356 lines
13 KiB
Ruby
356 lines
13 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'spec_helper'
|
|
|
|
RSpec.describe VisibilityLevelHelper, feature_category: :system_access do
|
|
include ProjectForksHelper
|
|
|
|
let(:project) { build(:project) }
|
|
let(:group) { build(:group) }
|
|
let(:personal_snippet) { build(:personal_snippet) }
|
|
let(:project_snippet) { build(:project_snippet) }
|
|
|
|
describe 'visibility_icon_description' do
|
|
context 'used with a Project' do
|
|
it 'delegates projects to #project_visibility_icon_description' do
|
|
expect(visibility_icon_description(project))
|
|
.to match /project/i
|
|
end
|
|
|
|
context 'used with a ProjectPresenter' do
|
|
it 'delegates projects to #project_visibility_icon_description' do
|
|
expect(visibility_icon_description(project.present))
|
|
.to match /project/i
|
|
end
|
|
end
|
|
|
|
context 'used with a Group' do
|
|
it 'delegates groups to #group_visibility_icon_description' do
|
|
expect(visibility_icon_description(group))
|
|
.to match /group/i
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
describe 'visibility_level_label' do
|
|
using RSpec::Parameterized::TableSyntax
|
|
|
|
where(:level_value, :level_name) do
|
|
Gitlab::VisibilityLevel::PRIVATE | 'Private'
|
|
Gitlab::VisibilityLevel::INTERNAL | 'Internal'
|
|
Gitlab::VisibilityLevel::PUBLIC | 'Public'
|
|
end
|
|
|
|
with_them do
|
|
it 'returns the name of the visibility level' do
|
|
expect(visibility_level_label(level_value)).to eq(level_name)
|
|
end
|
|
end
|
|
end
|
|
|
|
describe 'visibility_level_description' do
|
|
context 'used with a Project' do
|
|
let(:descriptions) do
|
|
[
|
|
visibility_level_description(Gitlab::VisibilityLevel::PRIVATE, project),
|
|
visibility_level_description(Gitlab::VisibilityLevel::INTERNAL, project),
|
|
visibility_level_description(Gitlab::VisibilityLevel::PUBLIC, project)
|
|
]
|
|
end
|
|
|
|
it 'returns different project related descriptions depending on visibility level' do
|
|
expect(descriptions.uniq.size).to eq(descriptions.size)
|
|
expect(descriptions).to all match /project/i
|
|
end
|
|
end
|
|
|
|
context 'used with a Group' do
|
|
let(:descriptions) do
|
|
[
|
|
visibility_level_description(Gitlab::VisibilityLevel::PRIVATE, group),
|
|
visibility_level_description(Gitlab::VisibilityLevel::INTERNAL, group),
|
|
visibility_level_description(Gitlab::VisibilityLevel::PUBLIC, group)
|
|
]
|
|
end
|
|
|
|
it 'returns different group related descriptions depending on visibility level' do
|
|
expect(descriptions.uniq.size).to eq(descriptions.size)
|
|
expect(descriptions).to all match /group/i
|
|
end
|
|
|
|
it 'returns default description for public group' do
|
|
expect(descriptions[2]).to eq('The group and any public projects can be viewed without any authentication.')
|
|
end
|
|
|
|
context 'when application setting `should_check_namespace_plan` is true', if: Gitlab.ee? do
|
|
let(:group) { create(:group) }
|
|
let(:public_option_description) { visibility_level_description(Gitlab::VisibilityLevel::PUBLIC, group) }
|
|
|
|
before do
|
|
allow(Gitlab::CurrentSettings.current_application_settings).to receive(:should_check_namespace_plan?) { true }
|
|
end
|
|
|
|
it 'returns updated description for public visibility option in group general settings' do
|
|
expect(public_option_description).to match /^The group, any public projects, and any of their members, issues, and merge requests can be viewed without authentication./
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
describe "disallowed_visibility_level?" do
|
|
describe "forks" do
|
|
let(:project) { create(:project, :internal) }
|
|
let(:forked_project) { fork_project(project) }
|
|
|
|
it "disallows levels" do
|
|
expect(disallowed_visibility_level?(forked_project, Gitlab::VisibilityLevel::PUBLIC)).to be_truthy
|
|
expect(disallowed_visibility_level?(forked_project, Gitlab::VisibilityLevel::INTERNAL)).to be_falsey
|
|
expect(disallowed_visibility_level?(forked_project, Gitlab::VisibilityLevel::PRIVATE)).to be_falsey
|
|
end
|
|
end
|
|
|
|
describe "non-forked project" do
|
|
let(:project) { create(:project, :internal) }
|
|
|
|
it "disallows levels" do
|
|
expect(disallowed_visibility_level?(project, Gitlab::VisibilityLevel::PUBLIC)).to be_falsey
|
|
expect(disallowed_visibility_level?(project, Gitlab::VisibilityLevel::INTERNAL)).to be_falsey
|
|
expect(disallowed_visibility_level?(project, Gitlab::VisibilityLevel::PRIVATE)).to be_falsey
|
|
end
|
|
end
|
|
|
|
describe "group" do
|
|
let(:group) { create(:group, :internal) }
|
|
|
|
it "disallows levels" do
|
|
expect(disallowed_visibility_level?(group, Gitlab::VisibilityLevel::PUBLIC)).to be_falsey
|
|
expect(disallowed_visibility_level?(group, Gitlab::VisibilityLevel::INTERNAL)).to be_falsey
|
|
expect(disallowed_visibility_level?(group, Gitlab::VisibilityLevel::PRIVATE)).to be_falsey
|
|
end
|
|
end
|
|
|
|
describe "sub-group" do
|
|
let(:group) { create(:group, :private) }
|
|
let(:subgroup) { create(:group, :private, parent: group) }
|
|
|
|
it "disallows levels" do
|
|
expect(disallowed_visibility_level?(subgroup, Gitlab::VisibilityLevel::PUBLIC)).to be_truthy
|
|
expect(disallowed_visibility_level?(subgroup, Gitlab::VisibilityLevel::INTERNAL)).to be_truthy
|
|
expect(disallowed_visibility_level?(subgroup, Gitlab::VisibilityLevel::PRIVATE)).to be_falsey
|
|
end
|
|
end
|
|
|
|
describe "snippet" do
|
|
let(:snippet) { create(:snippet, :internal) }
|
|
|
|
it "disallows levels" do
|
|
expect(disallowed_visibility_level?(snippet, Gitlab::VisibilityLevel::PUBLIC)).to be_falsey
|
|
expect(disallowed_visibility_level?(snippet, Gitlab::VisibilityLevel::INTERNAL)).to be_falsey
|
|
expect(disallowed_visibility_level?(snippet, Gitlab::VisibilityLevel::PRIVATE)).to be_falsey
|
|
end
|
|
end
|
|
end
|
|
|
|
describe "selected_visibility_level" do
|
|
let(:group) { create(:group, :public) }
|
|
let!(:project) { create(:project, :internal, group: group) }
|
|
let!(:forked_project) { fork_project(project) }
|
|
|
|
using RSpec::Parameterized::TableSyntax
|
|
|
|
public_vis = Gitlab::VisibilityLevel::PUBLIC
|
|
internal_vis = Gitlab::VisibilityLevel::INTERNAL
|
|
private_vis = Gitlab::VisibilityLevel::PRIVATE
|
|
|
|
# This is a subset of all the permutations
|
|
where(:requested_level, :max_allowed, :global_default_level, :restricted_levels, :expected) do
|
|
public_vis | public_vis | public_vis | [] | public_vis
|
|
public_vis | public_vis | public_vis | [public_vis] | internal_vis
|
|
internal_vis | public_vis | public_vis | [] | internal_vis
|
|
internal_vis | private_vis | private_vis | [] | private_vis
|
|
private_vis | public_vis | public_vis | [] | private_vis
|
|
public_vis | private_vis | internal_vis | [] | private_vis
|
|
public_vis | internal_vis | public_vis | [] | internal_vis
|
|
public_vis | private_vis | public_vis | [] | private_vis
|
|
public_vis | internal_vis | internal_vis | [] | internal_vis
|
|
public_vis | public_vis | internal_vis | [] | public_vis
|
|
end
|
|
|
|
before do
|
|
stub_application_setting(
|
|
restricted_visibility_levels: restricted_levels,
|
|
default_project_visibility: global_default_level
|
|
)
|
|
end
|
|
|
|
with_them do
|
|
it "provides correct visibility level for forked project" do
|
|
project.update!(visibility_level: max_allowed)
|
|
|
|
expect(selected_visibility_level(forked_project, requested_level)).to eq(expected)
|
|
end
|
|
|
|
it "provides correct visibility level for project in group" do
|
|
project.update!(visibility_level: max_allowed)
|
|
project.group.update!(visibility_level: max_allowed)
|
|
|
|
expect(selected_visibility_level(project, requested_level)).to eq(expected)
|
|
end
|
|
end
|
|
end
|
|
|
|
shared_examples_for 'available visibility level' do
|
|
using RSpec::Parameterized::TableSyntax
|
|
|
|
let(:user) { create(:user) }
|
|
|
|
subject { helper.available_visibility_levels(form_model) }
|
|
|
|
public_vis = Gitlab::VisibilityLevel::PUBLIC
|
|
internal_vis = Gitlab::VisibilityLevel::INTERNAL
|
|
private_vis = Gitlab::VisibilityLevel::PRIVATE
|
|
|
|
where(:restricted_visibility_levels, :expected) do
|
|
[] | [private_vis, internal_vis, public_vis]
|
|
[private_vis] | [internal_vis, public_vis]
|
|
[private_vis, internal_vis] | [public_vis]
|
|
[private_vis, public_vis] | [internal_vis]
|
|
[internal_vis] | [private_vis, public_vis]
|
|
[internal_vis, private_vis] | [public_vis]
|
|
[internal_vis, public_vis] | [private_vis]
|
|
[public_vis] | [private_vis, internal_vis]
|
|
[public_vis, private_vis] | [internal_vis]
|
|
[public_vis, internal_vis] | [private_vis]
|
|
end
|
|
|
|
before do
|
|
allow(helper).to receive(:current_user) { user }
|
|
end
|
|
|
|
with_them do
|
|
before do
|
|
stub_application_setting(restricted_visibility_levels: restricted_visibility_levels)
|
|
end
|
|
|
|
it { is_expected.to eq(expected) }
|
|
end
|
|
|
|
it 'excludes disallowed visibility levels' do
|
|
stub_application_setting(restricted_visibility_levels: [])
|
|
allow(helper).to receive(:disallowed_visibility_level?).with(form_model, private_vis) { true }
|
|
allow(helper).to receive(:disallowed_visibility_level?).with(form_model, internal_vis) { false }
|
|
allow(helper).to receive(:disallowed_visibility_level?).with(form_model, public_vis) { false }
|
|
|
|
expect(subject).to eq([internal_vis, public_vis])
|
|
end
|
|
end
|
|
|
|
describe '#available_visibility_levels' do
|
|
it_behaves_like 'available visibility level' do
|
|
let(:form_model) { project_snippet }
|
|
end
|
|
|
|
it_behaves_like 'available visibility level' do
|
|
let(:form_model) { personal_snippet }
|
|
end
|
|
|
|
it_behaves_like 'available visibility level' do
|
|
let(:form_model) { project }
|
|
end
|
|
|
|
it_behaves_like 'available visibility level' do
|
|
let(:form_model) { group }
|
|
end
|
|
end
|
|
|
|
describe '#snippets_selected_visibility_level' do
|
|
let(:available_levels) { [Gitlab::VisibilityLevel::PUBLIC, Gitlab::VisibilityLevel::INTERNAL] }
|
|
|
|
it 'returns the selected visibility level' do
|
|
expect(helper.snippets_selected_visibility_level(available_levels, Gitlab::VisibilityLevel::PUBLIC))
|
|
.to eq(Gitlab::VisibilityLevel::PUBLIC)
|
|
end
|
|
|
|
it "fallbacks using the lowest available visibility level when selected level isn't available" do
|
|
expect(helper.snippets_selected_visibility_level(available_levels, Gitlab::VisibilityLevel::PRIVATE))
|
|
.to eq(Gitlab::VisibilityLevel::INTERNAL)
|
|
end
|
|
end
|
|
|
|
describe 'multiple_visibility_levels_restricted?' do
|
|
using RSpec::Parameterized::TableSyntax
|
|
|
|
let(:user) { create(:user) }
|
|
|
|
subject { helper.multiple_visibility_levels_restricted? }
|
|
|
|
where(:restricted_visibility_levels, :expected) do
|
|
[Gitlab::VisibilityLevel::PUBLIC] | false
|
|
[Gitlab::VisibilityLevel::PUBLIC, Gitlab::VisibilityLevel::INTERNAL] | true
|
|
[Gitlab::VisibilityLevel::PUBLIC, Gitlab::VisibilityLevel::INTERNAL, Gitlab::VisibilityLevel::PRIVATE] | true
|
|
end
|
|
|
|
with_them do
|
|
before do
|
|
allow(helper).to receive(:current_user) { user }
|
|
allow(Gitlab::CurrentSettings.current_application_settings).to receive(:restricted_visibility_levels) { restricted_visibility_levels }
|
|
end
|
|
|
|
it { is_expected.to eq(expected) }
|
|
end
|
|
end
|
|
|
|
describe 'all_visibility_levels_restricted?' do
|
|
using RSpec::Parameterized::TableSyntax
|
|
|
|
let(:user) { create(:user) }
|
|
|
|
subject { helper.all_visibility_levels_restricted? }
|
|
|
|
where(:restricted_visibility_levels, :expected) do
|
|
[Gitlab::VisibilityLevel::PUBLIC] | false
|
|
[Gitlab::VisibilityLevel::PUBLIC, Gitlab::VisibilityLevel::INTERNAL] | false
|
|
Gitlab::VisibilityLevel.values | true
|
|
end
|
|
|
|
with_them do
|
|
before do
|
|
allow(helper).to receive(:current_user) { user }
|
|
allow(Gitlab::CurrentSettings.current_application_settings).to receive(:restricted_visibility_levels) { restricted_visibility_levels }
|
|
end
|
|
|
|
it { is_expected.to eq(expected) }
|
|
end
|
|
end
|
|
|
|
describe '#visibility_level_options' do
|
|
let(:user) { build(:user) }
|
|
|
|
before do
|
|
allow(helper).to receive(:current_user).and_return(user)
|
|
end
|
|
|
|
it 'returns the desired mapping' do
|
|
expected_options = [
|
|
{
|
|
level: 0,
|
|
label: 'Private',
|
|
description: 'The group and its projects can only be viewed by members.'
|
|
},
|
|
{
|
|
level: 10,
|
|
label: 'Internal',
|
|
description: 'The group and any internal projects can be viewed by any logged in user except external users.'
|
|
},
|
|
{
|
|
level: 20,
|
|
label: 'Public',
|
|
description: 'The group and any public projects can be viewed without any authentication.'
|
|
}
|
|
]
|
|
|
|
expect(helper.visibility_level_options(group)).to eq expected_options
|
|
end
|
|
end
|
|
end
|