Commit 8b830b8c authored by Felipe Artur's avatar Felipe Artur

Fix specs

parent b959ae55
......@@ -969,8 +969,9 @@ class Project < ActiveRecord::Base
end
def visibility_level_allowed?(level = self.visibility_level)
allowed_by_forks = if forked?
Gitlab::VisibilityLevel.allowed_fork_levels(forked_from_project.visibility_level).include?(level)
allowed_by_forks = if forked? && forked_project_link.forked_from_project_id.present?
from_project = eager_load_forked_from_project
Gitlab::VisibilityLevel.allowed_fork_levels(from_project.visibility_level).include?(level)
else
true
end
......@@ -980,6 +981,11 @@ class Project < ActiveRecord::Base
allowed_by_forks && allowed_by_groups
end
#Necessary to retrieve many-to-many associations on new forks before validating visibility level
def eager_load_forked_from_project
Project.find(forked_project_link.forked_from_project_id)
end
def runners_token
ensure_runners_token!
end
......
......@@ -10,7 +10,10 @@ module Projects
@project = Project.new(params)
# Make sure that the user is allowed to use the specified visibility level
return @project unless visibility_level_allowed?
unless visibility_level_allowed?
deny_visibility_level(@project)
return @project
end
# Set project name from path
if @project.name.present? && @project.path.present?
......
......@@ -38,7 +38,7 @@ module SharedGroup
def is_member_of(username, groupname, role)
@project_count ||= 0
user = User.find_by(name: username) || create(:user, name: username)
group = Group.find_by(name: groupname) || create(:group, name: groupname)
group = Group.find_by(name: groupname) || create(:group, name: groupname, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
group.add_user(user, role)
project ||= create(:project, namespace: group, path: "project#{@project_count}")
create(:closed_issue_event, project: project)
......@@ -47,6 +47,6 @@ module SharedGroup
end
def owned_group
@owned_group ||= Group.find_by(name: "Owned")
@owned_group ||= Group.find_by(name: "Owned", visibility_level: Gitlab::VisibilityLevel::PUBLIC)
end
end
......@@ -15,7 +15,7 @@ describe NamespacesController do
end
context "when the namespace belongs to a group" do
let!(:group) { create(:group) }
let!(:group) { create(:group, visibility_level: Gitlab::VisibilityLevel::PUBLIC) }
let!(:project) { create(:project, namespace: group) }
context "when the group has public projects" do
......
......@@ -30,7 +30,7 @@ describe UploadsController do
end
end
end
context "when not signed in" do
it "responds with status 200" do
get :show, model: "user", mounted_as: "avatar", id: user.id, filename: "image.png"
......@@ -126,11 +126,12 @@ describe UploadsController do
end
context "when viewing a group avatar" do
let!(:group) { create(:group, avatar: fixture_file_upload(Rails.root + "spec/fixtures/dk.png", "image/png")) }
let!(:group) { create(:group, avatar: fixture_file_upload(Rails.root + "spec/fixtures/dk.png", "image/png")) }
let!(:project) { create(:project, namespace: group) }
context "when the group has public projects" do
before do
group.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PUBLIC)
project.update_attribute(:visibility_level, Project::PUBLIC)
end
......
......@@ -12,25 +12,25 @@ feature 'Project', feature: true do
it 'parses Markdown' do
project.update_attribute(:description, 'This is **my** project')
visit path
expect(page).to have_css('.project-home-desc > p > strong')
expect(page).to have_css('.cover-title > p > strong')
end
it 'passes through html-pipeline' do
project.update_attribute(:description, 'This project is the :poop:')
visit path
expect(page).to have_css('.project-home-desc > p > img')
expect(page).to have_css('.cover-title > p > img')
end
it 'sanitizes unwanted tags' do
project.update_attribute(:description, "```\ncode\n```")
visit path
expect(page).not_to have_css('.project-home-desc code')
expect(page).not_to have_css('.cover-title code')
end
it 'permits `rel` attribute on links' do
project.update_attribute(:description, 'https://google.com/')
visit path
expect(page).to have_css('.project-home-desc a[rel]')
expect(page).to have_css('.cover-title a[rel]')
end
end
......
......@@ -4,7 +4,7 @@ describe 'Group access', feature: true do
include AccessMatchers
def group
@group ||= create(:group)
@group ||= create(:group, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
end
def create_project(access_level)
......
......@@ -3,7 +3,7 @@ require 'spec_helper'
describe ProjectsFinder do
describe '#execute' do
let(:user) { create(:user) }
let(:group) { create(:group) }
let(:group) { create(:group, visibility_level: Gitlab::VisibilityLevel::PUBLIC) }
let!(:private_project) do
create(:project, :private, name: 'A', path: 'A')
......
......@@ -3,7 +3,7 @@ require 'spec_helper'
describe SnippetsFinder do
let(:user) { create :user }
let(:user1) { create :user }
let(:group) { create :group }
let(:group) { create :group, visibility_level: Gitlab::VisibilityLevel::PUBLIC }
let(:project1) { create(:empty_project, :public, group: group) }
let(:project2) { create(:empty_project, :private, group: group) }
......
......@@ -442,7 +442,7 @@ describe Project, models: true do
end
describe '.trending' do
let(:group) { create(:group) }
let(:group) { create(:group, :public) }
let(:project1) { create(:empty_project, :public, group: group) }
let(:project2) { create(:empty_project, :public, group: group) }
......
......@@ -275,6 +275,7 @@ describe API::API, api: true do
it 'should not allow a non-admin to use a restricted visibility level' do
post api('/projects', user), @project
expect(response.status).to eq(400)
expect(json_response['message']['visibility_level'].first).to(
match('restricted by your GitLab administrator')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment