1 files changed, 39 insertions, 28 deletions

diff --git a/spec/services/web_hooks/destroy_service_spec.rb b/spec/services/web_hooks/destroy_service_spec.rb
index 4d9bb18e540..ca8cb8a1b75 100644
--- a/spec/services/web_hooks/destroy_service_spec.rb
+++ b/spec/services/web_hooks/destroy_service_spec.rb
@@ -8,43 +8,54 @@ RSpec.describe WebHooks::DestroyService do
   subject { described_class.new(user) }
 
   describe '#execute' do
-    %i[system_hook project_hook].each do |factory|
-      context "deleting a #{factory}" do
-        let!(:hook) { create(factory) } # rubocop: disable Rails/SaveBang (false-positive!)
-        let!(:log) { create_list(:web_hook_log, 3, web_hook: hook) }
+    # Testing with a project hook only - for permission tests, see policy specs.
+    let!(:hook) { create(:project_hook) }
+    let!(:log) { create_list(:web_hook_log, 3, web_hook: hook) }
+
+    context 'when the user does not have permission' do
+      it 'is an error' do
+        expect(subject.execute(hook))
+          .to be_error
+          .and have_attributes(message: described_class::DENIED)
+      end
+    end
 
-        it 'is successful' do
-          expect(subject.execute(hook)).to be_success
-        end
+    context 'when the user does have permission' do
+      before do
+        hook.project.add_maintainer(user)
+      end
 
-        it 'destroys the hook' do
-          expect { subject.execute(hook) }.to change(WebHook, :count).from(1).to(0)
-        end
+      it 'is successful' do
+        expect(subject.execute(hook)).to be_success
+      end
 
-        it 'does not destroy logs' do
-          expect { subject.execute(hook) }.not_to change(WebHookLog, :count)
-        end
+      it 'destroys the hook' do
+        expect { subject.execute(hook) }.to change(WebHook, :count).from(1).to(0)
+      end
 
-        it 'schedules the destruction of logs' do
-          expect(WebHooks::LogDestroyWorker).to receive(:perform_async).with({ 'hook_id' => hook.id })
-          expect(Gitlab::AppLogger).to receive(:info).with(match(/scheduled a deletion of logs/))
+      it 'does not destroy logs' do
+        expect { subject.execute(hook) }.not_to change(WebHookLog, :count)
+      end
 
-          subject.execute(hook)
-        end
+      it 'schedules the destruction of logs' do
+        expect(WebHooks::LogDestroyWorker).to receive(:perform_async).with({ 'hook_id' => hook.id })
+        expect(Gitlab::AppLogger).to receive(:info).with(match(/scheduled a deletion of logs/))
 
-        context 'when the hook fails to destroy' do
-          before do
-            allow(hook).to receive(:destroy).and_return(false)
-          end
+        subject.execute(hook)
+      end
+
+      context 'when the hook fails to destroy' do
+        before do
+          allow(hook).to receive(:destroy).and_return(false)
+        end
 
-          it 'is not a success' do
-            expect(WebHooks::LogDestroyWorker).not_to receive(:perform_async)
+        it 'is not a success' do
+          expect(WebHooks::LogDestroyWorker).not_to receive(:perform_async)
 
-            r = subject.execute(hook)
+          r = subject.execute(hook)
 
-            expect(r).to be_error
-            expect(r[:message]).to match %r{Unable to destroy}
-          end
+          expect(r).to be_error
+          expect(r[:message]).to match %r{Unable to destroy}
         end
       end
     end