Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-11-15 18:08:26 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-11-15 18:08:26 +0300
commit: 4279dbc29c63f614e6439e104204165ff0517a59 (patch)
tree: a2a2dc637398f9c66eeda39ee9e3e209370a84c4 /spec/policies
parent: 7912017a137da35c48071a048c99d27737c29f0f (diff)
1 files changed, 57 insertions, 48 deletions
diff --git a/spec/policies/group_member_policy_spec.rb b/spec/policies/group_member_policy_spec.rb
index 24ffd9e5e39..6ae5e43def4 100644
--- a/spec/policies/group_member_policy_spec.rb
+++ b/spec/policies/group_member_policy_spec.rb
@@ -125,74 +125,83 @@ RSpec.describe GroupMemberPolicy do
     specify { expect_disallowed(:read_group, :destroy_project_bot_member) }
   end
 
-  context 'with one owner' do
+  context 'with owner' do
     let(:current_user) { owner }
 
-    specify { expect_disallowed(*member_related_permissions) }
-    specify { expect_allowed(:read_group) }
-  end
+    context 'with group with one owner' do
+      specify { expect_disallowed(*member_related_permissions) }
+      specify { expect_allowed(:read_group) }
+    end
 
-  context 'with one blocked owner' do
-    let(:owner) { create(:user, :blocked) }
-    let(:current_user) { owner }
+    context 'with group with bot user owner' do
+      before do
+        group.add_owner(create(:user, :project_bot))
+      end
 
-    specify { expect_disallowed(*member_related_permissions) }
-    specify { expect_disallowed(:read_group) }
-  end
+      specify { expect_disallowed(*member_related_permissions) }
+    end
 
-  context 'with more than one owner' do
-    let(:current_user) { owner }
+    context 'with group with more than one owner' do
+      before do
+        group.add_owner(create(:user))
+      end
 
-    before do
-      group.add_owner(create(:user))
+      specify { expect_allowed(*member_related_permissions) }
+      specify { expect_disallowed(:destroy_project_bot_member) }
     end
 
-    specify { expect_allowed(*member_related_permissions) }
-    specify { expect_disallowed(:destroy_project_bot_member) }
-  end
+    context 'with group with owners from a parent' do
+      context 'when top-level group' do
+        context 'with group sharing' do
+          let!(:subgroup) { create(:group, :private, parent: group) }
 
-  context 'with the group parent' do
-    let(:current_user) { create :user }
-    let(:subgroup) { create(:group, :private, parent: group) }
+          before do
+            create(:group_group_link, :owner, shared_group: group, shared_with_group: subgroup)
+            create(:group_member, :owner, group: subgroup)
+          end
 
-    before do
-      group.add_owner(owner)
-      subgroup.add_owner(current_user)
-    end
+          specify { expect_disallowed(*member_related_permissions) }
+          specify { expect_allowed(:read_group) }
+        end
+      end
 
-    it do
-      expect_allowed(:destroy_group_member)
-      expect_allowed(:update_group_member)
-    end
-  end
+      context 'when subgroup' do
+        let(:current_user) { create :user }
 
-  context 'without group parent' do
-    let(:current_user) { create :user }
-    let(:subgroup) { create(:group, :private) }
+        let!(:subgroup) { create(:group, :private, parent: group) }
 
-    before do
-      subgroup.add_owner(current_user)
-    end
+        before do
+          subgroup.add_owner(current_user)
+        end
 
-    it do
-      expect_disallowed(:destroy_group_member)
-      expect_disallowed(:update_group_member)
+        specify { expect_allowed(*member_related_permissions) }
+        specify { expect_allowed(:read_group) }
+      end
     end
   end
 
-  context 'without group parent with two owners' do
-    let(:current_user) { create :user }
-    let(:other_user) { create :user }
-    let(:subgroup) { create(:group, :private) }
+  context 'with blocked owner' do
+    let(:owner) { create(:user, :blocked) }
+    let(:current_user) { owner }
 
-    before do
-      subgroup.add_owner(current_user)
-      subgroup.add_owner(other_user)
+    specify { expect_disallowed(*member_related_permissions) }
+    specify { expect_disallowed(:read_group) }
+
+    context 'with group with bot user owner' do
+      before do
+        group.add_owner(create(:user, :project_bot))
+      end
+
+      specify { expect_disallowed(*member_related_permissions) }
+      specify { expect_disallowed(:read_group) }
     end
 
-    it do
-      expect_allowed(:destroy_group_member)
-      expect_allowed(:update_group_member)
+    context 'with group with more than one blocked owner' do
+      before do
+        group.add_owner(create(:user, :blocked))
+      end
+
+      specify { expect_allowed(:destroy_group_member) }
     end
   end
 end
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-11-15 18:08:26 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-11-15 18:08:26 +0300
commit	4279dbc29c63f614e6439e104204165ff0517a59 (patch)
tree	a2a2dc637398f9c66eeda39ee9e3e209370a84c4 /spec/policies
parent	7912017a137da35c48071a048c99d27737c29f0f (diff)