diff options
author | Alejandro RodrÃguez <alejorro70@gmail.com> | 2016-07-07 23:08:06 +0300 |
---|---|---|
committer | Alejandro RodrÃguez <alejorro70@gmail.com> | 2016-07-20 22:14:31 +0300 |
commit | ea63346df5a420cebbc44491eef8e2d2a0fb5ad7 (patch) | |
tree | 9776cf9ed91242a830da2294037525d73c6d58d8 /spec/models/issue_spec.rb | |
parent | b4717017e7ad601eaa1d53c9238a242c7fdf0daa (diff) |
Refactor user authorization check for a single project to avoid querying all user projects
Currently, even when searching for all authorized issues of *one* project, we run the
`Users#authorized_projects` query (which can be rather slow). This update checks if
we are handling issues of just one project and does the authorization check locally.
It does have the downside of basically repeating the logic of `Users#authorized_projects`
on `Project#authorized_for_user`.
Diffstat (limited to 'spec/models/issue_spec.rb')
-rw-r--r-- | spec/models/issue_spec.rb | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/spec/models/issue_spec.rb b/spec/models/issue_spec.rb index b87d68283e6..6a897c96690 100644 --- a/spec/models/issue_spec.rb +++ b/spec/models/issue_spec.rb @@ -22,6 +22,26 @@ describe Issue, models: true do it { is_expected.to have_db_index(:deleted_at) } end + describe 'visible_to_user' do + let(:user) { create(:user) } + let(:authorized_user) { create(:user) } + let(:project) { create(:project, namespace: authorized_user.namespace) } + let!(:public_issue) { create(:issue, project: project) } + let!(:confidential_issue) { create(:issue, project: project, confidential: true) } + + it 'returns non confidential issues for nil user' do + expect(Issue.visible_to_user(nil).count).to be(1) + end + + it 'returns non confidential issues for user not authorized for the issues projects' do + expect(Issue.visible_to_user(user).count).to be(1) + end + + it 'returns all issues for user authorized for the issues projects' do + expect(Issue.visible_to_user(authorized_user).count).to be(2) + end + end + describe '#to_reference' do it 'returns a String reference to the object' do expect(subject.to_reference).to eq "##{subject.iid}" |