2020-03-13 15:44:24 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
# Test an operation that triggers background jobs requiring administrative rights
|
2023-03-04 22:38:38 +05:30
|
|
|
RSpec.describe 'Admin mode for workers', :request_store, feature_category: :authentication_and_authorization do
|
2021-09-30 23:02:18 +05:30
|
|
|
include Spec::Support::Helpers::Features::AdminUsersHelpers
|
|
|
|
|
2020-03-13 15:44:24 +05:30
|
|
|
let(:user) { create(:user) }
|
|
|
|
let(:user_to_delete) { create(:user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
sign_in(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'as a regular user' do
|
|
|
|
it 'cannot delete user' do
|
|
|
|
visit admin_user_path(user_to_delete)
|
|
|
|
|
|
|
|
expect(page).to have_gitlab_http_status(:not_found)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'as an admin user' do
|
|
|
|
let(:user) { create(:admin) }
|
|
|
|
|
|
|
|
context 'when admin mode disabled' do
|
|
|
|
it 'cannot delete user', :js do
|
|
|
|
visit admin_user_path(user_to_delete)
|
|
|
|
|
|
|
|
expect(page).to have_content('Re-authentication required')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when admin mode enabled', :delete do
|
|
|
|
before do
|
|
|
|
gitlab_enable_admin_mode_sign_in(user)
|
|
|
|
end
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
it 'can delete user', :js do
|
|
|
|
visit admin_user_path(user_to_delete)
|
2022-10-11 01:57:18 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
click_action_in_user_dropdown(user_to_delete.id, 'Delete user')
|
2022-10-11 01:57:18 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
page.within '.modal-dialog' do
|
|
|
|
find("input[name='username']").send_keys(user_to_delete.name)
|
|
|
|
click_button 'Delete user'
|
2020-03-13 15:44:24 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
wait_for_requests
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
expect(page).to have_content('The user is being deleted.')
|
2022-10-11 01:57:18 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
# Perform jobs while logged out so that admin mode is only enabled in job metadata
|
|
|
|
execute_jobs_signed_out(user)
|
2020-03-13 15:44:24 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
visit admin_user_path(user_to_delete)
|
2022-10-11 01:57:18 +05:30
|
|
|
|
2023-01-13 00:05:48 +05:30
|
|
|
expect(find('h1.page-title')).to have_content('(Blocked)')
|
2020-03-13 15:44:24 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def execute_jobs_signed_out(user)
|
|
|
|
gitlab_sign_out
|
|
|
|
|
|
|
|
Sidekiq::Worker.drain_all
|
|
|
|
|
|
|
|
sign_in(user)
|
|
|
|
gitlab_enable_admin_mode_sign_in(user)
|
|
|
|
end
|
|
|
|
end
|