gitlab-org--gitlab-foss/spec/features/projects/features_visibility_spec.rb

250 lines
8.3 KiB
Ruby

require 'spec_helper'
include WaitForAjax
describe 'Edit Project Settings', feature: true do
include WaitForAjax
let(:member) { create(:user) }
let!(:project) { create(:project, :public, path: 'gitlab', name: 'sample') }
let!(:issue) { create(:issue, project: project) }
let(:non_member) { create(:user) }
describe 'project features visibility selectors', js: true do
before do
project.team << [member, :master]
login_as(member)
end
tools = { builds: "pipelines", issues: "issues", wiki: "wiki", snippets: "snippets", merge_requests: "merge_requests" }
tools.each do |tool_name, shortcut_name|
describe "feature #{tool_name}" do
it 'toggles visibility' do
visit edit_namespace_project_path(project.namespace, project)
select 'Disabled', from: "project_project_feature_attributes_#{tool_name}_access_level"
click_button 'Save changes'
wait_for_ajax
expect(page).not_to have_selector(".shortcuts-#{shortcut_name}")
select 'Everyone with access', from: "project_project_feature_attributes_#{tool_name}_access_level"
click_button 'Save changes'
wait_for_ajax
expect(page).to have_selector(".shortcuts-#{shortcut_name}")
select 'Only team members', from: "project_project_feature_attributes_#{tool_name}_access_level"
click_button 'Save changes'
wait_for_ajax
expect(page).to have_selector(".shortcuts-#{shortcut_name}")
sleep 0.1
end
end
end
context "When external issue tracker is enabled" do
it "does not hide issues tab" do
project.project_feature.update(issues_access_level: ProjectFeature::DISABLED)
allow_any_instance_of(Project).to receive(:external_issue_tracker).and_return(JiraService.new)
visit namespace_project_path(project.namespace, project)
expect(page).to have_selector(".shortcuts-issues")
end
end
context "pipelines subtabs" do
it "shows builds when enabled" do
visit namespace_project_pipelines_path(project.namespace, project)
expect(page).to have_selector(".shortcuts-builds")
end
it "hides builds when disabled" do
allow(Ability).to receive(:allowed?).with(member, :read_builds, project).and_return(false)
visit namespace_project_pipelines_path(project.namespace, project)
expect(page).not_to have_selector(".shortcuts-builds")
end
end
end
describe 'project features visibility pages' do
before do
@tools =
{
builds: namespace_project_pipelines_path(project.namespace, project),
issues: namespace_project_issues_path(project.namespace, project),
wiki: namespace_project_wiki_path(project.namespace, project, :home),
snippets: namespace_project_snippets_path(project.namespace, project),
merge_requests: namespace_project_merge_requests_path(project.namespace, project),
}
end
context 'normal user' do
it 'renders 200 if tool is enabled' do
@tools.each do |method_name, url|
project.project_feature.update_attribute("#{method_name}_access_level", ProjectFeature::ENABLED)
visit url
expect(page.status_code).to eq(200)
end
end
it 'renders 404 if feature is disabled' do
@tools.each do |method_name, url|
project.project_feature.update_attribute("#{method_name}_access_level", ProjectFeature::DISABLED)
visit url
expect(page.status_code).to eq(404)
end
end
it 'renders 404 if feature is enabled only for team members' do
project.team.truncate
@tools.each do |method_name, url|
project.project_feature.update_attribute("#{method_name}_access_level", ProjectFeature::PRIVATE)
visit url
expect(page.status_code).to eq(404)
end
end
it 'renders 200 if users is member of group' do
group = create(:group)
project.group = group
project.save
group.add_owner(member)
@tools.each do |method_name, url|
project.project_feature.update_attribute("#{method_name}_access_level", ProjectFeature::PRIVATE)
visit url
expect(page.status_code).to eq(200)
end
end
end
context 'admin user' do
before do
non_member.update_attribute(:admin, true)
login_as(non_member)
end
it 'renders 404 if feature is disabled' do
@tools.each do |method_name, url|
project.project_feature.update_attribute("#{method_name}_access_level", ProjectFeature::DISABLED)
visit url
expect(page.status_code).to eq(404)
end
end
it 'renders 200 if feature is enabled only for team members' do
project.team.truncate
@tools.each do |method_name, url|
project.project_feature.update_attribute("#{method_name}_access_level", ProjectFeature::PRIVATE)
visit url
expect(page.status_code).to eq(200)
end
end
end
end
describe 'repository visibility', js: true do
before do
project.team << [member, :master]
login_as(member)
visit edit_namespace_project_path(project.namespace, project)
end
it "disables repository related features" do
select "Disabled", from: "project_project_feature_attributes_repository_access_level"
expect(find(".edit-project")).to have_selector("select.disabled", count: 2)
end
it "shows empty features project homepage" do
select "Disabled", from: "project_project_feature_attributes_repository_access_level"
select "Disabled", from: "project_project_feature_attributes_issues_access_level"
select "Disabled", from: "project_project_feature_attributes_wiki_access_level"
click_button "Save changes"
wait_for_ajax
visit namespace_project_path(project.namespace, project)
expect(page).to have_content "Customize your workflow!"
end
it "hides project activity tabs" do
select "Disabled", from: "project_project_feature_attributes_repository_access_level"
select "Disabled", from: "project_project_feature_attributes_issues_access_level"
select "Disabled", from: "project_project_feature_attributes_wiki_access_level"
click_button "Save changes"
wait_for_ajax
visit activity_namespace_project_path(project.namespace, project)
page.within(".event-filter") do
expect(page).to have_selector("a", count: 2)
expect(page).not_to have_content("Push events")
expect(page).not_to have_content("Merge events")
expect(page).not_to have_content("Comments")
end
end
# Regression spec for https://gitlab.com/gitlab-org/gitlab-ce/issues/25272
it "hides comments activity tab only on disabled issues, merge requests and repository" do
select "Disabled", from: "project_project_feature_attributes_issues_access_level"
save_changes_and_check_activity_tab do
expect(page).to have_content("Comments")
end
visit edit_namespace_project_path(project.namespace, project)
select "Disabled", from: "project_project_feature_attributes_merge_requests_access_level"
save_changes_and_check_activity_tab do
expect(page).to have_content("Comments")
end
visit edit_namespace_project_path(project.namespace, project)
select "Disabled", from: "project_project_feature_attributes_repository_access_level"
save_changes_and_check_activity_tab do
expect(page).not_to have_content("Comments")
end
visit edit_namespace_project_path(project.namespace, project)
end
def save_changes_and_check_activity_tab
click_button "Save changes"
wait_for_ajax
visit activity_namespace_project_path(project.namespace, project)
page.within(".event-filter") do
yield
end
end
end
# Regression spec for https://gitlab.com/gitlab-org/gitlab-ce/issues/24056
describe 'project statistic visibility' do
let!(:project) { create(:project, :private) }
before do
project.team << [member, :guest]
login_as(member)
visit namespace_project_path(project.namespace, project)
end
it "does not show project statistic for guest" do
expect(page).not_to have_selector('.project-stats')
end
end
end