Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
79c42110
Commit
79c42110
authored
Mar 05, 2019
by
Igor Drozdov
Committed by
Yorick Peterse
Mar 05, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Display the correct number of MRs a user has access to
parent
42d3117f
Changes
7
Hide whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
335 additions
and
213 deletions
+335
-213
app/models/concerns/milestoneish.rb
app/models/concerns/milestoneish.rb
+7
-7
app/models/project_feature.rb
app/models/project_feature.rb
+11
-4
app/policies/project_policy.rb
app/policies/project_policy.rb
+1
-1
app/views/shared/milestones/_milestone.html.haml
app/views/shared/milestones/_milestone.html.haml
+1
-1
app/views/shared/milestones/_tabs.html.haml
app/views/shared/milestones/_tabs.html.haml
+1
-1
changelogs/unreleased/security-id-fix-mr-visibility.yml
changelogs/unreleased/security-id-fix-mr-visibility.yml
+5
-0
spec/finders/merge_requests_finder_spec.rb
spec/finders/merge_requests_finder_spec.rb
+309
-199
No files found.
app/models/concerns/milestoneish.rb
View file @
79c42110
...
@@ -46,13 +46,6 @@ module Milestoneish
...
@@ -46,13 +46,6 @@ module Milestoneish
end
end
end
end
def
merge_requests_visible_to_user
(
user
)
memoize_per_user
(
user
,
:merge_requests_visible_to_user
)
do
MergeRequestsFinder
.
new
(
user
,
{})
.
execute
.
where
(
milestone_id:
milestoneish_id
)
end
end
def
issue_participants_visible_by_user
(
user
)
def
issue_participants_visible_by_user
(
user
)
User
.
joins
(
:issue_assignees
)
User
.
joins
(
:issue_assignees
)
.
where
(
'issue_assignees.issue_id'
=>
issues_visible_to_user
(
user
).
select
(
:id
))
.
where
(
'issue_assignees.issue_id'
=>
issues_visible_to_user
(
user
).
select
(
:id
))
...
@@ -73,6 +66,13 @@ module Milestoneish
...
@@ -73,6 +66,13 @@ module Milestoneish
merge_requests_visible_to_user
(
user
).
sort_by_attribute
(
'label_priority'
)
merge_requests_visible_to_user
(
user
).
sort_by_attribute
(
'label_priority'
)
end
end
def
merge_requests_visible_to_user
(
user
)
memoize_per_user
(
user
,
:merge_requests_visible_to_user
)
do
MergeRequestsFinder
.
new
(
user
,
issues_finder_params
)
.
execute
.
where
(
milestone_id:
milestoneish_id
)
end
end
def
upcoming?
def
upcoming?
start_date
&&
start_date
.
future?
start_date
&&
start_date
.
future?
end
end
...
...
app/models/project_feature.rb
View file @
79c42110
...
@@ -76,7 +76,7 @@ class ProjectFeature < ActiveRecord::Base
...
@@ -76,7 +76,7 @@ class ProjectFeature < ActiveRecord::Base
# This feature might not be behind a feature flag at all, so default to true
# This feature might not be behind a feature flag at all, so default to true
return
false
unless
::
Feature
.
enabled?
(
feature
,
user
,
default_enabled:
true
)
return
false
unless
::
Feature
.
enabled?
(
feature
,
user
,
default_enabled:
true
)
get_permission
(
user
,
access_level
(
feature
)
)
get_permission
(
user
,
feature
)
end
end
def
access_level
(
feature
)
def
access_level
(
feature
)
...
@@ -134,12 +134,12 @@ class ProjectFeature < ActiveRecord::Base
...
@@ -134,12 +134,12 @@ class ProjectFeature < ActiveRecord::Base
(
FEATURES
-
%i(pages)
).
each
{
|
f
|
validator
.
call
(
"
#{
f
}
_access_level"
)}
(
FEATURES
-
%i(pages)
).
each
{
|
f
|
validator
.
call
(
"
#{
f
}
_access_level"
)}
end
end
def
get_permission
(
user
,
level
)
def
get_permission
(
user
,
feature
)
case
level
case
access_level
(
feature
)
when
DISABLED
when
DISABLED
false
false
when
PRIVATE
when
PRIVATE
user
&&
(
project
.
team
.
member?
(
user
)
||
user
.
full_private_access?
)
team_access?
(
user
,
feature
)
when
ENABLED
when
ENABLED
true
true
when
PUBLIC
when
PUBLIC
...
@@ -148,4 +148,11 @@ class ProjectFeature < ActiveRecord::Base
...
@@ -148,4 +148,11 @@ class ProjectFeature < ActiveRecord::Base
true
true
end
end
end
end
def
team_access?
(
user
,
feature
)
return
unless
user
return
true
if
user
.
full_private_access?
project
.
team
.
member?
(
user
,
ProjectFeature
.
required_minimum_access_level
(
feature
))
end
end
end
app/policies/project_policy.rb
View file @
79c42110
...
@@ -465,7 +465,7 @@ class ProjectPolicy < BasePolicy
...
@@ -465,7 +465,7 @@ class ProjectPolicy < BasePolicy
when
ProjectFeature
::
DISABLED
when
ProjectFeature
::
DISABLED
false
false
when
ProjectFeature
::
PRIVATE
when
ProjectFeature
::
PRIVATE
guest?
||
admin?
admin?
||
team_access_level
>=
ProjectFeature
.
required_minimum_access_level
(
feature
)
else
else
true
true
end
end
...
...
app/views/shared/milestones/_milestone.html.haml
View file @
79c42110
...
@@ -32,7 +32,7 @@
...
@@ -32,7 +32,7 @@
=
milestone_progress_bar
(
milestone
)
=
milestone_progress_bar
(
milestone
)
=
link_to
pluralize
(
milestone
.
total_issues_count
(
current_user
),
'Issue'
),
issues_path
=
link_to
pluralize
(
milestone
.
total_issues_count
(
current_user
),
'Issue'
),
issues_path
·
·
=
link_to
pluralize
(
milestone
.
merge_requests
.
size
,
'Merge Request'
),
merge_requests_path
=
link_to
pluralize
(
milestone
.
merge_requests
_visible_to_user
(
current_user
)
.
size
,
'Merge Request'
),
merge_requests_path
.float-lg-right.light
#{
milestone
.
percent_complete
(
current_user
)
}
% complete
.float-lg-right.light
#{
milestone
.
percent_complete
(
current_user
)
}
% complete
.col-sm-2
.col-sm-2
.milestone-actions.d-flex.justify-content-sm-start.justify-content-md-end
.milestone-actions.d-flex.justify-content-sm-start.justify-content-md-end
...
...
app/views/shared/milestones/_tabs.html.haml
View file @
79c42110
...
@@ -12,7 +12,7 @@
...
@@ -12,7 +12,7 @@
%li
.nav-item
%li
.nav-item
=
link_to
'#tab-merge-requests'
,
class:
'nav-link'
,
'data-toggle'
=>
'tab'
,
'data-endpoint'
:
milestone_merge_request_tab_path
(
milestone
)
do
=
link_to
'#tab-merge-requests'
,
class:
'nav-link'
,
'data-toggle'
=>
'tab'
,
'data-endpoint'
:
milestone_merge_request_tab_path
(
milestone
)
do
Merge Requests
Merge Requests
%span
.badge.badge-pill
=
milestone
.
merge_requests
.
size
%span
.badge.badge-pill
=
milestone
.
merge_requests
_visible_to_user
(
current_user
)
.
size
-
else
-
else
%li
.nav-item
%li
.nav-item
=
link_to
'#tab-merge-requests'
,
class:
'nav-link active'
,
'data-toggle'
=>
'tab'
,
'data-endpoint'
:
milestone_merge_request_tab_path
(
milestone
)
do
=
link_to
'#tab-merge-requests'
,
class:
'nav-link active'
,
'data-toggle'
=>
'tab'
,
'data-endpoint'
:
milestone_merge_request_tab_path
(
milestone
)
do
...
...
changelogs/unreleased/security-id-fix-mr-visibility.yml
0 → 100644
View file @
79c42110
---
title
:
Display the correct number of MRs a user has access to
merge_request
:
author
:
type
:
security
spec/finders/merge_requests_finder_spec.rb
View file @
79c42110
...
@@ -13,269 +13,313 @@ describe MergeRequestsFinder do
...
@@ -13,269 +13,313 @@ describe MergeRequestsFinder do
end
end
end
end
let
(
:user
)
{
create
:user
}
context
"multiple projects with merge requests"
do
let
(
:user2
)
{
create
:user
}
let
(
:user
)
{
create
:user
}
let
(
:user2
)
{
create
:user
}
let
(
:group
)
{
create
(
:group
)
}
let
(
:subgroup
)
{
create
(
:group
,
parent:
group
)
}
let
(
:group
)
{
create
(
:group
)
}
let
(
:project1
)
{
create_project_without_n_plus_1
(
group:
group
)
}
let
(
:subgroup
)
{
create
(
:group
,
parent:
group
)
}
let
(
:project2
)
do
let
(
:project1
)
{
create_project_without_n_plus_1
(
group:
group
)
}
Gitlab
::
GitalyClient
.
allow_n_plus_1_calls
do
let
(
:project2
)
do
fork_project
(
project1
,
user
)
Gitlab
::
GitalyClient
.
allow_n_plus_1_calls
do
fork_project
(
project1
,
user
)
end
end
end
end
let
(
:project3
)
do
let
(
:project3
)
do
Gitlab
::
GitalyClient
.
allow_n_plus_1_calls
do
Gitlab
::
GitalyClient
.
allow_n_plus_1_calls
do
p
=
fork_project
(
project1
,
user
)
p
=
fork_project
(
project1
,
user
)
p
.
update!
(
archived:
true
)
p
.
update!
(
archived:
true
)
p
p
end
end
end
end
let
(
:project4
)
{
create_project_without_n_plus_1
(
:repository
,
group:
subgroup
)
}
let
(
:project4
)
{
create_project_without_n_plus_1
(
:repository
,
group:
subgroup
)
}
let
(
:project5
)
{
create_project_without_n_plus_1
(
group:
subgroup
)
}
let
(
:project5
)
{
create_project_without_n_plus_1
(
group:
subgroup
)
}
let
(
:project6
)
{
create_project_without_n_plus_1
(
group:
subgroup
)
}
let
(
:project6
)
{
create_project_without_n_plus_1
(
group:
subgroup
)
}
let!
(
:merge_request1
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project2
,
target_project:
project1
)
}
let!
(
:merge_request1
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project2
,
target_project:
project1
)
}
let!
(
:merge_request2
)
{
create
(
:merge_request
,
:conflict
,
author:
user
,
source_project:
project2
,
target_project:
project1
,
state:
'closed'
)
}
let!
(
:merge_request2
)
{
create
(
:merge_request
,
:conflict
,
author:
user
,
source_project:
project2
,
target_project:
project1
,
state:
'closed'
)
}
let!
(
:merge_request3
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project2
,
target_project:
project2
,
state:
'locked'
,
title:
'thing WIP thing'
)
}
let!
(
:merge_request3
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project2
,
target_project:
project2
,
state:
'locked'
,
title:
'thing WIP thing'
)
}
let!
(
:merge_request4
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project3
,
target_project:
project3
,
title:
'WIP thing'
)
}
let!
(
:merge_request4
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project3
,
target_project:
project3
,
title:
'WIP thing'
)
}
let!
(
:merge_request5
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project4
,
target_project:
project4
,
title:
'[WIP]'
)
}
let!
(
:merge_request5
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project4
,
target_project:
project4
,
title:
'[WIP]'
)
}
let!
(
:merge_request6
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project5
,
target_project:
project5
,
title:
'WIP: thing'
)
}
let!
(
:merge_request6
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project5
,
target_project:
project5
,
title:
'WIP: thing'
)
}
let!
(
:merge_request7
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project6
,
target_project:
project6
,
title:
'wip thing'
)
}
let!
(
:merge_request7
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project6
,
target_project:
project6
,
title:
'wip thing'
)
}
let!
(
:merge_request8
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project1
,
target_project:
project1
,
title:
'[wip] thing'
)
}
let!
(
:merge_request8
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project1
,
target_project:
project1
,
title:
'[wip] thing'
)
}
let!
(
:merge_request9
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project1
,
target_project:
project2
,
title:
'wip: thing'
)
}
let!
(
:merge_request9
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
project1
,
target_project:
project2
,
title:
'wip: thing'
)
}
before
do
before
do
project1
.
add_maintainer
(
user
)
project1
.
add_maintainer
(
user
)
project2
.
add_developer
(
user
)
project2
.
add_developer
(
user
)
project3
.
add_developer
(
user
)
project3
.
add_developer
(
user
)
project2
.
add_developer
(
user2
)
project2
.
add_developer
(
user2
)
project4
.
add_developer
(
user
)
project4
.
add_developer
(
user
)
project5
.
add_developer
(
user
)
project5
.
add_developer
(
user
)
project6
.
add_developer
(
user
)
project6
.
add_developer
(
user
)
end
describe
"#execute"
do
it
'filters by scope'
do
params
=
{
scope:
'authored'
,
state:
'opened'
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
.
size
).
to
eq
(
7
)
end
end
it
'filters by project'
do
describe
'#execute'
do
params
=
{
project_id:
project1
.
id
,
scope:
'authored'
,
state:
'opened'
}
it
'filters by scope'
do
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
params
=
{
scope:
'authored'
,
state:
'opened'
}
expect
(
merge_requests
.
size
).
to
eq
(
2
)
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
end
expect
(
merge_requests
.
size
).
to
eq
(
7
)
end
it
'filters by commit sha
'
do
it
'filters by project
'
do
merge_requests
=
described_class
.
new
(
params
=
{
project_id:
project1
.
id
,
scope:
'authored'
,
state:
'opened'
}
user
,
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
commit_sha:
merge_request5
.
merge_request_diff
.
last_commit_sha
expect
(
merge_requests
.
size
).
to
eq
(
2
)
).
execute
end
expect
(
merge_requests
).
to
contain_exactly
(
merge_request5
)
it
'filters by commit sha'
do
end
merge_requests
=
described_class
.
new
(
user
,
commit_sha:
merge_request5
.
merge_request_diff
.
last_commit_sha
).
execute
expect
(
merge_requests
).
to
contain_exactly
(
merge_request5
)
end
context
'filtering by group'
do
it
'includes all merge requests when user has access'
do
params
=
{
group_id:
group
.
id
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
context
'filtering by group'
do
expect
(
merge_requests
.
size
).
to
eq
(
3
)
it
'includes all merge requests when user has access'
do
end
params
=
{
group_id:
group
.
id
}
it
'excludes merge requests from projects the user does not have access to'
do
private_project
=
create_project_without_n_plus_1
(
:private
,
group:
group
)
private_mr
=
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
private_project
,
target_project:
private_project
)
params
=
{
group_id:
group
.
id
}
private_project
.
add_guest
(
user
)
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
.
size
).
to
eq
(
3
)
expect
(
merge_requests
).
not_to
include
(
private_mr
)
end
it
'filters by group including subgroups'
,
:nested_groups
do
params
=
{
group_id:
group
.
id
,
include_subgroups:
true
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
.
size
).
to
eq
(
6
)
end
end
it
'filters by non_archived'
do
params
=
{
non_archived:
true
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
.
size
).
to
eq
(
8
)
end
it
'filters by iid'
do
params
=
{
project_id:
project1
.
id
,
iids:
merge_request1
.
iid
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
.
size
).
to
eq
(
3
)
expect
(
merge_requests
).
to
contain_exactly
(
merge_request1
)
end
end
it
'excludes merge requests from projects the user does not have access to'
do
it
'filters by source branch'
do
private_project
=
create_project_without_n_plus_1
(
:private
,
group:
group
)
params
=
{
source_branch:
merge_request2
.
source_branch
}
private_mr
=
create
(
:merge_request
,
:simple
,
author:
user
,
source_project:
private_project
,
target_project:
private_project
)
params
=
{
group_id:
group
.
id
}
private_project
.
add_guest
(
user
)
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
.
size
).
to
eq
(
3
)
expect
(
merge_requests
).
to
contain_exactly
(
merge_request2
)
expect
(
merge_requests
).
not_to
include
(
private_mr
)
end
end
it
'filters by
group including subgroups'
,
:nested_groups
do
it
'filters by
target branch'
do
params
=
{
group_id:
group
.
id
,
include_subgroups:
true
}
params
=
{
target_branch:
merge_request2
.
target_branch
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
.
size
).
to
eq
(
6
)
expect
(
merge_requests
).
to
contain_exactly
(
merge_request2
)
end
end
end
it
'filters by non_archived'
do
it
'filters by state'
do
params
=
{
non_archived:
true
}
params
=
{
state:
'locked'
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
.
size
).
to
eq
(
8
)
end
it
'filters by iid'
do
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
params
=
{
project_id:
project1
.
id
,
iids:
merge_request1
.
iid
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
).
to
contain_exactly
(
merge_request3
)
end
expect
(
merge_requests
).
to
contain_exactly
(
merge_request1
)
it
'filters by wip'
do
end
params
=
{
wip:
'yes'
}
it
'filters by source branch'
do
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
params
=
{
source_branch:
merge_request2
.
source_branch
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
).
to
contain_exactly
(
merge_request4
,
merge_request5
,
merge_request6
,
merge_request7
,
merge_request8
,
merge_request9
)
end
expect
(
merge_requests
).
to
contain_exactly
(
merge_request2
)
it
'filters by not wip'
do
end
params
=
{
wip:
'no'
}
it
'filters by target branch'
do
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
params
=
{
target_branch:
merge_request2
.
target_branch
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
).
to
contain_exactly
(
merge_request1
,
merge_request2
,
merge_request3
)
end
expect
(
merge_requests
).
to
contain_exactly
(
merge_request2
)
it
'returns all items if no valid wip param exists'
do
end
params
=
{
wip:
''
}
it
'filters by state'
do
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
params
=
{
state:
'locked'
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
).
to
contain_exactly
(
merge_request1
,
merge_request2
,
merge_request3
,
merge_request4
,
merge_request5
,
merge_request6
,
merge_request7
,
merge_request8
,
merge_request9
)
end
expect
(
merge_requests
).
to
contain_exactly
(
merge_request3
)
it
'adds wip to scalar params'
do
end
scalar_params
=
described_class
.
scalar_params
it
'filters by wip'
do
expect
(
scalar_params
).
to
include
(
:wip
,
:assignee_id
)
params
=
{
wip:
'yes'
}
end
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
context
'filtering by group milestone'
do
let!
(
:group
)
{
create
(
:group
,
:public
)
}
let
(
:group_milestone
)
{
create
(
:milestone
,
group:
group
)
}
let!
(
:group_member
)
{
create
(
:group_member
,
group:
group
,
user:
user
)
}
let
(
:params
)
{
{
milestone_title:
group_milestone
.
title
}
}
expect
(
merge_requests
).
to
contain_exactly
(
merge_request4
,
merge_request5
,
merge_request6
,
merge_request7
,
merge_request8
,
merge_request9
)
before
do
end
project2
.
update
(
namespace:
group
)
merge_request2
.
update
(
milestone:
group_milestone
)
merge_request3
.
update
(
milestone:
group_milestone
)
end
it
'filters by not wip
'
do
it
'returns issues assigned to that group milestone
'
do
params
=
{
wip:
'no'
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
).
to
contain_exactly
(
merge_request2
,
merge_request3
)
end
end
expect
(
merge_requests
).
to
contain_exactly
(
merge_request1
,
merge_request2
,
merge_request3
)
context
'filtering by created_at/updated_at'
do
end
let
(
:new_project
)
{
create
(
:project
,
forked_from_project:
project1
)
}
it
'returns all items if no valid wip param exists'
do
let!
(
:new_merge_request
)
do
params
=
{
wip:
''
}
create
(
:merge_request
,
:simple
,
author:
user
,
created_at:
1
.
week
.
from_now
,
updated_at:
1
.
week
.
from_now
,
source_project:
new_project
,
target_project:
new_project
)
end
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
let!
(
:old_merge_request
)
do
create
(
:merge_request
,
:simple
,
author:
user
,
source_branch:
'feature_1'
,
created_at:
1
.
week
.
ago
,
updated_at:
1
.
week
.
ago
,
source_project:
new_project
,
target_project:
new_project
)
end
expect
(
merge_requests
).
to
contain_exactly
(
merge_request1
,
merge_request2
,
merge_request3
,
merge_request4
,
merge_request5
,
merge_request6
,
merge_request7
,
merge_request8
,
merge_request9
)
before
do
end
new_project
.
add_maintainer
(
user
)
end
it
'adds wip to scalar params
'
do
it
'filters by created_after
'
do
scalar_params
=
described_class
.
scalar_params
params
=
{
project_id:
new_project
.
id
,
created_after:
new_merge_request
.
created_at
}
expect
(
scalar_params
).
to
include
(
:wip
,
:assignee_id
)
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
end
context
'filtering by group milestone'
do
expect
(
merge_requests
).
to
contain_exactly
(
new_merge_request
)
let!
(
:group
)
{
create
(
:group
,
:public
)
}
end
let
(
:group_milestone
)
{
create
(
:milestone
,
group:
group
)
}
let!
(
:group_member
)
{
create
(
:group_member
,
group:
group
,
user:
user
)
}
let
(
:params
)
{
{
milestone_title:
group_milestone
.
title
}
}
before
do
it
'filters by created_before'
do
project2
.
update
(
namespace:
group
)
params
=
{
project_id:
new_project
.
id
,
created_before:
old_merge_request
.
created_at
}
merge_request2
.
update
(
milestone:
group_milestone
)
merge_request3
.
update
(
milestone:
group_milestone
)
end
it
'returns issues assigned to that group milestone'
do
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
).
to
contain_exactly
(
merge_request2
,
merge_request3
)
expect
(
merge_requests
).
to
contain_exactly
(
old_merge_request
)
end
end
end
context
'filtering by created_at/updated_at'
do
it
'filters by created_after and created_before'
do
let
(
:new_project
)
{
create
(
:project
,
forked_from_project:
project1
)
}
params
=
{
project_id:
new_project
.
id
,
let!
(
:new_merge_request
)
do
created_after:
old_merge_request
.
created_at
,
create
(
:merge_request
,
created_before:
new_merge_request
.
created_at
:simple
,
}
author:
user
,
created_at:
1
.
week
.
from_now
,
updated_at:
1
.
week
.
from_now
,
source_project:
new_project
,
target_project:
new_project
)
end
let!
(
:old_merge_request
)
do
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
create
(
:merge_request
,
:simple
,
author:
user
,
source_branch:
'feature_1'
,
created_at:
1
.
week
.
ago
,
updated_at:
1
.
week
.
ago
,
source_project:
new_project
,
target_project:
new_project
)
end
before
do
expect
(
merge_requests
).
to
contain_exactly
(
old_merge_request
,
new_merge_request
)
new_project
.
add_maintainer
(
user
)
end
end
it
'filters by cre
ated_after'
do
it
'filters by upd
ated_after'
do
params
=
{
project_id:
new_project
.
id
,
created_after:
new_merge_request
.
cre
ated_at
}
params
=
{
project_id:
new_project
.
id
,
updated_after:
new_merge_request
.
upd
ated_at
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
).
to
contain_exactly
(
new_merge_request
)
expect
(
merge_requests
).
to
contain_exactly
(
new_merge_request
)
end
end
it
'filters by cre
ated_before'
do
it
'filters by upd
ated_before'
do
params
=
{
project_id:
new_project
.
id
,
created_before:
old_merge_request
.
cre
ated_at
}
params
=
{
project_id:
new_project
.
id
,
updated_before:
old_merge_request
.
upd
ated_at
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
).
to
contain_exactly
(
old_merge_request
)
expect
(
merge_requests
).
to
contain_exactly
(
old_merge_request
)
end
end
it
'filters by created_after and cre
ated_before'
do
it
'filters by updated_after and upd
ated_before'
do
params
=
{
params
=
{
project_id:
new_project
.
id
,
project_id:
new_project
.
id
,
created_after:
old_merge_request
.
cre
ated_at
,
updated_after:
old_merge_request
.
upd
ated_at
,
created_before:
new_merge_request
.
cre
ated_at
updated_before:
new_merge_request
.
upd
ated_at
}
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
merge_requests
).
to
contain_exactly
(
old_merge_request
,
new_merge_request
)
expect
(
merge_requests
).
to
contain_exactly
(
old_merge_request
,
new_merge_request
)
end
end
end
end
it
'filters by updated_after'
do
describe
'#row_count'
,
:request_store
do
params
=
{
project_id:
new_project
.
id
,
updated_after:
new_merge_request
.
updated_at
}
it
'returns the number of rows for the default state'
do
finder
=
described_class
.
new
(
user
)
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
expect
(
finder
.
row_count
).
to
eq
(
7
)
end
it
'returns the number of rows for a given state'
do
finder
=
described_class
.
new
(
user
,
state:
'closed'
)
expect
(
merge_requests
).
to
contain_exactly
(
new_merge_request
)
expect
(
finder
.
row_count
).
to
eq
(
1
)
end
end
end
end
it
'filters by updated_before
'
do
context
'when projects require different access levels for merge requests
'
do
params
=
{
project_id:
new_project
.
id
,
updated_before:
old_merge_request
.
updated_at
}
let
(
:user
)
{
create
(
:user
)
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
let
(
:public_project
)
{
create
(
:project
,
:public
)
}
let
(
:internal
)
{
create
(
:project
,
:internal
)
}
let
(
:private_project
)
{
create
(
:project
,
:private
)
}
let
(
:public_with_private_repo
)
{
create
(
:project
,
:public
,
:repository
,
:repository_private
)
}
let
(
:internal_with_private_repo
)
{
create
(
:project
,
:internal
,
:repository
,
:repository_private
)
}
expect
(
merge_requests
).
to
contain_exactly
(
old_merge_request
)
let
(
:merge_requests
)
{
described_class
.
new
(
user
,
{}).
execute
}
end
it
'filters by updated_after and updated_before'
do
let!
(
:mr_public
)
{
create
(
:merge_request
,
source_project:
public_project
)
}
params
=
{
let!
(
:mr_private
)
{
create
(
:merge_request
,
source_project:
private_project
)
}
project_id:
new_project
.
id
,
let!
(
:mr_internal
)
{
create
(
:merge_request
,
source_project:
internal
)
}
updated_after:
old_merge_request
.
updated_at
,
let!
(
:mr_private_repo_access
)
{
create
(
:merge_request
,
source_project:
public_with_private_repo
)
}
updated_before:
new_merge_request
.
updated_at
let!
(
:mr_internal_private_repo_access
)
{
create
(
:merge_request
,
source_project:
internal_with_private_repo
)
}
}
merge_requests
=
described_class
.
new
(
user
,
params
).
execute
context
'with admin user'
do
let
(
:user
)
{
create
(
:user
,
:admin
)
}
expect
(
merge_requests
).
to
contain_exactly
(
old_merge_request
,
new_merge_request
)
it
'returns all merge requests'
do
expect
(
merge_requests
).
to
eq
(
[
mr_internal_private_repo_access
,
mr_private_repo_access
,
mr_internal
,
mr_private
,
mr_public
]
)
end
end
end
end
...
@@ -293,19 +337,85 @@ describe MergeRequestsFinder do
...
@@ -293,19 +337,85 @@ describe MergeRequestsFinder do
expect
(
merge_requests
).
to
be_empty
expect
(
merge_requests
).
to
be_empty
end
end
end
end
end
describe
'#row_count'
,
:request_store
do
context
'with external user'
do
it
'returns the number of rows for the default state'
do
let
(
:user
)
{
create
(
:user
,
:external
)
}
finder
=
described_class
.
new
(
user
)
expect
(
finder
.
row_count
).
to
eq
(
7
)
it
'returns only public merge requests'
do
expect
(
merge_requests
).
to
eq
([
mr_public
])
end
end
end
it
'returns the number of rows for a given state'
do
context
'with authenticated user'
do
finder
=
described_class
.
new
(
user
,
state:
'closed'
)
it
'returns public and internal merge requests'
do
expect
(
merge_requests
).
to
eq
([
mr_internal
,
mr_public
])
end
context
'being added to the private project'
do
context
'as a guest'
do
before
do
private_project
.
add_guest
(
user
)
end
it
'does not return merge requests from the private project'
do
expect
(
merge_requests
).
to
eq
([
mr_internal
,
mr_public
])
end
end
context
'as a developer'
do
before
do
private_project
.
add_developer
(
user
)
end
it
'returns merge requests from the private project'
do
expect
(
merge_requests
).
to
eq
([
mr_internal
,
mr_private
,
mr_public
])
end
end
end
expect
(
finder
.
row_count
).
to
eq
(
1
)
context
'being added to the public project with private repo access'
do
context
'as a guest'
do
before
do
public_with_private_repo
.
add_guest
(
user
)
end
it
'returns merge requests from the project'
do
expect
(
merge_requests
).
to
eq
([
mr_internal
,
mr_public
])
end
end
context
'as a reporter'
do
before
do
public_with_private_repo
.
add_reporter
(
user
)
end
it
'returns merge requests from the project'
do
expect
(
merge_requests
).
to
eq
([
mr_private_repo_access
,
mr_internal
,
mr_public
])
end
end
end
context
'being added to the internal project with private repo access'
do
context
'as a guest'
do
before
do
internal_with_private_repo
.
add_guest
(
user
)
end
it
'returns merge requests from the project'
do
expect
(
merge_requests
).
to
eq
([
mr_internal
,
mr_public
])
end
end
context
'as a reporter'
do
before
do
internal_with_private_repo
.
add_reporter
(
user
)
end
it
'returns merge requests from the project'
do
expect
(
merge_requests
).
to
eq
([
mr_internal_private_repo_access
,
mr_internal
,
mr_public
])
end
end
end
end
end
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
