diff options
Diffstat (limited to 'spec/requests/api/protected_branches_spec.rb')
-rw-r--r-- | spec/requests/api/protected_branches_spec.rb | 62 |
1 files changed, 27 insertions, 35 deletions
diff --git a/spec/requests/api/protected_branches_spec.rb b/spec/requests/api/protected_branches_spec.rb index 8efb822cb83..9f10eb1bb9f 100644 --- a/spec/requests/api/protected_branches_spec.rb +++ b/spec/requests/api/protected_branches_spec.rb @@ -3,14 +3,22 @@ require 'spec_helper' RSpec.describe API::ProtectedBranches do - let(:user) { create(:user) } - let!(:project) { create(:project, :repository) } + let_it_be_with_reload(:project) { create(:project, :repository) } + let_it_be(:maintainer) { create(:user) } + let_it_be(:guest) { create(:user) } + let(:protected_name) { 'feature' } let(:branch_name) { protected_name } + let!(:protected_branch) do create(:protected_branch, project: project, name: protected_name) end + before_all do + project.add_maintainer(maintainer) + project.add_guest(guest) + end + describe "GET /projects/:id/protected_branches" do let(:params) { {} } let(:route) { "/projects/#{project.id}/protected_branches" } @@ -29,9 +37,7 @@ RSpec.describe API::ProtectedBranches do end context 'when authenticated as a maintainer' do - before do - project.add_maintainer(user) - end + let(:user) { maintainer } context 'when search param is not present' do it_behaves_like 'protected branches' do @@ -49,9 +55,7 @@ RSpec.describe API::ProtectedBranches do end context 'when authenticated as a guest' do - before do - project.add_guest(user) - end + let(:user) { guest } it_behaves_like '403 response' do let(:request) { get api(route, user) } @@ -84,9 +88,7 @@ RSpec.describe API::ProtectedBranches do end context 'when authenticated as a maintainer' do - before do - project.add_maintainer(user) - end + let(:user) { maintainer } it_behaves_like 'protected branch' @@ -104,9 +106,7 @@ RSpec.describe API::ProtectedBranches do end context 'when authenticated as a guest' do - before do - project.add_guest(user) - end + let(:user) { guest } it_behaves_like '403 response' do let(:request) { get api(route, user) } @@ -124,9 +124,7 @@ RSpec.describe API::ProtectedBranches do end context 'when authenticated as a maintainer' do - before do - project.add_maintainer(user) - end + let(:user) { maintainer } it 'protects a single branch' do post post_endpoint, params: { name: branch_name } @@ -226,13 +224,10 @@ RSpec.describe API::ProtectedBranches do end end - context 'when a policy restricts rule deletion' do - before do - policy = instance_double(ProtectedBranchPolicy, allowed?: false) - expect(ProtectedBranchPolicy).to receive(:new).and_return(policy) - end + context 'when a policy restricts rule creation' do + it "prevents creations of the protected branch rule" do + disallow(:create_protected_branch, an_instance_of(ProtectedBranch)) - it "prevents deletion of the protected branch rule" do post post_endpoint, params: { name: branch_name } expect(response).to have_gitlab_http_status(:forbidden) @@ -241,9 +236,7 @@ RSpec.describe API::ProtectedBranches do end context 'when authenticated as a guest' do - before do - project.add_guest(user) - end + let(:user) { guest } it "returns a 403 error if guest" do post post_endpoint, params: { name: branch_name } @@ -254,12 +247,9 @@ RSpec.describe API::ProtectedBranches do end describe "DELETE /projects/:id/protected_branches/unprotect/:branch" do + let(:user) { maintainer } let(:delete_endpoint) { api("/projects/#{project.id}/protected_branches/#{branch_name}", user) } - before do - project.add_maintainer(user) - end - it "unprotects a single branch" do delete delete_endpoint @@ -277,12 +267,9 @@ RSpec.describe API::ProtectedBranches do end context 'when a policy restricts rule deletion' do - before do - policy = instance_double(ProtectedBranchPolicy, allowed?: false) - expect(ProtectedBranchPolicy).to receive(:new).and_return(policy) - end - it "prevents deletion of the protected branch rule" do + disallow(:destroy_protected_branch, protected_branch) + delete delete_endpoint expect(response).to have_gitlab_http_status(:forbidden) @@ -299,4 +286,9 @@ RSpec.describe API::ProtectedBranches do end end end + + def disallow(ability, protected_branch) + allow(Ability).to receive(:allowed?).and_call_original + allow(Ability).to receive(:allowed?).with(user, ability, protected_branch).and_return(false) + end end |