2020-03-13 15:44:24 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
# Test an operation that triggers background jobs requiring administrative rights
|
2021-02-22 17:27:13 +05:30
|
|
|
RSpec.describe 'Admin mode for workers', :request_store do
|
2020-03-13 15:44:24 +05:30
|
|
|
let(:user) { create(:user) }
|
|
|
|
let(:user_to_delete) { create(:user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
sign_in(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'as a regular user' do
|
|
|
|
it 'cannot delete user' do
|
|
|
|
visit admin_user_path(user_to_delete)
|
|
|
|
|
|
|
|
expect(page).to have_gitlab_http_status(:not_found)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'as an admin user' do
|
|
|
|
let(:user) { create(:admin) }
|
|
|
|
|
|
|
|
context 'when admin mode disabled' do
|
|
|
|
it 'cannot delete user', :js do
|
|
|
|
visit admin_user_path(user_to_delete)
|
|
|
|
|
|
|
|
expect(page).to have_content('Re-authentication required')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when admin mode enabled', :delete do
|
|
|
|
before do
|
|
|
|
gitlab_enable_admin_mode_sign_in(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'can delete user', :js do
|
|
|
|
visit admin_user_path(user_to_delete)
|
|
|
|
click_button 'Delete user'
|
|
|
|
|
|
|
|
page.within '.modal-dialog' do
|
|
|
|
find("input[name='username']").send_keys(user_to_delete.name)
|
|
|
|
click_button 'Delete user'
|
|
|
|
|
|
|
|
wait_for_requests
|
|
|
|
end
|
|
|
|
|
|
|
|
expect(page).to have_content('The user is being deleted.')
|
|
|
|
|
|
|
|
# Perform jobs while logged out so that admin mode is only enabled in job metadata
|
|
|
|
execute_jobs_signed_out(user)
|
|
|
|
|
|
|
|
visit admin_user_path(user_to_delete)
|
|
|
|
|
|
|
|
expect(page).to have_title('Not Found')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def execute_jobs_signed_out(user)
|
|
|
|
gitlab_sign_out
|
|
|
|
|
|
|
|
Sidekiq::Worker.drain_all
|
|
|
|
|
|
|
|
sign_in(user)
|
|
|
|
gitlab_enable_admin_mode_sign_in(user)
|
|
|
|
end
|
|
|
|
end
|