Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/finders/issues_finder_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/finders/issues_finder_spec.rb')
-rw-r--r--spec/finders/issues_finder_spec.rb234
1 files changed, 160 insertions, 74 deletions
diff --git a/spec/finders/issues_finder_spec.rb b/spec/finders/issues_finder_spec.rb
index aa9357a686a..3f5a55410d2 100644
--- a/spec/finders/issues_finder_spec.rb
+++ b/spec/finders/issues_finder_spec.rb
@@ -12,52 +12,8 @@ RSpec.describe IssuesFinder do
context 'scope: all' do
let(:scope) { 'all' }
- context 'include_hidden and public_only params' do
- let_it_be(:banned_user) { create(:user, :banned) }
- let_it_be(:hidden_issue) { create(:issue, project: project1, author: banned_user) }
- let_it_be(:confidential_issue) { create(:issue, project: project1, confidential: true) }
-
- context 'when user is an admin', :enable_admin_mode do
- let(:user) { create(:user, :admin) }
-
- it 'returns all issues' do
- expect(issues).to contain_exactly(issue1, issue2, issue3, issue4, issue5, hidden_issue, confidential_issue)
- end
- end
-
- context 'when user is not an admin' do
- context 'when public_only is true' do
- let(:params) { { public_only: true } }
-
- it 'returns public issues' do
- expect(issues).to contain_exactly(issue1, issue2, issue3, issue4, issue5)
- end
- end
-
- context 'when public_only is false' do
- let(:params) { { public_only: false } }
-
- it 'returns public and confidential issues' do
- expect(issues).to contain_exactly(issue1, issue2, issue3, issue4, issue5, confidential_issue)
- end
- end
-
- context 'when public_only is not set' do
- it 'returns public and confidential issue' do
- expect(issues).to contain_exactly(issue1, issue2, issue3, issue4, issue5, confidential_issue)
- end
- end
-
- context 'when ban_user_feature_flag is false' do
- before do
- stub_feature_flags(ban_user_feature_flag: false)
- end
-
- it 'returns all issues' do
- expect(issues).to contain_exactly(issue1, issue2, issue3, issue4, issue5, hidden_issue, confidential_issue)
- end
- end
- end
+ it 'returns all issues' do
+ expect(issues).to contain_exactly(issue1, issue2, issue3, issue4, issue5)
end
context 'user does not have read permissions' do
@@ -1148,64 +1104,132 @@ RSpec.describe IssuesFinder do
end
describe '#with_confidentiality_access_check' do
- let(:user) { create(:user) }
+ let(:guest) { create(:user) }
let_it_be(:authorized_user) { create(:user) }
+ let_it_be(:banned_user) { create(:user, :banned) }
let_it_be(:project) { create(:project, namespace: authorized_user.namespace) }
let_it_be(:public_issue) { create(:issue, project: project) }
let_it_be(:confidential_issue) { create(:issue, project: project, confidential: true) }
+ let_it_be(:hidden_issue) { create(:issue, project: project, author: banned_user) }
- shared_examples 'returns public, does not return confidential' do
+ shared_examples 'returns public, does not return hidden or confidential' do
it 'returns only public issues' do
expect(subject).to include(public_issue)
- expect(subject).not_to include(confidential_issue)
+ expect(subject).not_to include(confidential_issue, hidden_issue)
end
end
- shared_examples 'returns public and confidential' do
- it 'returns public and confidential issues' do
+ shared_examples 'returns public and confidential, does not return hidden' do
+ it 'returns only public and confidential issues' do
expect(subject).to include(public_issue, confidential_issue)
+ expect(subject).not_to include(hidden_issue)
end
end
- subject { described_class.new(user, params).with_confidentiality_access_check }
+ shared_examples 'returns public and hidden, does not return confidential' do
+ it 'returns only public and hidden issues' do
+ expect(subject).to include(public_issue, hidden_issue)
+ expect(subject).not_to include(confidential_issue)
+ end
+ end
+
+ shared_examples 'returns public, confidential, and hidden' do
+ it 'returns all issues' do
+ expect(subject).to include(public_issue, confidential_issue, hidden_issue)
+ end
+ end
context 'when no project filter is given' do
let(:params) { {} }
context 'for an anonymous user' do
- it_behaves_like 'returns public, does not return confidential'
+ subject { described_class.new(nil, params).with_confidentiality_access_check }
+
+ it_behaves_like 'returns public, does not return hidden or confidential'
+
+ context 'when feature flag is disabled' do
+ before do
+ stub_feature_flags(ban_user_feature_flag: false)
+ end
+
+ it_behaves_like 'returns public and hidden, does not return confidential'
+ end
end
context 'for a user without project membership' do
- it_behaves_like 'returns public, does not return confidential'
+ subject { described_class.new(user, params).with_confidentiality_access_check }
+
+ it_behaves_like 'returns public, does not return hidden or confidential'
+
+ context 'when feature flag is disabled' do
+ before do
+ stub_feature_flags(ban_user_feature_flag: false)
+ end
+
+ it_behaves_like 'returns public and hidden, does not return confidential'
+ end
end
context 'for a guest user' do
+ subject { described_class.new(guest, params).with_confidentiality_access_check }
+
before do
- project.add_guest(user)
+ project.add_guest(guest)
end
- it_behaves_like 'returns public, does not return confidential'
+ it_behaves_like 'returns public, does not return hidden or confidential'
+
+ context 'when feature flag is disabled' do
+ before do
+ stub_feature_flags(ban_user_feature_flag: false)
+ end
+
+ it_behaves_like 'returns public and hidden, does not return confidential'
+ end
end
context 'for a project member with access to view confidential issues' do
- before do
- project.add_reporter(user)
- end
+ subject { described_class.new(authorized_user, params).with_confidentiality_access_check }
- it_behaves_like 'returns public and confidential'
+ it_behaves_like 'returns public and confidential, does not return hidden'
+
+ context 'when feature flag is disabled' do
+ before do
+ stub_feature_flags(ban_user_feature_flag: false)
+ end
+
+ it_behaves_like 'returns public, confidential, and hidden'
+ end
end
context 'for an admin' do
- let(:user) { create(:user, :admin) }
+ let(:admin_user) { create(:user, :admin) }
+
+ subject { described_class.new(admin_user, params).with_confidentiality_access_check }
context 'when admin mode is enabled', :enable_admin_mode do
- it_behaves_like 'returns public and confidential'
+ it_behaves_like 'returns public, confidential, and hidden'
+
+ context 'when feature flag is disabled' do
+ before do
+ stub_feature_flags(ban_user_feature_flag: false)
+ end
+
+ it_behaves_like 'returns public, confidential, and hidden'
+ end
end
context 'when admin mode is disabled' do
- it_behaves_like 'returns public, does not return confidential'
+ it_behaves_like 'returns public, does not return hidden or confidential'
+
+ context 'when feature flag is disabled' do
+ before do
+ stub_feature_flags(ban_user_feature_flag: false)
+ end
+
+ it_behaves_like 'returns public and hidden, does not return confidential'
+ end
end
end
end
@@ -1214,9 +1238,17 @@ RSpec.describe IssuesFinder do
let(:params) { { project_id: project.id } }
context 'for an anonymous user' do
- let(:user) { nil }
+ subject { described_class.new(nil, params).with_confidentiality_access_check }
- it_behaves_like 'returns public, does not return confidential'
+ it_behaves_like 'returns public, does not return hidden or confidential'
+
+ context 'when feature flag is disabled' do
+ before do
+ stub_feature_flags(ban_user_feature_flag: false)
+ end
+
+ it_behaves_like 'returns public and hidden, does not return confidential'
+ end
it 'does not filter by confidentiality' do
expect(Issue).not_to receive(:where).with(a_string_matching('confidential'), anything)
@@ -1225,7 +1257,17 @@ RSpec.describe IssuesFinder do
end
context 'for a user without project membership' do
- it_behaves_like 'returns public, does not return confidential'
+ subject { described_class.new(user, params).with_confidentiality_access_check }
+
+ it_behaves_like 'returns public, does not return hidden or confidential'
+
+ context 'when feature flag is disabled' do
+ before do
+ stub_feature_flags(ban_user_feature_flag: false)
+ end
+
+ it_behaves_like 'returns public and hidden, does not return confidential'
+ end
it 'filters by confidentiality' do
expect(subject.to_sql).to match("issues.confidential")
@@ -1233,11 +1275,21 @@ RSpec.describe IssuesFinder do
end
context 'for a guest user' do
+ subject { described_class.new(guest, params).with_confidentiality_access_check }
+
before do
- project.add_guest(user)
+ project.add_guest(guest)
end
- it_behaves_like 'returns public, does not return confidential'
+ it_behaves_like 'returns public, does not return hidden or confidential'
+
+ context 'when feature flag is disabled' do
+ before do
+ stub_feature_flags(ban_user_feature_flag: false)
+ end
+
+ it_behaves_like 'returns public and hidden, does not return confidential'
+ end
it 'filters by confidentiality' do
expect(subject.to_sql).to match("issues.confidential")
@@ -1245,18 +1297,40 @@ RSpec.describe IssuesFinder do
end
context 'for a project member with access to view confidential issues' do
- before do
- project.add_reporter(user)
+ subject { described_class.new(authorized_user, params).with_confidentiality_access_check }
+
+ it_behaves_like 'returns public and confidential, does not return hidden'
+
+ context 'when feature flag is disabled' do
+ before do
+ stub_feature_flags(ban_user_feature_flag: false)
+ end
+
+ it_behaves_like 'returns public, confidential, and hidden'
end
- it_behaves_like 'returns public and confidential'
+ it 'does not filter by confidentiality' do
+ expect(Issue).not_to receive(:where).with(a_string_matching('confidential'), anything)
+
+ subject
+ end
end
context 'for an admin' do
- let(:user) { create(:user, :admin) }
+ let(:admin_user) { create(:user, :admin) }
+
+ subject { described_class.new(admin_user, params).with_confidentiality_access_check }
context 'when admin mode is enabled', :enable_admin_mode do
- it_behaves_like 'returns public and confidential'
+ it_behaves_like 'returns public, confidential, and hidden'
+
+ context 'when feature flag is disabled' do
+ before do
+ stub_feature_flags(ban_user_feature_flag: false)
+ end
+
+ it_behaves_like 'returns public, confidential, and hidden'
+ end
it 'does not filter by confidentiality' do
expect(Issue).not_to receive(:where).with(a_string_matching('confidential'), anything)
@@ -1266,7 +1340,19 @@ RSpec.describe IssuesFinder do
end
context 'when admin mode is disabled' do
- it_behaves_like 'returns public, does not return confidential'
+ it_behaves_like 'returns public, does not return hidden or confidential'
+
+ context 'when feature flag is disabled' do
+ before do
+ stub_feature_flags(ban_user_feature_flag: false)
+ end
+
+ it_behaves_like 'returns public and hidden, does not return confidential'
+ end
+
+ it 'filters by confidentiality' do
+ expect(subject.to_sql).to match("issues.confidential")
+ end
end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 23:29:22 +0300