
|
context 'no options are given' do
|
|
|
|
it 'deletes the user' do
|
2016-08-13 08:45:31 -04:00
|
|
|
user_data = service.execute(user)
|
2016-03-14 06:18:03 -04:00
|
|
|
|
2016-05-28 22:54:17 -04:00
|
|
|
expect { user_data['email'].to eq(user.email) }
|
|
|
|
expect { User.find(user.id) }.to raise_error(ActiveRecord::RecordNotFound)
|
|
|
|
expect { Namespace.with_deleted.find(user.namespace.id) }.to raise_error(ActiveRecord::RecordNotFound)
|
2016-03-14 06:18:03 -04:00
|
|
|
end
|
|
|
|
|
2017-03-31 19:59:46 -04:00
|
|
|
it 'will delete the project' do
|
|
|
|
expect_any_instance_of(Projects::DestroyService).to receive(:execute).once
|
2016-03-14 06:18:03 -04:00
|
|
|
|
2016-08-13 08:45:31 -04:00
|
|
|
service.execute(user)
|
2016-03-14 06:18:03 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-03-31 19:59:46 -04:00
|
|
|
context 'projects in pending_delete' do
|
|
|
|
before do
|
|
|
|
project.pending_delete = true
|
|
|
|
project.save
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'destroys a project in pending_delete' do
|
|
|
|
expect_any_instance_of(Projects::DestroyService).to receive(:execute).once
|
|
|
|
|
|
|
|
service.execute(user)
|
|
|
|
|
|
|
|
expect { Project.find(project.id) }.to raise_error(ActiveRecord::RecordNotFound)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-11-11 01:27:43 -05:00
|
|
|
context "a deleted user's issues" do
|
2017-03-27 17:14:01 -04:00
|
|
|
let(:project) { create(:project) }
|
2016-11-11 01:27:43 -05:00
|
|
|
|
|
|
|
before do
|
|
|
|
project.add_developer(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
context "for an issue the user has created" do
|
|
|
|
let!(:issue) { create(:issue, project: project, author: user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
service.execute(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not delete the issue' do
|
|
|
|
expect(Issue.find_by_id(issue.id)).to be_present
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'migrates the issue so that the "Ghost User" is the issue owner' do
|
|
|
|
migrated_issue = Issue.find_by_id(issue.id)
|
|
|
|
|
|
|
|
expect(migrated_issue.author).to eq(User.ghost)
|
|
|
|
end
|
2017-02-16 02:05:10 -05:00
|
|
|
|
|
|
|
it 'blocks the user before migrating issues to the "Ghost User' do
|
|
|
|
expect(user).to be_blocked
|
|
|
|
end
|
2016-11-11 01:27:43 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
context "for an issue the user was assigned to" do
|
|
|
|
let!(:issue) { create(:issue, project: project, assignee: user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
service.execute(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not delete issues the user is assigned to' do
|
|
|
|
expect(Issue.find_by_id(issue.id)).to be_present
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'migrates the issue so that it is "Unassigned"' do
|
|
|
|
migrated_issue = Issue.find_by_id(issue.id)
|
|
|
|
|
|
|
|
expect(migrated_issue.assignee).to be_nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-03-14 06:18:03 -04:00
|
|
|
context "solo owned groups present" do
|
|
|
|
let(:solo_owned) { create(:group) }
|
|
|
|
let(:member) { create(:group_member) }
|
|
|
|
let(:user) { member.user }
|
|
|
|
|
|
|
|
before do
|
|
|
|
solo_owned.group_members = [member]
|
2016-08-13 08:45:31 -04:00
|
|
|
service.execute(user)
|
2016-03-14 06:18:03 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not delete the user' do
|
|
|
|
expect(User.find(user.id)).to eq user
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context "deletions with solo owned groups" do
|
|
|
|
let(:solo_owned) { create(:group) }
|
|
|
|
let(:member) { create(:group_member) }
|
|
|
|
let(:user) { member.user }
|
|
|
|
|
|
|
|
before do
|
|
|
|
solo_owned.group_members = [member]
|
2016-08-13 08:45:31 -04:00
|
|
|
service.execute(user, delete_solo_owned_groups: true)
|
2016-03-14 06:18:03 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'deletes solo owned groups' do
|
|
|
|
expect { Project.find(solo_owned.id) }.to raise_error(ActiveRecord::RecordNotFound)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'deletes the user' do
|
|
|
|
expect { User.find(user.id) }.to raise_error(ActiveRecord::RecordNotFound)
|
|
|
|
end
|
|
|
|
end
|
2017-02-04 03:14:17 -05:00
|
|
|
|
|
|
|
context "deletion permission checks" do
|
|
|
|
it 'does not delete the user when user is not an admin' do
|
|
|
|
other_user = create(:user)
|
|
|
|
|
|
|
|
expect { described_class.new(other_user).execute(user) }.to raise_error(Gitlab::Access::AccessDeniedError)
|
|
|
|
expect(User.exists?(user.id)).to be(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'allows admins to delete anyone' do
|
|
|
|
described_class.new(admin).execute(user)
|
|
|
|
|
|
|
|
expect(User.exists?(user.id)).to be(false)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'allows users to delete their own account' do
|
|
|
|
described_class.new(user).execute(user)
|
|
|
|
|
|
|
|
expect(User.exists?(user.id)).to be(false)
|
|
|
|
end
|
|
|
|
end
|
2016-03-14 06:18:03 -04:00
|
|
|
end
|
|
|
|
end
|