Add latest changes from gitlab-org/gitlab@master

2 files changed, 187 insertions, 70 deletions

diff --git a/spec/requests/api/graphql/mutations/branch_rules/create_spec.rb b/spec/requests/api/graphql/mutations/branch_rules/create_spec.rb
new file mode 100644
index 00000000000..85ba3d58ee5
--- /dev/null
+++ b/spec/requests/api/graphql/mutations/branch_rules/create_spec.rb
@@ -0,0 +1,68 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'BranchRuleCreate', feature_category: :source_code_management do
+  include GraphqlHelpers
+  let_it_be(:project) { create(:project, :public) }
+  let_it_be(:current_user, reload: true) { create(:user) }
+
+  let(:params) do
+    {
+      project_path: project.full_path,
+      name: branch_name
+    }
+  end
+
+  let(:branch_name) { 'branch_name/*' }
+  let(:mutation) { graphql_mutation(:branch_rule_create, params) }
+  let(:mutation_response) { graphql_mutation_response(:branch_rule_create) }
+  let(:mutation_errors) { mutation_response['errors'] }
+
+  subject(:post_mutation) { post_graphql_mutation(mutation, current_user: current_user) }
+
+  context 'when the user does not have permission' do
+    before_all do
+      project.add_developer(current_user)
+    end
+
+    it_behaves_like 'a mutation that returns a top-level access error'
+
+    it 'does not create the board' do
+      expect { post_mutation }.not_to change { ProtectedBranch.count }
+    end
+  end
+
+  context 'when the user can create a branch rules' do
+    before_all do
+      project.add_maintainer(current_user)
+    end
+
+    it 'creates the protected branch' do
+      expect { post_mutation }.to change { ProtectedBranch.count }.by(1)
+    end
+
+    it 'returns the created branch rule' do
+      post_mutation
+
+      expect(mutation_response).to have_key('branchRule')
+      expect(mutation_response['branchRule']['name']).to eq(branch_name)
+      expect(mutation_errors).to be_empty
+    end
+
+    context 'when the branch rule already exist' do
+      let!(:existing_rule) { create :protected_branch, name: branch_name, project: project }
+
+      it 'does not create the protected branch' do
+        expect { post_mutation }.not_to change { ProtectedBranch.count }
+      end
+
+      it 'return an error message' do
+        post_mutation
+
+        expect(mutation_errors).to include 'Name has already been taken'
+        expect(mutation_response['branchRule']).to be_nil
+      end
+    end
+  end
+end
diff --git a/spec/requests/api/graphql/organizations/organization_query_spec.rb b/spec/requests/api/graphql/organizations/organization_query_spec.rb
index c485e3b170d..73bcfe81d76 100644
--- a/spec/requests/api/graphql/organizations/organization_query_spec.rb
+++ b/spec/requests/api/graphql/organizations/organization_query_spec.rb
@@ -7,7 +7,6 @@ RSpec.describe 'getting organization information', feature_category: :cell do
 
   let(:query) { graphql_query_for(:organization, { id: organization.to_global_id }, organization_fields) }
   let(:current_user) { user }
-  let(:groups) { graphql_data_at(:organization, :groups, :nodes) }
   let(:organization_fields) do
     <<~FIELDS
       id
@@ -23,24 +22,9 @@ RSpec.describe 'getting organization information', feature_category: :cell do
   let_it_be(:organization_user) { create(:organization_user) }
   let_it_be(:organization) { organization_user.organization }
   let_it_be(:user) { organization_user.user }
-  let_it_be(:parent_group) { create(:group, name: 'parent-group', organization: organization) }
-  let_it_be(:public_group) { create(:group, name: 'public-group', parent: parent_group, organization: organization) }
-  let_it_be(:other_group) { create(:group, name: 'other-group', organization: organization) }
-  let_it_be(:outside_organization_group) { create(:group) }
-
-  let_it_be(:private_group) do
-    create(:group, :private, name: 'private-group', organization: organization)
-  end
-
-  let_it_be(:no_access_group_in_org) do
-    create(:group, :private, name: 'no-access', organization: organization)
-  end
-
-  before_all do
-    private_group.add_developer(user)
-    public_group.add_developer(user)
-    other_group.add_developer(user)
-    outside_organization_group.add_developer(user)
+  let_it_be(:project) { create(:project, organization: organization) { |p| p.add_developer(user) } }
+  let_it_be(:other_group) do
+    create(:group, name: 'other-group', organization: organization) { |g| g.add_developer(user) }
   end
 
   subject(:request_organization) { post_graphql(query, current_user: current_user) }
@@ -62,25 +46,6 @@ RSpec.describe 'getting organization information', feature_category: :cell do
       end
     end
 
-    context 'when resolve_organization_groups feature flag is disabled' do
-      before do
-        stub_feature_flags(resolve_organization_groups: false)
-      end
-
-      it 'returns no groups' do
-        request_organization
-
-        expect(graphql_data_at(:organization)).not_to be_nil
-        expect(graphql_data_at(:organization, :groups, :nodes)).to be_empty
-      end
-    end
-
-    it 'does not return ancestors of authorized groups' do
-      request_organization
-
-      expect(groups.pluck('id')).not_to include(parent_group.to_global_id.to_s)
-    end
-
     context 'when requesting organization user' do
       let(:organization_fields) do
         <<~FIELDS
@@ -116,6 +81,8 @@ RSpec.describe 'getting organization information', feature_category: :cell do
 
         organization_user_2 = create(:organization_user, organization: organization)
         other_group.add_developer(organization_user_2.user)
+        organization_user_from_project = create(:organization_user, organization: organization)
+        project.add_developer(organization_user_from_project.user)
 
         expect { run_query }.not_to exceed_query_limit(base_query_count)
       end
@@ -127,62 +94,144 @@ RSpec.describe 'getting organization information', feature_category: :cell do
       end
     end
 
-    context 'with `search` argument' do
-      let(:search) { 'oth' }
-      let(:organization_fields) do
-        <<~FIELDS
-          id
-          path
-          groups(search: "#{search}") {
-            nodes {
-              id
-              name
-            }
-          }
-        FIELDS
+    context 'when requesting groups' do
+      let(:groups) { graphql_data_at(:organization, :groups, :nodes) }
+      let_it_be(:parent_group) { create(:group, name: 'parent-group', organization: organization) }
+      let_it_be(:public_group) do
+        create(:group, name: 'public-group', parent: parent_group, organization: organization)
       end
 
-      it 'filters groups by name' do
-        request_organization
+      let_it_be(:private_group) do
+        create(:group, :private, name: 'private-group', organization: organization)
+      end
 
-        expect(groups).to contain_exactly(a_graphql_entity_for(other_group))
+      before_all do
+        create(:group, :private, name: 'no-access', organization: organization)
+        private_group.add_developer(user)
+        public_group.add_developer(user)
+        create(:group) { |g| g.add_developer(user) } # outside organization
       end
-    end
 
-    context 'with `sort` argument' do
-      using RSpec::Parameterized::TableSyntax
+      context 'when resolve_organization_groups feature flag is disabled' do
+        before do
+          stub_feature_flags(resolve_organization_groups: false)
+        end
+
+        it 'returns no groups' do
+          request_organization
+
+          expect(graphql_data_at(:organization)).not_to be_nil
+          expect(graphql_data_at(:organization, :groups, :nodes)).to be_empty
+        end
+      end
 
-      let(:authorized_groups) { [public_group, private_group, other_group] }
+      it 'does not return ancestors of authorized groups' do
+        request_organization
 
-      where(:field, :direction, :sorted_groups) do
-        'id' | 'asc' | lazy { authorized_groups.sort_by(&:id) }
-        'id' | 'desc' | lazy { authorized_groups.sort_by(&:id).reverse }
-        'name' | 'asc' | lazy { authorized_groups.sort_by(&:name) }
-        'name' | 'desc' | lazy { authorized_groups.sort_by(&:name).reverse }
-        'path' | 'asc' | lazy { authorized_groups.sort_by(&:path) }
-        'path' | 'desc' | lazy { authorized_groups.sort_by(&:path).reverse }
+        expect(groups.pluck('id')).not_to include(parent_group.to_global_id.to_s)
       end
 
-      with_them do
-        let(:sort) { "#{field}_#{direction}".upcase }
+      context 'with `search` argument' do
+        let(:search) { 'oth' }
         let(:organization_fields) do
           <<~FIELDS
             id
             path
-            groups(sort: #{sort}) {
+            groups(search: "#{search}") {
               nodes {
                 id
+                name
               }
             }
           FIELDS
         end
 
-        it 'sorts the groups' do
+        it 'filters groups by name' do
           request_organization
 
-          expect(groups.pluck('id')).to eq(sorted_groups.map(&:to_global_id).map(&:to_s))
+          expect(groups).to contain_exactly(a_graphql_entity_for(other_group))
         end
       end
+
+      context 'with `sort` argument' do
+        using RSpec::Parameterized::TableSyntax
+
+        let(:authorized_groups) { [public_group, private_group, other_group] }
+
+        where(:field, :direction, :sorted_groups) do
+          'id'   | 'asc'  | lazy { authorized_groups.sort_by(&:id) }
+          'id'   | 'desc' | lazy { authorized_groups.sort_by(&:id).reverse }
+          'name' | 'asc'  | lazy { authorized_groups.sort_by(&:name) }
+          'name' | 'desc' | lazy { authorized_groups.sort_by(&:name).reverse }
+          'path' | 'asc'  | lazy { authorized_groups.sort_by(&:path) }
+          'path' | 'desc' | lazy { authorized_groups.sort_by(&:path).reverse }
+        end
+
+        with_them do
+          let(:sort) { "#{field}_#{direction}".upcase }
+          let(:organization_fields) do
+            <<~FIELDS
+              id
+              path
+              groups(sort: #{sort}) {
+                nodes {
+                  id
+                }
+              }
+            FIELDS
+          end
+
+          it 'sorts the groups' do
+            request_organization
+
+            expect(groups.pluck('id')).to eq(sorted_groups.map(&:to_global_id).map(&:to_s))
+          end
+        end
+      end
+    end
+
+    context 'when requesting projects' do
+      let(:projects) { graphql_data_at(:organization, :projects, :nodes) }
+      let(:organization_fields) do
+        <<~FIELDS
+          projects {
+            nodes {
+              id
+            }
+          }
+        FIELDS
+      end
+
+      before_all do
+        create(:project) { |p| p.add_developer(user) } # some other project that shouldn't show up in our results
+      end
+
+      before do
+        request_organization
+      end
+
+      it_behaves_like 'a working graphql query'
+
+      it 'returns projects' do
+        expect(projects).to contain_exactly(a_graphql_entity_for(project))
+      end
+
+      it_behaves_like 'sorted paginated query' do
+        include_context 'no sort argument'
+
+        let_it_be(:another_project) { create(:project, organization: organization) { |p| p.add_developer(user) } }
+        let_it_be(:another_project2) { create(:project, organization: organization) { |p| p.add_developer(user) } }
+        let(:first_param) { 2 }
+        let(:data_path) { [:organization, :projects] }
+        let(:all_records) { [another_project2, another_project, project].map { |p| global_id_of(p).to_s } }
+      end
+
+      def pagination_query(params)
+        graphql_query_for(
+          :organization, { id: organization.to_global_id },
+          query_nodes(:projects, :id, include_pagination_info: true, args: params)
+        )
+      end
     end
   end
 end