diff options
Diffstat (limited to 'spec/support/shared_examples/graphql/mutations/merge_requests/permission_check_shared_examples.rb')
| -rw-r--r-- | spec/support/shared_examples/graphql/mutations/merge_requests/permission_check_shared_examples.rb | 50 |
1 files changed, 41 insertions, 9 deletions
diff --git a/spec/support/shared_examples/graphql/mutations/merge_requests/permission_check_shared_examples.rb b/spec/support/shared_examples/graphql/mutations/merge_requests/permission_check_shared_examples.rb index 1ddbad1cea7..b0ac742079a 100644 --- a/spec/support/shared_examples/graphql/mutations/merge_requests/permission_check_shared_examples.rb +++ b/spec/support/shared_examples/graphql/mutations/merge_requests/permission_check_shared_examples.rb @@ -1,13 +1,39 @@ # frozen_string_literal: true RSpec.shared_examples 'permission level for merge request mutation is correctly verified' do - before do - merge_request.assignees = [] - merge_request.reviewers = [] - merge_request.author = nil + let(:other_user_author) { create(:user) } + + def mr_attributes(mr) + mr.attributes.except( + # Authors and assignees can edit title, description, target branch and draft status + 'title', + 'description', + 'target_branch', + 'draft', + # Those fields are calculated or expected to be modified during the mutations + 'author_id', + 'latest_merge_request_diff_id', + 'last_edited_at', + 'last_edited_by_id', + 'lock_version', + 'updated_at', + 'updated_by_id', + 'merge_status', + # There were spec failures due to nano-second comparisons + # this property isn't changed by any mutation so we don't have to verify it + 'created_at' + ) end - shared_examples_for 'when the user does not have access to the resource' do |raise_for_assigned| + let(:expected) { mr_attributes(merge_request) } + + shared_examples_for 'when the user does not have access to the resource' do |raise_for_assigned_and_author| + before do + merge_request.assignees = [] + merge_request.reviewers = [] + merge_request.update!(author: other_user_author) + end + it 'raises an error' do expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable) end @@ -18,12 +44,12 @@ RSpec.shared_examples 'permission level for merge request mutation is correctly end it 'does not modify merge request' do - if raise_for_assigned + if raise_for_assigned_and_author expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable) else # In some cases we simply do nothing instead of raising # https://gitlab.com/gitlab-org/gitlab/-/issues/196241 - expect(subject[:merge_request]).to eq merge_request + expect(mr_attributes(subject[:merge_request])).to eq expected end end end @@ -40,11 +66,17 @@ RSpec.shared_examples 'permission level for merge request mutation is correctly context 'even if author of the merge request' do before do - merge_request.author = user + merge_request.update!(author: user) end it 'raises an error' do - expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable) + if raise_for_assigned_and_author + expect { subject }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable) + else + # In some cases we simply do nothing instead of raising + # https://gitlab.com/gitlab-org/gitlab/-/issues/196241 + expect(mr_attributes(subject[:merge_request])).to eq expected + end end end end |