diff options
Diffstat (limited to 'spec/requests/api/graphql/mutations/snippets/update_spec.rb')
-rw-r--r-- | spec/requests/api/graphql/mutations/snippets/update_spec.rb | 144 |
1 files changed, 144 insertions, 0 deletions
diff --git a/spec/requests/api/graphql/mutations/snippets/update_spec.rb b/spec/requests/api/graphql/mutations/snippets/update_spec.rb new file mode 100644 index 00000000000..deaa9e8a237 --- /dev/null +++ b/spec/requests/api/graphql/mutations/snippets/update_spec.rb @@ -0,0 +1,144 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'Updating a Snippet' do + include GraphqlHelpers + + let_it_be(:original_content) { 'Initial content' } + let_it_be(:original_description) { 'Initial description' } + let_it_be(:original_title) { 'Initial title' } + let_it_be(:original_file_name) { 'Initial file_name' } + let(:updated_content) { 'Updated content' } + let(:updated_description) { 'Updated description' } + let(:updated_title) { 'Updated_title' } + let(:updated_file_name) { 'Updated file_name' } + let(:current_user) { snippet.author } + + let(:mutation) do + variables = { + id: GitlabSchema.id_from_object(snippet).to_s, + content: updated_content, + description: updated_description, + visibility_level: 'public', + file_name: updated_file_name, + title: updated_title + } + + graphql_mutation(:update_snippet, variables) + end + + def mutation_response + graphql_mutation_response(:update_snippet) + end + + shared_examples 'graphql update actions' do + context 'when the user does not have permission' do + let(:current_user) { create(:user) } + + it_behaves_like 'a mutation that returns top-level errors', + errors: [Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR] + + it 'does not update the Snippet' do + expect do + post_graphql_mutation(mutation, current_user: current_user) + end.not_to change { snippet.reload } + end + end + + context 'when the user has permission' do + it 'updates the Snippet' do + post_graphql_mutation(mutation, current_user: current_user) + + expect(snippet.reload.title).to eq(updated_title) + end + + it 'returns the updated Snippet' do + post_graphql_mutation(mutation, current_user: current_user) + + expect(mutation_response['snippet']['content']).to eq(updated_content) + expect(mutation_response['snippet']['title']).to eq(updated_title) + expect(mutation_response['snippet']['description']).to eq(updated_description) + expect(mutation_response['snippet']['fileName']).to eq(updated_file_name) + expect(mutation_response['snippet']['visibilityLevel']).to eq('public') + end + + context 'when there are ActiveRecord validation errors' do + let(:updated_title) { '' } + + it_behaves_like 'a mutation that returns errors in the response', errors: ["Title can't be blank"] + + it 'does not update the Snippet' do + post_graphql_mutation(mutation, current_user: current_user) + + expect(snippet.reload.title).to eq(original_title) + end + + it 'returns the Snippet with its original values' do + post_graphql_mutation(mutation, current_user: current_user) + + expect(mutation_response['snippet']['content']).to eq(original_content) + expect(mutation_response['snippet']['title']).to eq(original_title) + expect(mutation_response['snippet']['description']).to eq(original_description) + expect(mutation_response['snippet']['fileName']).to eq(original_file_name) + expect(mutation_response['snippet']['visibilityLevel']).to eq('private') + end + end + end + end + + describe 'PersonalSnippet' do + it_behaves_like 'graphql update actions' do + let_it_be(:snippet) do + create(:personal_snippet, + :private, + file_name: original_file_name, + title: original_title, + content: original_content, + description: original_description) + end + end + end + + describe 'ProjectSnippet' do + let_it_be(:project) { create(:project, :private) } + let_it_be(:snippet) do + create(:project_snippet, + :private, + project: project, + author: create(:user), + file_name: original_file_name, + title: original_title, + content: original_content, + description: original_description) + end + + context 'when the author is not a member of the project' do + it 'returns an an error' do + post_graphql_mutation(mutation, current_user: current_user) + errors = json_response['errors'] + + expect(errors.first['message']).to eq(Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR) + end + end + + context 'when the author is a member of the project' do + before do + project.add_developer(current_user) + end + + it_behaves_like 'graphql update actions' + + context 'when the snippet project feature is disabled' do + it 'returns an an error' do + project.project_feature.update_attribute(:snippets_access_level, ProjectFeature::DISABLED) + + post_graphql_mutation(mutation, current_user: current_user) + errors = json_response['errors'] + + expect(errors.first['message']).to eq(Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR) + end + end + end + end +end |