gitlab-org--gitlab-foss/spec/models/protected_branch/push_access_level_spec.rb

83 lines
3 KiB
Ruby

# frozen_string_literal: true
require 'spec_helper'
RSpec.describe ProtectedBranch::PushAccessLevel do
it { is_expected.to validate_inclusion_of(:access_level).in_array([Gitlab::Access::MAINTAINER, Gitlab::Access::DEVELOPER, Gitlab::Access::NO_ACCESS]) }
describe 'associations' do
it { is_expected.to belong_to(:deploy_key) }
end
describe 'validations' do
it 'is not valid when a record exists with the same access level' do
protected_branch = create(:protected_branch)
create(:protected_branch_push_access_level, protected_branch: protected_branch)
level = build(:protected_branch_push_access_level, protected_branch: protected_branch)
expect(level).to be_invalid
end
it 'is not valid when a record exists with the same access level' do
protected_branch = create(:protected_branch)
deploy_key = create(:deploy_key, projects: [protected_branch.project])
create(:protected_branch_push_access_level, protected_branch: protected_branch, deploy_key: deploy_key)
level = build(:protected_branch_push_access_level, protected_branch: protected_branch, deploy_key: deploy_key)
expect(level).to be_invalid
end
it 'checks that a deploy key is enabled for the same project as the protected branch\'s' do
level = build(:protected_branch_push_access_level, deploy_key: create(:deploy_key))
expect { level.save! }.to raise_error
expect(level.errors.full_messages).to contain_exactly('Deploy key is not enabled for this project')
end
end
describe '#check_access' do
let_it_be(:project) { create(:project) }
let_it_be(:protected_branch) { create(:protected_branch, :no_one_can_push, project: project) }
let_it_be(:user) { create(:user) }
let_it_be(:deploy_key) { create(:deploy_key, user: user) }
let!(:deploy_keys_project) { create(:deploy_keys_project, project: project, deploy_key: deploy_key, can_push: can_push) }
let(:can_push) { true }
before_all do
project.add_maintainer(user)
end
context 'when this push_access_level is tied to a deploy key' do
let(:push_access_level) { create(:protected_branch_push_access_level, protected_branch: protected_branch, deploy_key: deploy_key) }
context 'when the deploy key is among the active keys for this project' do
specify do
expect(push_access_level.check_access(user)).to be_truthy
end
end
context 'when the deploy key is not among the active keys of this project' do
let(:can_push) { false }
it 'is false' do
expect(push_access_level.check_access(user)).to be_falsey
end
end
end
end
describe '#type' do
let(:push_level_access) { build(:protected_branch_push_access_level) }
it 'returns :deploy_key when a deploy key is tied to the protected branch' do
push_level_access.deploy_key = create(:deploy_key)
expect(push_level_access.type).to eq(:deploy_key)
end
it 'returns :role by default' do
expect(push_level_access.type).to eq(:role)
end
end
end