spec/services/users/ban_service_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe Users::BanService, feature_category: :user_management do
  let(:user) { create(:user) }

  let_it_be(:current_user) { create(:admin) }

  shared_examples 'does not modify the BannedUser record or user state' do
    it 'does not modify the BannedUser record or user state' do
      expect { ban_user }.not_to change { Users::BannedUser.count }
      expect { ban_user }.not_to change { user.state }
    end
  end

  context 'ban', :aggregate_failures do
    subject(:ban_user) { described_class.new(current_user).execute(user) }

    context 'when successful', :enable_admin_mode do
      it 'returns success status' do
        response = ban_user

        expect(response[:status]).to eq(:success)
      end

      it 'bans the user' do
        expect { ban_user }.to change { user.state }.from('active').to('banned')
      end

      it 'creates a BannedUser' do
        expect { ban_user }.to change { Users::BannedUser.count }.by(1)
        expect(Users::BannedUser.last.user_id).to eq(user.id)
      end

      it 'logs ban in application logs' do
        expect(Gitlab::AppLogger).to receive(:info).with(message: "User ban", user: user.username.to_s, email: user.email.to_s, ban_by: current_user.username.to_s, ip_address: current_user.current_sign_in_ip.to_s)

        ban_user
      end

      it 'tracks the event', :experiment do
        expect(experiment(:phone_verification_for_low_risk_users))
          .to track(:banned).on_next_instance.with_context(user: user)

        ban_user
      end
    end

    context 'when failed' do
      context 'when user is blocked', :enable_admin_mode do
        before do
          user.block!
        end

        it 'returns state error message' do
          response = ban_user

          expect(response[:status]).to eq(:error)
          expect(response[:message]).to match('You cannot ban blocked users.')
        end

        it_behaves_like 'does not modify the BannedUser record or user state'
      end

      context 'when user is not an admin' do
        it 'returns permissions error message' do
          response = ban_user

          expect(response[:status]).to eq(:error)
          expect(response[:message]).to match(/You are not allowed to ban a user/)
        end

        it_behaves_like 'does not modify the BannedUser record or user state'
      end
    end
  end
end