213 lines
7.2 KiB
Ruby
213 lines
7.2 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'spec_helper'
|
|
|
|
RSpec.describe Groups::LabelsController, feature_category: :team_planning do
|
|
let_it_be(:root_group) { create(:group) }
|
|
let_it_be(:group) { create(:group, parent: root_group) }
|
|
let_it_be(:user) { create(:user) }
|
|
let_it_be(:another_user) { create(:user) }
|
|
let_it_be(:project) { create(:project, namespace: group) }
|
|
|
|
before do
|
|
group.add_owner(user)
|
|
|
|
sign_in(user)
|
|
end
|
|
|
|
describe 'GET #index' do
|
|
let_it_be(:label_1) { create(:label, project: project, title: 'label_1') }
|
|
let_it_be(:group_label_1) { create(:group_label, group: group, title: 'group_label_1') }
|
|
|
|
it 'returns group and project labels by default' do
|
|
get :index, params: { group_id: group }, format: :json
|
|
|
|
label_ids = json_response.map { |label| label['title'] }
|
|
expect(label_ids).to match_array([label_1.title, group_label_1.title])
|
|
end
|
|
|
|
context 'with ancestor group' do
|
|
let_it_be(:subgroup) { create(:group, parent: group) }
|
|
let_it_be(:subgroup_label_1) { create(:group_label, group: subgroup, title: 'subgroup_label_1') }
|
|
|
|
before do
|
|
subgroup.add_owner(user)
|
|
end
|
|
|
|
it 'returns ancestor group labels' do
|
|
params = { group_id: subgroup, only_group_labels: true }
|
|
get :index, params: params, format: :json
|
|
|
|
label_ids = json_response.map { |label| label['title'] }
|
|
expect(label_ids).to match_array([group_label_1.title, subgroup_label_1.title])
|
|
end
|
|
end
|
|
|
|
context 'external authorization' do
|
|
subject { get :index, params: { group_id: group.to_param } }
|
|
|
|
it_behaves_like 'disabled when using an external authorization service'
|
|
end
|
|
|
|
context 'with views rendered' do
|
|
render_views
|
|
|
|
before do
|
|
get :index, params: { group_id: group.to_param }
|
|
end
|
|
|
|
it 'avoids N+1 queries', :use_clean_rails_redis_caching do
|
|
control = ActiveRecord::QueryRecorder.new(skip_cached: false) { get :index, params: { group_id: group.to_param } }
|
|
|
|
create_list(:group_label, 3, group: group)
|
|
|
|
# some n+1 queries still exist
|
|
expect { get :index, params: { group_id: group.to_param } }.not_to exceed_all_query_limit(control.count).with_threshold(10)
|
|
expect(assigns(:labels).count).to eq(4)
|
|
end
|
|
end
|
|
end
|
|
|
|
shared_examples 'when current_user does not have ability to modify the label' do
|
|
before do
|
|
sign_in(another_user)
|
|
end
|
|
|
|
it 'responds with status 404' do
|
|
group_request
|
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
end
|
|
|
|
# No matter what permissions you have in a sub-group, you need the proper
|
|
# permissions in the group in order to modify a group label
|
|
# See https://gitlab.com/gitlab-org/gitlab/-/issues/387531
|
|
context 'when trying to edit a parent group label from inside a subgroup' do
|
|
it 'responds with status 404' do
|
|
sub_group.add_owner(another_user)
|
|
sub_group_request
|
|
|
|
expect(response).to have_gitlab_http_status(:not_found)
|
|
end
|
|
end
|
|
end
|
|
|
|
describe 'GET #edit' do
|
|
let_it_be(:label) { create(:group_label, group: group) }
|
|
|
|
it 'shows the edit page' do
|
|
get :edit, params: { group_id: group.to_param, id: label.to_param }
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
end
|
|
|
|
it_behaves_like 'when current_user does not have ability to modify the label' do
|
|
let_it_be(:sub_group) { create(:group, parent: group) }
|
|
let(:group_request) { get :edit, params: { group_id: group.to_param, id: label.to_param } }
|
|
let(:sub_group_request) { get :edit, params: { group_id: sub_group.to_param, id: label.to_param } }
|
|
end
|
|
end
|
|
|
|
describe 'POST #toggle_subscription' do
|
|
it 'allows user to toggle subscription on group labels' do
|
|
label = create(:group_label, group: group)
|
|
|
|
post :toggle_subscription, params: { group_id: group.to_param, id: label.to_param }
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
end
|
|
end
|
|
|
|
describe 'DELETE #destroy' do
|
|
context 'when current user has ability to destroy the label' do
|
|
before do
|
|
sign_in(user)
|
|
end
|
|
|
|
it 'removes the label' do
|
|
label = create(:group_label, group: group)
|
|
delete :destroy, params: { group_id: group.to_param, id: label.to_param }
|
|
|
|
expect { label.reload }.to raise_error(ActiveRecord::RecordNotFound)
|
|
end
|
|
|
|
it 'does not remove the label if it is locked' do
|
|
label = create(:group_label, group: group, lock_on_merge: true)
|
|
delete :destroy, params: { group_id: group.to_param, id: label.to_param }
|
|
|
|
expect(label.reload).to eq label
|
|
end
|
|
|
|
context 'when label is succesfuly destroyed' do
|
|
it 'redirects to the group labels page' do
|
|
label = create(:group_label, group: group)
|
|
delete :destroy, params: { group_id: group.to_param, id: label.to_param }
|
|
|
|
expect(response).to redirect_to(group_labels_path)
|
|
end
|
|
end
|
|
end
|
|
|
|
it_behaves_like 'when current_user does not have ability to modify the label' do
|
|
let_it_be(:label) { create(:group_label, group: group) }
|
|
let_it_be(:sub_group) { create(:group, parent: group) }
|
|
let(:group_request) { delete :destroy, params: { group_id: group.to_param, id: label.to_param } }
|
|
let(:sub_group_request) { delete :destroy, params: { group_id: sub_group.to_param, id: label.to_param } }
|
|
end
|
|
end
|
|
|
|
describe 'PUT #update' do
|
|
it_behaves_like 'when current_user does not have ability to modify the label' do
|
|
let_it_be(:label) { create(:group_label, group: group) }
|
|
let_it_be(:sub_group) { create(:group, parent: group) }
|
|
let(:group_request) { put :update, params: { group_id: group.to_param, id: label.to_param, label: { title: 'Test' } } }
|
|
let(:sub_group_request) { put :update, params: { group_id: sub_group.to_param, id: label.to_param, label: { title: 'Test' } } }
|
|
end
|
|
|
|
context 'when updating lock_on_merge' do
|
|
let_it_be(:params) { { lock_on_merge: true } }
|
|
let_it_be_with_reload(:label) { create(:group_label, group: group) }
|
|
|
|
subject(:update_request) { put :update, params: { group_id: group.to_param, id: label.to_param, label: params } }
|
|
|
|
context 'when feature flag is disabled' do
|
|
before do
|
|
stub_feature_flags(enforce_locked_labels_on_merge: false)
|
|
end
|
|
|
|
it 'does not allow setting lock_on_merge' do
|
|
update_request
|
|
|
|
expect(response).to redirect_to(group_labels_path)
|
|
expect(label.reload.lock_on_merge).to be_falsey
|
|
end
|
|
end
|
|
|
|
shared_examples 'allows setting lock_on_merge' do
|
|
it do
|
|
update_request
|
|
|
|
expect(response).to redirect_to(group_labels_path)
|
|
expect(label.reload.lock_on_merge).to be_truthy
|
|
end
|
|
end
|
|
|
|
context 'when feature flag for group is enabled' do
|
|
before do
|
|
stub_feature_flags(enforce_locked_labels_on_merge: group)
|
|
end
|
|
|
|
it_behaves_like 'allows setting lock_on_merge'
|
|
end
|
|
|
|
context 'when feature flag for ancestor group is enabled' do
|
|
before do
|
|
stub_feature_flags(enforce_locked_labels_on_merge: root_group)
|
|
end
|
|
|
|
it_behaves_like 'allows setting lock_on_merge'
|
|
end
|
|
end
|
|
end
|
|
end
|