debian-mirror-gitlab/spec/support/matchers/access_matchers.rb

# frozen_string_literal: true

# AccessMatchers
#
# The custom matchers contained in this module are used to test a user's access
# to a URL by emulating a specific user or type of user account, visiting the
# URL, and then checking the response status code and resulting path.
module AccessMatchers
  extend RSpec::Matchers::DSL
  include Warden::Test::Helpers

  def emulate_user(user_type_or_trait, membership = nil)
    case user_type_or_trait
    when :user, :admin
      login_as(create(user_type_or_trait))
    when :external, :auditor
      login_as(create(:user, user_type_or_trait))
    when :visitor
      logout
    when User
      login_as(user_type_or_trait)
    when *Gitlab::Access.sym_options_with_owner.keys
      raise ArgumentError, "cannot emulate #{user_type_or_trait} without membership parent" unless membership

      role = user_type_or_trait
      user =
        if role == :owner && membership.owner
          membership.owner
        else
          create(:user).tap do |new_user|
            membership.public_send(:"add_#{role}", new_user)
          end
        end

      login_as(user)
    else
      raise ArgumentError, "cannot emulate user #{user}"
    end
  end

  def description_for(user, type)
    if user.is_a?(User)
      # User#inspect displays too much information for RSpec's descriptions
      "be #{type} for the specified user"
    else
      "be #{type} for #{user}"
    end
  end

  matcher :be_allowed_for do |user|
    match do |url|
      emulate_user(user, @membership)
      visit(url)

      status_code == 200 && current_path != new_user_session_path
    end

    chain :of do |membership|
      @membership = membership
    end

    description { description_for(user, 'allowed') }
  end

  matcher :be_denied_for do |user|
    match do |url|
      emulate_user(user, @membership)
      visit(url)

      [401, 404].include?(status_code) || current_path == new_user_session_path
    end

    chain :of do |membership|
      @membership = membership
    end

    description { description_for(user, 'denied') }
  end
end
New upstream version 12.2.8 2019-10-12 21:52:04 +05:30			`# frozen_string_literal: true`

Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`# AccessMatchers`
			`#`
			`# The custom matchers contained in this module are used to test a user's access`
			`# to a URL by emulating a specific user or type of user account, visiting the`
			`# URL, and then checking the response status code and resulting path.`
			`module AccessMatchers`
			`extend RSpec::Matchers::DSL`
			`include Warden::Test::Helpers`

New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`def emulate_user(user_type_or_trait, membership = nil)`
			`case user_type_or_trait`
			`when :user, :admin`
			`login_as(create(user_type_or_trait))`
			`when :external, :auditor`
			`login_as(create(:user, user_type_or_trait))`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`when :visitor`
			`logout`
			`when User`
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`login_as(user_type_or_trait)`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`when *Gitlab::Access.sym_options_with_owner.keys`
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`raise ArgumentError, "cannot emulate #{user_type_or_trait} without membership parent" unless membership`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`role = user_type_or_trait`
			`user =`
			`if role == :owner && membership.owner`
			`membership.owner`
			`else`
			`create(:user).tap do \|new_user\|`
			`membership.public_send(:"add_#{role}", new_user)`
			`end`
			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`login_as(user)`
			`else`
			`raise ArgumentError, "cannot emulate user #{user}"`
			`end`
			`end`

			`def description_for(user, type)`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`if user.is_a?(User)`
			`# User#inspect displays too much information for RSpec's descriptions`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`"be #{type} for the specified user"`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`else`
			`"be #{type} for #{user}"`
			`end`
			`end`

			`matcher :be_allowed_for do \|user\|`
			`match do \|url\|`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`emulate_user(user, @membership)`
			`visit(url)`

			`status_code == 200 && current_path != new_user_session_path`
			`end`

			`chain :of do \|membership\|`
			`@membership = membership`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`end`

			`description { description_for(user, 'allowed') }`
			`end`

			`matcher :be_denied_for do \|user\|`
			`match do \|url\|`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`emulate_user(user, @membership)`
			`visit(url)`

			`[401, 404].include?(status_code) \|\| current_path == new_user_session_path`
			`end`

			`chain :of do \|membership\|`
			`@membership = membership`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`end`

			`description { description_for(user, 'denied') }`
			`end`
			`end`