From fe135fac68fab5e2a15e7aaa250ae91cd7fa4851 Mon Sep 17 00:00:00 2001
From: Shinya Maeda <shinya@gitlab.com>
Date: Thu, 5 Oct 2017 21:29:22 +0900
Subject: [PATCH] authorizations_controller_spec. cluster_policy_spec.

---
 .../google_api/authorizations_controller.rb   |  4 +-
 .../authorizations_controller_spec.rb         | 43 +++++++++++++++++++
 spec/policies/gcp/cluster_policy_spec.rb      | 28 ++++++++++++
 3 files changed, 73 insertions(+), 2 deletions(-)
 create mode 100644 spec/controllers/google_api/authorizations_controller_spec.rb
 create mode 100644 spec/policies/gcp/cluster_policy_spec.rb

diff --git a/app/controllers/google_api/authorizations_controller.rb b/app/controllers/google_api/authorizations_controller.rb
index 890b4ce60c8..79f49d598af 100644
--- a/app/controllers/google_api/authorizations_controller.rb
+++ b/app/controllers/google_api/authorizations_controller.rb
@@ -9,10 +9,10 @@ module GoogleApi
       session[GoogleApi::CloudPlatform::Client.session_key_for_expires_at] =
         expires_at.to_s
 
-      if params[:state]
+      if params[:state].present?
         redirect_to params[:state]
       else
-        redirect_to root_url
+        redirect_to root_path
       end
     end
   end
diff --git a/spec/controllers/google_api/authorizations_controller_spec.rb b/spec/controllers/google_api/authorizations_controller_spec.rb
new file mode 100644
index 00000000000..53d584d167c
--- /dev/null
+++ b/spec/controllers/google_api/authorizations_controller_spec.rb
@@ -0,0 +1,43 @@
+require 'spec_helper'
+
+describe GoogleApi::AuthorizationsController do
+  describe 'GET|POST #callback' do
+    let(:user) { create(:user) }
+    let(:project) { create(:project) }
+    let(:state) { namespace_project_clusters_url(project.namespace, project).to_s }
+    let(:token) { 'token' }
+    let(:expires_at) { 1.hour.since.strftime('%s') }
+
+    subject { get :callback, code: 'xxx', state: state }
+
+    before do
+      sign_in(user)
+
+      allow_any_instance_of(GoogleApi::CloudPlatform::Client)
+        .to receive(:get_token).and_return([token, expires_at])
+    end
+
+    it 'sets token and expires_atin session' do
+      subject
+
+      expect(session[GoogleApi::CloudPlatform::Client.session_key_for_token])
+        .to eq(token)
+      expect(session[GoogleApi::CloudPlatform::Client.session_key_for_expires_at])
+        .to eq(expires_at)
+    end
+
+    context 'when redirection url is stored in state' do
+      it 'redirects to the URL stored in state param' do
+        expect(subject).to redirect_to(state)
+      end
+    end
+
+    context 'when redirection url is not stored in state' do
+      let(:state) { '' }
+
+      it 'redirects to root_path' do
+        expect(subject).to redirect_to(root_path)
+      end
+    end
+  end
+end
diff --git a/spec/policies/gcp/cluster_policy_spec.rb b/spec/policies/gcp/cluster_policy_spec.rb
new file mode 100644
index 00000000000..e213aa3d557
--- /dev/null
+++ b/spec/policies/gcp/cluster_policy_spec.rb
@@ -0,0 +1,28 @@
+require 'spec_helper'
+
+describe Gcp::ClusterPolicy, :models do
+  set(:project) { create(:project) }
+  set(:cluster) { create(:gcp_cluster, project: project) }
+  let(:user) { create(:user) }
+  let(:policy) { described_class.new(user, cluster) }
+
+  describe 'rules' do
+    context 'when developer' do
+      before do
+        project.add_developer(user)
+      end
+
+      it { expect(policy).to be_disallowed :update_cluster }
+      it { expect(policy).to be_disallowed :admin_cluster }
+    end
+
+    context 'when master' do
+      before do
+        project.add_master(user)
+      end
+
+      it { expect(policy).to be_allowed :update_cluster }
+      it { expect(policy).to be_allowed :admin_cluster }
+    end
+  end
+end