From 9bc5ed14fe97fe63cd5be30c013c6af978715621 Mon Sep 17 00:00:00 2001
From: Imre Farkas <ifarkas@gitlab.com>
Date: Tue, 9 Apr 2019 15:38:58 +0000
Subject: Move Contribution Analytics related spec in
 spec/features/groups/group_page_with_external_authorization_service_spec to
 EE

---
 spec/lib/gitlab/external_authorization_spec.rb | 54 ++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 spec/lib/gitlab/external_authorization_spec.rb

(limited to 'spec/lib/gitlab/external_authorization_spec.rb')

diff --git a/spec/lib/gitlab/external_authorization_spec.rb b/spec/lib/gitlab/external_authorization_spec.rb
new file mode 100644
index 00000000000..7394fbfe0ce
--- /dev/null
+++ b/spec/lib/gitlab/external_authorization_spec.rb
@@ -0,0 +1,54 @@
+require 'spec_helper'
+
+describe Gitlab::ExternalAuthorization, :request_store do
+  include ExternalAuthorizationServiceHelpers
+
+  let(:user) { build(:user) }
+  let(:label) { 'dummy_label' }
+
+  describe '#access_allowed?' do
+    it 'is always true when the feature is disabled' do
+      # Not using `stub_application_setting` because the method is prepended in
+      # `EE::ApplicationSetting` which breaks when using `any_instance`
+      # https://gitlab.com/gitlab-org/gitlab-ce/issues/33587
+      expect(::Gitlab::CurrentSettings.current_application_settings)
+        .to receive(:external_authorization_service_enabled) { false }
+
+      expect(described_class).not_to receive(:access_for_user_to_label)
+
+      expect(described_class.access_allowed?(user, label)).to be_truthy
+    end
+  end
+
+  describe '#rejection_reason' do
+    it 'is always nil when the feature is disabled' do
+      expect(::Gitlab::CurrentSettings.current_application_settings)
+        .to receive(:external_authorization_service_enabled) { false }
+
+      expect(described_class).not_to receive(:access_for_user_to_label)
+
+      expect(described_class.rejection_reason(user, label)).to be_nil
+    end
+  end
+
+  describe '#access_for_user_to_label' do
+    it 'only loads the access once per request' do
+      enable_external_authorization_service_check
+
+      expect(::Gitlab::ExternalAuthorization::Access)
+        .to receive(:new).with(user, label).once.and_call_original
+
+      2.times { described_class.access_for_user_to_label(user, label, nil) }
+    end
+
+    it 'logs the access request once per request' do
+      expect(::Gitlab::ExternalAuthorization::Logger)
+        .to receive(:log_access)
+              .with(an_instance_of(::Gitlab::ExternalAuthorization::Access),
+                    'the/project/path')
+              .once
+
+      2.times { described_class.access_for_user_to_label(user, label, 'the/project/path') }
+    end
+  end
+end
-- 
cgit v1.2.3