Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/models/issue_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/models/issue_spec.rb')
-rw-r--r--spec/models/issue_spec.rb333
1 files changed, 163 insertions, 170 deletions
diff --git a/spec/models/issue_spec.rb b/spec/models/issue_spec.rb
index 66b298bb36f..67aaf92b1e5 100644
--- a/spec/models/issue_spec.rb
+++ b/spec/models/issue_spec.rb
@@ -532,222 +532,258 @@ describe Issue do
end
describe '#visible_to_user?' do
+ let(:project) { build(:project) }
+ let(:issue) { build(:issue, project: project) }
+ let(:user) { create(:user) }
+
+ subject { issue.visible_to_user?(user) }
+
+ context 'with a project' do
+ it 'returns false when feature is disabled' do
+ project.project_feature.update_attribute(:issues_access_level, ProjectFeature::DISABLED)
+
+ is_expected.to eq(false)
+ end
+
+ it 'returns false when restricted for members' do
+ project.project_feature.update_attribute(:issues_access_level, ProjectFeature::PRIVATE)
+
+ is_expected.to eq(false)
+ end
+ end
+
context 'without a user' do
- let(:issue) { build(:issue) }
+ let(:user) { nil }
it 'returns true when the issue is publicly visible' do
expect(issue).to receive(:publicly_visible?).and_return(true)
- expect(issue.visible_to_user?).to eq(true)
+ is_expected.to eq(true)
end
it 'returns false when the issue is not publicly visible' do
expect(issue).to receive(:publicly_visible?).and_return(false)
- expect(issue.visible_to_user?).to eq(false)
+ is_expected.to eq(false)
end
end
context 'with a user' do
- let(:user) { create(:user) }
- let(:issue) { build(:issue) }
-
- it 'returns true when the issue is readable' do
- expect(issue).to receive(:readable_by?).with(user).and_return(true)
-
- expect(issue.visible_to_user?(user)).to eq(true)
+ shared_examples 'issue readable by user' do
+ it { is_expected.to eq(true) }
end
- it 'returns false when the issue is not readable' do
- expect(issue).to receive(:readable_by?).with(user).and_return(false)
-
- expect(issue.visible_to_user?(user)).to eq(false)
+ shared_examples 'issue not readable by user' do
+ it { is_expected.to eq(false) }
end
- it 'returns false when feature is disabled' do
- expect(issue).not_to receive(:readable_by?)
-
- issue.project.project_feature.update_attribute(:issues_access_level, ProjectFeature::DISABLED)
+ shared_examples 'confidential issue readable by user' do
+ specify do
+ issue.confidential = true
- expect(issue.visible_to_user?(user)).to eq(false)
+ is_expected.to eq(true)
+ end
end
- it 'returns false when restricted for members' do
- expect(issue).not_to receive(:readable_by?)
-
- issue.project.project_feature.update_attribute(:issues_access_level, ProjectFeature::PRIVATE)
+ shared_examples 'confidential issue not readable by user' do
+ specify do
+ issue.confidential = true
- expect(issue.visible_to_user?(user)).to eq(false)
+ is_expected.to eq(false)
+ end
end
- end
-
- describe 'with a regular user that is not a team member' do
- let(:user) { create(:user) }
- context 'using a public project' do
- let(:project) { create(:project, :public) }
+ context 'with an admin user' do
+ let(:user) { build(:admin) }
- it 'returns true for a regular issue' do
- issue = build(:issue, project: project)
+ it_behaves_like 'issue readable by user'
+ it_behaves_like 'confidential issue readable by user'
+ end
- expect(issue.visible_to_user?(user)).to eq(true)
+ context 'with an owner' do
+ before do
+ project.add_maintainer(user)
end
- it 'returns false for a confidential issue' do
- issue = build(:issue, project: project, confidential: true)
+ it_behaves_like 'issue readable by user'
+ it_behaves_like 'confidential issue readable by user'
+ end
- expect(issue.visible_to_user?(user)).to eq(false)
+ context 'with a reporter user' do
+ before do
+ project.add_reporter(user)
end
+
+ it_behaves_like 'issue readable by user'
+ it_behaves_like 'confidential issue readable by user'
end
- context 'using an internal project' do
- let(:project) { create(:project, :internal) }
+ context 'with a guest user' do
+ before do
+ project.add_guest(user)
+ end
- context 'using an internal user' do
- it 'returns true for a regular issue' do
- issue = build(:issue, project: project)
+ it_behaves_like 'issue readable by user'
+ it_behaves_like 'confidential issue not readable by user'
- expect(issue.visible_to_user?(user)).to eq(true)
+ context 'when user is an assignee' do
+ before do
+ issue.update!(assignees: [user])
end
- it 'returns false for a confidential issue' do
- issue = build(:issue, :confidential, project: project)
-
- expect(issue.visible_to_user?(user)).to eq(false)
- end
+ it_behaves_like 'issue readable by user'
+ it_behaves_like 'confidential issue readable by user'
end
- context 'using an external user' do
+ context 'when user is the author' do
before do
- allow(user).to receive(:external?).and_return(true)
- end
-
- it 'returns false for a regular issue' do
- issue = build(:issue, project: project)
-
- expect(issue.visible_to_user?(user)).to eq(false)
+ issue.update!(author: user)
end
- it 'returns false for a confidential issue' do
- issue = build(:issue, :confidential, project: project)
-
- expect(issue.visible_to_user?(user)).to eq(false)
- end
+ it_behaves_like 'issue readable by user'
+ it_behaves_like 'confidential issue readable by user'
end
end
- context 'using a private project' do
- let(:project) { create(:project, :private) }
-
- it 'returns false for a regular issue' do
- issue = build(:issue, project: project)
+ context 'with a user that is not a member' do
+ context 'using a public project' do
+ let(:project) { build(:project, :public) }
- expect(issue.visible_to_user?(user)).to eq(false)
+ it_behaves_like 'issue readable by user'
+ it_behaves_like 'confidential issue not readable by user'
end
- it 'returns false for a confidential issue' do
- issue = build(:issue, :confidential, project: project)
+ context 'using an internal project' do
+ let(:project) { build(:project, :internal) }
- expect(issue.visible_to_user?(user)).to eq(false)
- end
+ context 'using an internal user' do
+ before do
+ allow(user).to receive(:external?).and_return(false)
+ end
- context 'when the user is the project owner' do
- before do
- project.add_maintainer(user)
+ it_behaves_like 'issue readable by user'
+ it_behaves_like 'confidential issue not readable by user'
end
- it 'returns true for a regular issue' do
- issue = build(:issue, project: project)
+ context 'using an external user' do
+ before do
+ allow(user).to receive(:external?).and_return(true)
+ end
- expect(issue.visible_to_user?(user)).to eq(true)
+ it_behaves_like 'issue not readable by user'
+ it_behaves_like 'confidential issue not readable by user'
end
+ end
- it 'returns true for a confidential issue' do
- issue = build(:issue, :confidential, project: project)
-
- expect(issue.visible_to_user?(user)).to eq(true)
+ context 'using an external user' do
+ before do
+ allow(user).to receive(:external?).and_return(true)
end
+
+ it_behaves_like 'issue not readable by user'
+ it_behaves_like 'confidential issue not readable by user'
end
end
- end
-
- context 'with a regular user that is a team member' do
- let(:user) { create(:user) }
- let(:project) { create(:project, :public) }
- context 'using a public project' do
+ context 'with an external authentication service' do
before do
- project.add_developer(user)
+ enable_external_authorization_service_check
end
- it 'returns true for a regular issue' do
- issue = build(:issue, project: project)
+ it 'is `false` when an external authorization service is enabled' do
+ issue = build(:issue, project: build(:project, :public))
- expect(issue.visible_to_user?(user)).to eq(true)
+ expect(issue).not_to be_visible_to_user
end
- it 'returns true for a confidential issue' do
- issue = build(:issue, :confidential, project: project)
-
- expect(issue.visible_to_user?(user)).to eq(true)
- end
- end
-
- context 'using an internal project' do
- let(:project) { create(:project, :internal) }
+ it 'checks the external service to determine if an issue is readable by a user' do
+ project = build(:project, :public,
+ external_authorization_classification_label: 'a-label')
+ issue = build(:issue, project: project)
+ user = build(:user)
- before do
- project.add_developer(user)
+ expect(::Gitlab::ExternalAuthorization).to receive(:access_allowed?).with(user, 'a-label') { false }
+ expect(issue.visible_to_user?(user)).to be_falsy
end
- it 'returns true for a regular issue' do
+ it 'does not check the external service if a user does not have access to the project' do
+ project = build(:project, :private,
+ external_authorization_classification_label: 'a-label')
issue = build(:issue, project: project)
+ user = build(:user)
- expect(issue.visible_to_user?(user)).to eq(true)
+ expect(::Gitlab::ExternalAuthorization).not_to receive(:access_allowed?)
+ expect(issue.visible_to_user?(user)).to be_falsy
end
- it 'returns true for a confidential issue' do
- issue = build(:issue, :confidential, project: project)
+ it 'does not check the external webservice for admins' do
+ issue = build(:issue)
+ user = build(:admin)
- expect(issue.visible_to_user?(user)).to eq(true)
+ expect(::Gitlab::ExternalAuthorization).not_to receive(:access_allowed?)
+
+ issue.visible_to_user?(user)
end
end
- context 'using a private project' do
- let(:project) { create(:project, :private) }
+ context 'when issue is moved to a private project' do
+ let(:private_project) { build(:project, :private)}
before do
- project.add_developer(user)
+ issue.update(project: private_project) # move issue to private project
end
- it 'returns true for a regular issue' do
- issue = build(:issue, project: project)
+ shared_examples 'issue visible if user has guest access' do
+ context 'when user is not a member' do
+ it_behaves_like 'issue not readable by user'
+ it_behaves_like 'confidential issue not readable by user'
+ end
- expect(issue.visible_to_user?(user)).to eq(true)
+ context 'when user is a guest' do
+ before do
+ private_project.add_guest(user)
+ end
+
+ it_behaves_like 'issue readable by user'
+ it_behaves_like 'confidential issue readable by user'
+ end
end
- it 'returns true for a confidential issue' do
- issue = build(:issue, :confidential, project: project)
+ context 'when user is the author of the original issue' do
+ before do
+ issue.update!(author: user)
+ end
- expect(issue.visible_to_user?(user)).to eq(true)
+ it_behaves_like 'issue visible if user has guest access'
end
- end
- end
- context 'with an admin user' do
- let(:project) { create(:project) }
- let(:user) { create(:admin) }
+ context 'when user is an assignee in the original issue' do
+ before do
+ issue.update!(assignees: [user])
+ end
- it 'returns true for a regular issue' do
- issue = build(:issue, project: project)
+ it_behaves_like 'issue visible if user has guest access'
+ end
- expect(issue.visible_to_user?(user)).to eq(true)
- end
+ context 'when user is not the author or an assignee in original issue' do
+ context 'when user is a guest' do
+ before do
+ private_project.add_guest(user)
+ end
- it 'returns true for a confidential issue' do
- issue = build(:issue, :confidential, project: project)
+ it_behaves_like 'issue readable by user'
+ it_behaves_like 'confidential issue not readable by user'
+ end
- expect(issue.visible_to_user?(user)).to eq(true)
+ context 'when user is a reporter' do
+ before do
+ private_project.add_reporter(user)
+ end
+
+ it_behaves_like 'issue readable by user'
+ it_behaves_like 'confidential issue readable by user'
+ end
+ end
end
end
end
@@ -871,49 +907,6 @@ describe Issue do
subject { create(:issue, updated_at: 1.hour.ago) }
end
- context 'when an external authentication service' do
- before do
- enable_external_authorization_service_check
- end
-
- describe '#visible_to_user?' do
- it 'is `false` when an external authorization service is enabled' do
- issue = build(:issue, project: build(:project, :public))
-
- expect(issue).not_to be_visible_to_user
- end
-
- it 'checks the external service to determine if an issue is readable by a user' do
- project = build(:project, :public,
- external_authorization_classification_label: 'a-label')
- issue = build(:issue, project: project)
- user = build(:user)
-
- expect(::Gitlab::ExternalAuthorization).to receive(:access_allowed?).with(user, 'a-label') { false }
- expect(issue.visible_to_user?(user)).to be_falsy
- end
-
- it 'does not check the external service if a user does not have access to the project' do
- project = build(:project, :private,
- external_authorization_classification_label: 'a-label')
- issue = build(:issue, project: project)
- user = build(:user)
-
- expect(::Gitlab::ExternalAuthorization).not_to receive(:access_allowed?)
- expect(issue.visible_to_user?(user)).to be_falsy
- end
-
- it 'does not check the external webservice for admins' do
- issue = build(:issue)
- user = build(:admin)
-
- expect(::Gitlab::ExternalAuthorization).not_to receive(:access_allowed?)
-
- issue.visible_to_user?(user)
- end
- end
- end
-
describe "#labels_hook_attrs" do
let(:label) { create(:label) }
let(:issue) { create(:labeled_issue, labels: [label]) }
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-11 19:55:55 +0300