diff options
Diffstat (limited to 'spec/services/resource_access_tokens/create_service_spec.rb')
-rw-r--r-- | spec/services/resource_access_tokens/create_service_spec.rb | 40 |
1 files changed, 39 insertions, 1 deletions
diff --git a/spec/services/resource_access_tokens/create_service_spec.rb b/spec/services/resource_access_tokens/create_service_spec.rb index 5a88929334b..127948549b0 100644 --- a/spec/services/resource_access_tokens/create_service_spec.rb +++ b/spec/services/resource_access_tokens/create_service_spec.rb @@ -268,10 +268,36 @@ RSpec.describe ResourceAccessTokens::CreateService do end it_behaves_like 'allows creation of bot with valid params' + + context 'when user specifies an access level of OWNER for the bot' do + let_it_be(:params) { { access_level: Gitlab::Access::OWNER } } + + context 'when the executor is a MAINTAINER' do + it 'does not add the bot user with the specified access level in the resource' do + response = subject + + expect(response.error?).to be true + expect(response.errors).to include('Could not provision owner access to project access token') + end + end + + context 'when the executor is an OWNER' do + let_it_be(:user) { project.first_owner } + + it 'adds the bot user with the specified access level in the resource' do + response = subject + + access_token = response.payload[:access_token] + bot_user = access_token.user + + expect(resource.members.owners.map(&:user_id)).to include(bot_user.id) + end + end + end end end - context 'when resource is a project' do + context 'when resource is a group' do let_it_be(:resource_type) { 'group' } let_it_be(:resource) { group } @@ -283,6 +309,18 @@ RSpec.describe ResourceAccessTokens::CreateService do end it_behaves_like 'allows creation of bot with valid params' + + context 'when user specifies an access level of OWNER for the bot' do + let_it_be(:params) { { access_level: Gitlab::Access::OWNER } } + + it 'adds the bot user with the specified access level in the resource' do + response = subject + access_token = response.payload[:access_token] + bot_user = access_token.user + + expect(resource.members.owners.map(&:user_id)).to include(bot_user.id) + end + end end end end |