Add nested groups support to the Groups::CreateService

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2016-12-26 11:56:19 +02:00 · 2016-12-26 11:56:19 +02:00 · 9410f215ea
commit 9410f215ea
parent 7b4b3d5f26
2 changed files with 40 additions and 4 deletions
--- a/app/services/groups/create_service.rb
+++ b/app/services/groups/create_service.rb
@ -12,6 +12,19 @@ module Groups
        return @group
      end

+      parent_id = params[:parent_id]
+
+      if parent_id
+        parent = Group.find(parent_id)
+
+        unless can?(current_user, :admin_group, parent)
+          @group.parent_id = nil
+          @group.errors.add(:parent_id, 'manage access required to create subgroup')
+
+          return @group
+        end
+      end
+
      @group.name ||= @group.path.dup
      @group.save
      @group.add_owner(current_user)
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@ -1,11 +1,12 @@
 require 'spec_helper'

-describe Groups::CreateService, services: true do
-  let!(:user)         { create(:user) }
+describe Groups::CreateService, '#execute', services: true do
+  let!(:user) { create(:user) }
  let!(:group_params) { { path: "group_path", visibility_level: Gitlab::VisibilityLevel::PUBLIC } }

-  describe "execute" do
-    let!(:service) { described_class.new(user, group_params ) }
+  describe 'visibility level restrictions' do
+    let!(:service) { described_class.new(user, group_params) }
+
    subject { service.execute }

    context "create groups without restricted visibility level" do
@ -14,7 +15,29 @@ describe Groups::CreateService, services: true do

    context "cannot create group with restricted visibility level" do
      before { allow_any_instance_of(ApplicationSetting).to receive(:restricted_visibility_levels).and_return([Gitlab::VisibilityLevel::PUBLIC]) }
+
      it { is_expected.not_to be_persisted }
    end
  end
+
+  describe 'creating subgroup' do
+    let!(:group) { create(:group) }
+    let!(:service) { described_class.new(user, group_params.merge(parent_id: group.id)) }
+
+    subject { service.execute }
+
+    context 'as group owner' do
+      before { group.add_owner(user) }
+
+      it { is_expected.to be_persisted }
+    end
+
+    context 'as guest' do
+      it 'does not save group and returns an error' do
+        is_expected.not_to be_persisted
+        expect(subject.errors[:parent_id].first).to eq('manage access required to create subgroup')
+        expect(subject.parent_id).to be_nil
+      end
+    end
+  end
 end