diff options
Diffstat (limited to 'spec/serializers/group_link/group_group_link_entity_spec.rb')
-rw-r--r-- | spec/serializers/group_link/group_group_link_entity_spec.rb | 65 |
1 files changed, 52 insertions, 13 deletions
diff --git a/spec/serializers/group_link/group_group_link_entity_spec.rb b/spec/serializers/group_link/group_group_link_entity_spec.rb index 502cdc5c048..8f31c53e841 100644 --- a/spec/serializers/group_link/group_group_link_entity_spec.rb +++ b/spec/serializers/group_link/group_group_link_entity_spec.rb @@ -9,8 +9,8 @@ RSpec.describe GroupLink::GroupGroupLinkEntity do let(:entity) { described_class.new(group_group_link, { current_user: current_user, source: shared_group }) } - before do - allow(entity).to receive(:current_user).and_return(current_user) + subject(:as_json) do + entity.as_json end it 'matches json schema' do @@ -19,7 +19,7 @@ RSpec.describe GroupLink::GroupGroupLinkEntity do context 'source' do it 'exposes `source`' do - expect(entity.as_json[:source]).to include( + expect(as_json[:source]).to include( id: shared_group.id, full_name: shared_group.full_name, web_url: shared_group.web_url @@ -38,9 +38,9 @@ RSpec.describe GroupLink::GroupGroupLinkEntity do end end - context 'when current user has `:admin_group_member` permissions' do - before do - allow(entity).to receive(:can?).with(current_user, :admin_group_member, shared_group).and_return(true) + context 'when current user has owner permissions for the shared group' do + before_all do + shared_group.add_owner(current_user) end context 'when direct_member? is true' do @@ -49,10 +49,8 @@ RSpec.describe GroupLink::GroupGroupLinkEntity do end it 'exposes `can_update` and `can_remove` as `true`' do - json = entity.as_json - - expect(json[:can_update]).to be true - expect(json[:can_remove]).to be true + expect(as_json[:can_update]).to be true + expect(as_json[:can_remove]).to be true end end @@ -62,10 +60,51 @@ RSpec.describe GroupLink::GroupGroupLinkEntity do end it 'exposes `can_update` and `can_remove` as `true`' do - json = entity.as_json + expect(as_json[:can_update]).to be false + expect(as_json[:can_remove]).to be false + end + end + end + + context 'when current user is not a group member' do + context 'when shared with group is public' do + it 'does expose shared_with_group details' do + expect(as_json[:shared_with_group].keys).to include(:id, :avatar_url, :web_url, :name) + end + + it 'does expose source details' do + expect(as_json[:source].keys).to include(:id, :full_name) + end + + it 'sets is_shared_with_group_private to false' do + expect(as_json[:is_shared_with_group_private]).to be false + end + end + + context 'when shared with group is private' do + let_it_be(:shared_with_group) { create(:group, :private) } + + let_it_be(:group_group_link) do + create( + :group_group_link, + { + shared_group: shared_group, + shared_with_group: shared_with_group, + expires_at: '2020-05-12' + } + ) + end + + it 'does not expose shared_with_group details' do + expect(as_json[:shared_with_group].keys).to contain_exactly(:id) + end + + it 'does not expose source details' do + expect(as_json[:source]).to be_nil + end - expect(json[:can_update]).to be false - expect(json[:can_remove]).to be false + it 'sets is_shared_with_group_private to true' do + expect(as_json[:is_shared_with_group_private]).to be true end end end |