Commit 457b6315 authored by Dylan Griffith's avatar Dylan Griffith

Merge branch 'dry-user-spec-deactivate' into 'master'

DRY api/users_spec deactivation tests

See merge request gitlab-org/gitlab!43904
parents 0ac7a939 47d088b5
...@@ -2400,15 +2400,23 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do ...@@ -2400,15 +2400,23 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
end end
describe 'POST /users/:id/deactivate' do describe 'POST /users/:id/deactivate' do
subject(:deactivate) { post api("/users/#{user_id}/deactivate", api_user) }
let(:user_id) { user.id }
context 'performed by a non-admin user' do context 'performed by a non-admin user' do
let(:api_user) { user }
it 'is not authorized to perform the action' do it 'is not authorized to perform the action' do
post api("/users/#{user.id}/deactivate", user) deactivate
expect(response).to have_gitlab_http_status(:forbidden) expect(response).to have_gitlab_http_status(:forbidden)
end end
end end
context 'performed by an admin user' do context 'performed by an admin user' do
let(:api_user) { admin }
context 'for an active user' do context 'for an active user' do
let(:activity) { {} } let(:activity) { {} }
let(:user) { create(:user, **activity) } let(:user) { create(:user, **activity) }
...@@ -2416,11 +2424,9 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do ...@@ -2416,11 +2424,9 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
context 'with no recent activity' do context 'with no recent activity' do
let(:activity) { { last_activity_on: ::User::MINIMUM_INACTIVE_DAYS.next.days.ago } } let(:activity) { { last_activity_on: ::User::MINIMUM_INACTIVE_DAYS.next.days.ago } }
before do
post api("/users/#{user.id}/deactivate", admin)
end
it 'deactivates an active user' do it 'deactivates an active user' do
deactivate
expect(response).to have_gitlab_http_status(:created) expect(response).to have_gitlab_http_status(:created)
expect(user.reload.state).to eq('deactivated') expect(user.reload.state).to eq('deactivated')
end end
...@@ -2429,11 +2435,9 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do ...@@ -2429,11 +2435,9 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
context 'with recent activity' do context 'with recent activity' do
let(:activity) { { last_activity_on: ::User::MINIMUM_INACTIVE_DAYS.pred.days.ago } } let(:activity) { { last_activity_on: ::User::MINIMUM_INACTIVE_DAYS.pred.days.ago } }
before do
post api("/users/#{user.id}/deactivate", admin)
end
it 'does not deactivate an active user' do it 'does not deactivate an active user' do
deactivate
expect(response).to have_gitlab_http_status(:forbidden) expect(response).to have_gitlab_http_status(:forbidden)
expect(json_response['message']).to eq("403 Forbidden - The user you are trying to deactivate has been active in the past #{::User::MINIMUM_INACTIVE_DAYS} days and cannot be deactivated") expect(json_response['message']).to eq("403 Forbidden - The user you are trying to deactivate has been active in the past #{::User::MINIMUM_INACTIVE_DAYS} days and cannot be deactivated")
expect(user.reload.state).to eq('active') expect(user.reload.state).to eq('active')
...@@ -2444,11 +2448,11 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do ...@@ -2444,11 +2448,11 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
context 'for a deactivated user' do context 'for a deactivated user' do
before do before do
user.deactivate user.deactivate
post api("/users/#{user.id}/deactivate", admin)
end end
it 'returns 201' do it 'returns 201' do
deactivate
expect(response).to have_gitlab_http_status(:created) expect(response).to have_gitlab_http_status(:created)
expect(user.reload.state).to eq('deactivated') expect(user.reload.state).to eq('deactivated')
end end
...@@ -2457,11 +2461,11 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do ...@@ -2457,11 +2461,11 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
context 'for a blocked user' do context 'for a blocked user' do
before do before do
user.block user.block
post api("/users/#{user.id}/deactivate", admin)
end end
it 'returns 403' do it 'returns 403' do
deactivate
expect(response).to have_gitlab_http_status(:forbidden) expect(response).to have_gitlab_http_status(:forbidden)
expect(json_response['message']).to eq('403 Forbidden - A blocked user cannot be deactivated by the API') expect(json_response['message']).to eq('403 Forbidden - A blocked user cannot be deactivated by the API')
expect(user.reload.state).to eq('blocked') expect(user.reload.state).to eq('blocked')
...@@ -2471,11 +2475,11 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do ...@@ -2471,11 +2475,11 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
context 'for a ldap blocked user' do context 'for a ldap blocked user' do
before do before do
user.ldap_block user.ldap_block
post api("/users/#{user.id}/deactivate", admin)
end end
it 'returns 403' do it 'returns 403' do
deactivate
expect(response).to have_gitlab_http_status(:forbidden) expect(response).to have_gitlab_http_status(:forbidden)
expect(json_response['message']).to eq('403 Forbidden - A blocked user cannot be deactivated by the API') expect(json_response['message']).to eq('403 Forbidden - A blocked user cannot be deactivated by the API')
expect(user.reload.state).to eq('ldap_blocked') expect(user.reload.state).to eq('ldap_blocked')
...@@ -2483,10 +2487,10 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do ...@@ -2483,10 +2487,10 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
end end
context 'for an internal user' do context 'for an internal user' do
it 'returns 403' do let(:user) { User.alert_bot }
internal_user = User.alert_bot
post api("/users/#{internal_user.id}/deactivate", admin) it 'returns 403' do
deactivate
expect(response).to have_gitlab_http_status(:forbidden) expect(response).to have_gitlab_http_status(:forbidden)
expect(json_response['message']).to eq('403 Forbidden - An internal user cannot be deactivated by the API') expect(json_response['message']).to eq('403 Forbidden - An internal user cannot be deactivated by the API')
...@@ -2494,8 +2498,10 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do ...@@ -2494,8 +2498,10 @@ RSpec.describe API::Users, :do_not_mock_admin_mode do
end end
context 'for a user that does not exist' do context 'for a user that does not exist' do
let(:user_id) { 0 }
before do before do
post api("/users/0/deactivate", admin) deactivate
end end
it_behaves_like '404' it_behaves_like '404'
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment