debian-mirror-gitlab/spec/services/users/destroy_service_spec.rb

require 'spec_helper'

describe Users::DestroyService do
  describe "Deletes a user and all their personal projects" do
    let!(:user)      { create(:user) }
    let!(:admin)     { create(:admin) }
    let!(:namespace) { create(:namespace, owner: user) }
    let!(:project)   { create(:project, namespace: namespace) }
    let(:service)    { described_class.new(admin) }

    context 'no options are given' do
      it 'deletes the user' do
        user_data = service.execute(user)

        expect { user_data['email'].to eq(user.email) }
        expect { User.find(user.id) }.to raise_error(ActiveRecord::RecordNotFound)
        expect { Namespace.with_deleted.find(user.namespace.id) }.to raise_error(ActiveRecord::RecordNotFound)
      end

      it 'will delete the project' do
        expect_any_instance_of(Projects::DestroyService).to receive(:execute).once

        service.execute(user)
      end
    end

    context 'projects in pending_delete' do
      before do
        project.pending_delete = true
        project.save
      end

      it 'destroys a project in pending_delete' do
        expect_any_instance_of(Projects::DestroyService).to receive(:execute).once

        service.execute(user)

        expect { Project.find(project.id) }.to raise_error(ActiveRecord::RecordNotFound)
      end
    end

    context "a deleted user's issues" do
      let(:project) { create(:project) }

      before do
        project.add_developer(user)
      end

      context "for an issue the user was assigned to" do
        let!(:issue) { create(:issue, project: project, assignees: [user]) }

        before do
          service.execute(user)
        end

        it 'does not delete issues the user is assigned to' do
          expect(Issue.find_by_id(issue.id)).to be_present
        end

        it 'migrates the issue so that it is "Unassigned"' do
          migrated_issue = Issue.find_by_id(issue.id)

          expect(migrated_issue.assignees).to be_empty
        end
      end
    end

    context "a deleted user's merge_requests" do
      let(:project) { create(:project, :repository) }

      before do
        project.add_developer(user)
      end

      context "for an merge request the user was assigned to" do
        let!(:merge_request) { create(:merge_request, source_project: project, assignee: user) }

        before do
          service.execute(user)
        end

        it 'does not delete merge requests the user is assigned to' do
          expect(MergeRequest.find_by_id(merge_request.id)).to be_present
        end

        it 'migrates the merge request so that it is "Unassigned"' do
          migrated_merge_request = MergeRequest.find_by_id(merge_request.id)

          expect(migrated_merge_request.assignee).to be_nil
        end
      end
    end

    context "solo owned groups present" do
      let(:solo_owned)  { create(:group) }
      let(:member)      { create(:group_member) }
      let(:user)        { member.user }

      before do
        solo_owned.group_members = [member]
        service.execute(user)
      end

      it 'does not delete the user' do
        expect(User.find(user.id)).to eq user
      end
    end

    context "deletions with solo owned groups" do
      let(:solo_owned)      { create(:group) }
      let(:member)          { create(:group_member) }
      let(:user)            { member.user }

      before do
        solo_owned.group_members = [member]
        service.execute(user, delete_solo_owned_groups: true)
      end

      it 'deletes solo owned groups' do
        expect { Project.find(solo_owned.id) }.to raise_error(ActiveRecord::RecordNotFound)
      end

      it 'deletes the user' do
        expect { User.find(user.id) }.to raise_error(ActiveRecord::RecordNotFound)
      end
    end

    context "deletion permission checks" do
      it 'does not delete the user when user is not an admin' do
        other_user = create(:user)

        expect { described_class.new(other_user).execute(user) }.to raise_error(Gitlab::Access::AccessDeniedError)
        expect(User.exists?(user.id)).to be(true)
      end

      it 'allows admins to delete anyone' do
        described_class.new(admin).execute(user)

        expect(User.exists?(user.id)).to be(false)
      end

      it 'allows users to delete their own account' do
        described_class.new(user).execute(user)

        expect(User.exists?(user.id)).to be(false)
      end
    end

    context "migrating associated records" do
      let!(:issue)     { create(:issue, author: user) }

      it 'delegates to the `MigrateToGhostUser` service to move associated records to the ghost user' do
        expect_any_instance_of(Users::MigrateToGhostUserService).to receive(:execute).once.and_call_original

        service.execute(user)

        expect(issue.reload.author).to be_ghost
      end

      it 'does not run `MigrateToGhostUser` if hard_delete option is given' do
        expect_any_instance_of(Users::MigrateToGhostUserService).not_to receive(:execute)

        service.execute(user, hard_delete: true)

        expect(Issue.exists?(issue.id)).to be_falsy
      end
    end
  end
end
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`require 'spec_helper'`

New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`describe Users::DestroyService do`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`describe "Deletes a user and all their personal projects" do`
			`let!(:user) { create(:user) }`
			`let!(:admin) { create(:admin) }`
			`let!(:namespace) { create(:namespace, owner: user) }`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`let!(:project) { create(:project, namespace: namespace) }`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`let(:service) { described_class.new(admin) }`

			`context 'no options are given' do`
			`it 'deletes the user' do`
			`user_data = service.execute(user)`

			`expect { user_data['email'].to eq(user.email) }`
			`expect { User.find(user.id) }.to raise_error(ActiveRecord::RecordNotFound)`
			`expect { Namespace.with_deleted.find(user.namespace.id) }.to raise_error(ActiveRecord::RecordNotFound)`
			`end`

			`it 'will delete the project' do`
			`expect_any_instance_of(Projects::DestroyService).to receive(:execute).once`

			`service.execute(user)`
			`end`
			`end`

			`context 'projects in pending_delete' do`
			`before do`
			`project.pending_delete = true`
			`project.save`
			`end`

			`it 'destroys a project in pending_delete' do`
			`expect_any_instance_of(Projects::DestroyService).to receive(:execute).once`

			`service.execute(user)`

			`expect { Project.find(project.id) }.to raise_error(ActiveRecord::RecordNotFound)`
			`end`
			`end`

			`context "a deleted user's issues" do`
			`let(:project) { create(:project) }`

			`before do`
			`project.add_developer(user)`
			`end`

			`context "for an issue the user was assigned to" do`
			`let!(:issue) { create(:issue, project: project, assignees: [user]) }`

			`before do`
			`service.execute(user)`
			`end`

			`it 'does not delete issues the user is assigned to' do`
			`expect(Issue.find_by_id(issue.id)).to be_present`
			`end`

			`it 'migrates the issue so that it is "Unassigned"' do`
			`migrated_issue = Issue.find_by_id(issue.id)`

			`expect(migrated_issue.assignees).to be_empty`
			`end`
			`end`
			`end`

			`context "a deleted user's merge_requests" do`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`let(:project) { create(:project, :repository) }`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
			`before do`
			`project.add_developer(user)`
			`end`

			`context "for an merge request the user was assigned to" do`
			`let!(:merge_request) { create(:merge_request, source_project: project, assignee: user) }`

			`before do`
			`service.execute(user)`
			`end`

			`it 'does not delete merge requests the user is assigned to' do`
			`expect(MergeRequest.find_by_id(merge_request.id)).to be_present`
			`end`

			`it 'migrates the merge request so that it is "Unassigned"' do`
			`migrated_merge_request = MergeRequest.find_by_id(merge_request.id)`

			`expect(migrated_merge_request.assignee).to be_nil`
			`end`
			`end`
			`end`

			`context "solo owned groups present" do`
			`let(:solo_owned) { create(:group) }`
			`let(:member) { create(:group_member) }`
			`let(:user) { member.user }`

			`before do`
			`solo_owned.group_members = [member]`
			`service.execute(user)`
			`end`

			`it 'does not delete the user' do`
			`expect(User.find(user.id)).to eq user`
			`end`
			`end`

			`context "deletions with solo owned groups" do`
			`let(:solo_owned) { create(:group) }`
			`let(:member) { create(:group_member) }`
			`let(:user) { member.user }`

			`before do`
			`solo_owned.group_members = [member]`
			`service.execute(user, delete_solo_owned_groups: true)`
			`end`

			`it 'deletes solo owned groups' do`
			`expect { Project.find(solo_owned.id) }.to raise_error(ActiveRecord::RecordNotFound)`
			`end`

			`it 'deletes the user' do`
			`expect { User.find(user.id) }.to raise_error(ActiveRecord::RecordNotFound)`
			`end`
			`end`

			`context "deletion permission checks" do`
			`it 'does not delete the user when user is not an admin' do`
			`other_user = create(:user)`

			`expect { described_class.new(other_user).execute(user) }.to raise_error(Gitlab::Access::AccessDeniedError)`
			`expect(User.exists?(user.id)).to be(true)`
			`end`

			`it 'allows admins to delete anyone' do`
			`described_class.new(admin).execute(user)`

			`expect(User.exists?(user.id)).to be(false)`
			`end`

			`it 'allows users to delete their own account' do`
			`described_class.new(user).execute(user)`

			`expect(User.exists?(user.id)).to be(false)`
			`end`
			`end`

			`context "migrating associated records" do`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`let!(:issue) { create(:issue, author: user) }`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			it 'delegates to the `MigrateToGhostUser` service to move associated records to the ghost user' do
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`expect_any_instance_of(Users::MigrateToGhostUserService).to receive(:execute).once.and_call_original`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
			`service.execute(user)`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30
			`expect(issue.reload.author).to be_ghost`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`

			it 'does not run `MigrateToGhostUser` if hard_delete option is given' do
			`expect_any_instance_of(Users::MigrateToGhostUserService).not_to receive(:execute)`

			`service.execute(user, hard_delete: true)`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30
			`expect(Issue.exists?(issue.id)).to be_falsy`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`
			`end`
			`end`
			`end`