diff options
author | Aakriti Gupta <agupta@gitlab.com> | 2019-11-06 19:07:11 +0300 |
---|---|---|
committer | Aakriti Gupta <agupta@gitlab.com> | 2019-11-20 12:42:17 +0300 |
commit | cd6d264948e09fd44fdbe9c5d0324761c3d22814 (patch) | |
tree | 3d81fe330c7bff7ac7f21eb30c4aff459942b8ac /spec | |
parent | 43e9756cf7f93d2a8b7b570033dda84b0a344086 (diff) |
Prevent guests from seeing commits for cycle analytics
- if the user has access level lower than REPORTER,
don't include commit count in summary
Diffstat (limited to 'spec')
-rw-r--r-- | spec/features/cycle_analytics_spec.rb | 10 | ||||
-rw-r--r-- | spec/lib/gitlab/cycle_analytics/stage_summary_spec.rb | 23 |
2 files changed, 32 insertions, 1 deletions
diff --git a/spec/features/cycle_analytics_spec.rb b/spec/features/cycle_analytics_spec.rb index 0fc4841ee0e..e9751aa2e72 100644 --- a/spec/features/cycle_analytics_spec.rb +++ b/spec/features/cycle_analytics_spec.rb @@ -112,6 +112,10 @@ describe 'Cycle Analytics', :js do wait_for_requests end + it 'does not show the commit stats' do + expect(page).to have_no_selector(:xpath, commits_counter_selector) + end + it 'needs permissions to see restricted stages' do expect(find('.stage-events')).to have_content(issue.title) @@ -127,8 +131,12 @@ describe 'Cycle Analytics', :js do find(:xpath, "//p[contains(text(),'New Issue')]/preceding-sibling::h3") end + def commits_counter_selector + "//p[contains(text(),'Commits')]/preceding-sibling::h3" + end + def commits_counter - find(:xpath, "//p[contains(text(),'Commits')]/preceding-sibling::h3") + find(:xpath, commits_counter_selector) end def deploys_counter diff --git a/spec/lib/gitlab/cycle_analytics/stage_summary_spec.rb b/spec/lib/gitlab/cycle_analytics/stage_summary_spec.rb index 8f9dac6d281..94edef20296 100644 --- a/spec/lib/gitlab/cycle_analytics/stage_summary_spec.rb +++ b/spec/lib/gitlab/cycle_analytics/stage_summary_spec.rb @@ -6,6 +6,11 @@ describe Gitlab::CycleAnalytics::StageSummary do let(:project) { create(:project, :repository) } let(:options) { { from: 1.day.ago, current_user: user } } let(:user) { create(:user, :admin) } + + before do + project.add_maintainer(user) + end + let(:stage_summary) { described_class.new(project, options).data } describe "#new_issues" do @@ -86,6 +91,24 @@ describe Gitlab::CycleAnalytics::StageSummary do expect(subject).to eq(2) end end + + context 'when a guest user is signed in' do + let(:guest_user) { create(:user) } + + before do + project.add_guest(guest_user) + options.merge!({ current_user: guest_user }) + end + + it 'does not include commit stats' do + data = described_class.new(project, options).data + expect(includes_commits?(data)).to be_falsy + end + + def includes_commits?(data) + data.any? { |h| h["title"] == 'Commits' } + end + end end describe "#deploys" do |