1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'User', feature_category: :user_profile do
include GraphqlHelpers
let_it_be(:current_user) { create(:user) }
shared_examples 'a working user query' do
it_behaves_like 'a working graphql query' do
before do
# TODO: This license stub is necessary because the remote development workspaces field
# defined in the EE version of UserInterface gets picked up here and thus the license
# check happens. This comes from the `ancestors` call in
# lib/graphql/schema/member/has_fields.rb#fields in the graphql library.
stub_licensed_features(remote_development: true)
post_graphql(query, current_user: current_user)
end
end
it 'includes the user' do
post_graphql(query, current_user: current_user)
expect(graphql_data['user']).not_to be_nil
end
it 'returns no user when global restricted_visibility_levels includes PUBLIC' do
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
post_graphql(query)
expect(graphql_data['user']).to be_nil
end
end
context 'when id parameter is used' do
let(:query) { graphql_query_for(:user, { id: current_user.to_global_id.to_s }) }
it_behaves_like 'a working user query'
end
context 'when username parameter is used' do
context 'when username is identically cased' do
let(:query) { graphql_query_for(:user, { username: current_user.username.to_s }) }
it_behaves_like 'a working user query'
end
context 'when username is differently cased' do
let(:query) { graphql_query_for(:user, { username: current_user.username.to_s.upcase }) }
it_behaves_like 'a working user query'
end
end
context 'when username and id parameter are used' do
let_it_be(:query) do
graphql_query_for(
:user,
{ id: current_user.to_global_id.to_s, username: current_user.username },
'id'
)
end
it 'displays an error' do
post_graphql(query)
expect(graphql_errors).to include(
a_hash_including('message' => a_string_matching(%r{Provide either a single username or id}))
)
end
end
describe 'email fields' do
before_all do
current_user.commit_email = current_user.emails.first.email
current_user.save!
end
let_it_be(:query) do
graphql_query_for(
:user,
{ username: current_user.username },
'emails { nodes { email } } commitEmail namespaceCommitEmails { nodes { id } }'
)
end
let_it_be(:email_1) { create(:email, user: current_user) }
let_it_be(:email_2) { create(:email, user: current_user) }
let_it_be(:namespace_commit_email_1) { create(:namespace_commit_email, email: email_1) }
let_it_be(:namespace_commit_email_2) { create(:namespace_commit_email, email: email_2) }
context 'with permission' do
it 'returns the relevant email details' do
post_graphql(query, current_user: current_user)
expect(graphql_data['user']['emails']['nodes'].pluck('email')).to match_array(
current_user.emails.map(&:email))
expect(graphql_data['user']['namespaceCommitEmails']['nodes']).not_to be_empty
expect(graphql_data['user']['commitEmail']).to eq(current_user.commit_email)
end
end
context 'without permission' do
it 'does not return email details' do
post_graphql(query, current_user: create(:user))
expect(graphql_data['user']['emails']['nodes']).to be_empty
expect(graphql_data['user']['namespaceCommitEmails']['nodes']).to be_empty
expect(graphql_data['user']['commitEmail']).to be_nil
end
end
end
describe 'organizations field' do
let_it_be(:organization_user) { create(:organization_user, user: current_user) }
let_it_be(:organization) { organization_user.organization }
let_it_be(:another_organization) { create(:organization) }
let_it_be(:another_user) { create(:user) }
let(:query) do
graphql_query_for(
:user,
{ username: current_user.username.to_s.upcase },
'organizations { nodes { path } }'
)
end
context 'with permission' do
it 'returns the relevant organization details' do
post_graphql(query, current_user: current_user)
expect(graphql_data.dig('user', 'organizations', 'nodes').pluck('path'))
.to match_array(organization.path)
end
end
context 'without permission' do
it 'does not return organization details' do
post_graphql(query, current_user: another_user)
expect(graphql_data.dig('user', 'organizations', 'nodes')).to be_nil
end
end
end
end
|