Improve protected branches feature spec.

1. Previously, we had a separate test for each and every possible role,
   and another test for access by user, each multiplied by the access
   types (merge and push), and further multiplied by the type of CRUD
   operation (create or update).

2. Since we allow selecting multiple access levels at once, it makes
   sense to collapse a lot of these tests. Now, in single test, we check
   access levels for all roles and 5 different users. Multiply that by
   4 (as mentioned above), and we only have 4 tests total (that still
   test everything the previous tests did).

3. Use a shared example to reduce potential conflicts in the future,
   since CE access control specs are significantly different.

spec/features/protected_branches/access_control_ee_spec.rb

+RSpec.shared_examples "protected branches > access control > EE" do
+  [['merge', ProtectedBranch::MergeAccessLevel], ['push', ProtectedBranch::PushAccessLevel]].each do |git_operation, access_level_class|
+    # Need to set a default for the `git_operation` access level that _isn't_ being tested
+    other_git_operation = git_operation == 'merge' ? 'push' : 'merge'
+
+    it "allows creating protected branches that roles and users can #{git_operation} to" do
+      users = create_list(:user, 5)
+      users.each { |user| project.team << [user, :developer] }
+      roles = access_level_class.human_access_levels
+
+      visit namespace_project_protected_branches_path(project.namespace, project)
+      set_protected_branch_name('master')
+
+      users.each { |user| set_allowed_to(git_operation, user.name) }
+      roles.each { |(_, access_type_name)| set_allowed_to(git_operation, access_type_name) }
+      set_allowed_to(other_git_operation)
+
+      click_on "Protect"
+
+      expect(ProtectedBranch.count).to eq(1)
+      roles.each { |(access_type_id, _)| expect(ProtectedBranch.last.send("#{git_operation}_access_levels".to_sym).map(&:access_level)).to include(access_type_id) }
+      users.each { |user| expect(ProtectedBranch.last.send("#{git_operation}_access_levels".to_sym).map(&:user_id)).to include(user.id) }
+    end
+
+    it "allows updating protected branches that roles and users can #{git_operation} to" do
+      users = create_list(:user, 5)
+      users.each { |user| project.team << [user, :developer] }
+      roles = access_level_class.human_access_levels
+
+      visit namespace_project_protected_branches_path(project.namespace, project)
+      set_protected_branch_name('master')
+      set_allowed_to('merge')
+      set_allowed_to('push')
+
+      click_on "Protect"
+
+      within(".js-protected-branch-edit-form") do
+        users.each { |user| set_allowed_to(git_operation, user.name) }
+        roles.each { |(_, access_type_name)| set_allowed_to(git_operation, access_type_name) }
+      end
+
+      wait_for_ajax
+
+      expect(ProtectedBranch.count).to eq(1)
+      roles.each { |(access_type_id, _)| expect(ProtectedBranch.last.send("#{git_operation}_access_levels".to_sym).map(&:access_level)).to include(access_type_id) }
+      users.each { |user| expect(ProtectedBranch.last.send("#{git_operation}_access_levels".to_sym).map(&:user_id)).to include(user.id) }
+    end
+  end
+end

spec/features/protected_branches_spec.rb

 require 'spec_helper'
+Dir["./spec/features/protected_branches/*.rb"].sort.each { |f| require f }
 
 feature 'Projected Branches', feature: true, js: true do
   include WaitForAjax
@@ -107,149 +108,6 @@ feature 'Projected Branches', feature: true, js: true do
   end
 
   describe "access control" do
-    ProtectedBranch::PushAccessLevel.human_access_levels.each do |(access_type_id, access_type_name)|
-      it "allows creating protected branches that #{access_type_name} can push to" do
-        visit namespace_project_protected_branches_path(project.namespace, project)
-        set_protected_branch_name('master')
-        set_allowed_to('merge')
-        set_allowed_to('push', access_type_name)
-        click_on "Protect"
-
-        expect(ProtectedBranch.count).to eq(1)
-        expect(ProtectedBranch.last.push_access_levels.map(&:access_level)).to eq([access_type_id])
-      end
-
-      it "allows updating protected branches so that #{access_type_name} can push to them" do
-        authorized_user = create(:user)
-        project.team << [authorized_user, :developer]
-
-        visit namespace_project_protected_branches_path(project.namespace, project)
-        set_protected_branch_name('master')
-        set_allowed_to('merge')
-        set_allowed_to('push', authorized_user.name)
-        click_on "Protect"
-
-        expect(ProtectedBranch.count).to eq(1)
-
-        within(".js-protected-branch-edit-form") do
-          set_allowed_to('push', access_type_name)
-        end
-
-        wait_for_ajax
-
-        expect(ProtectedBranch.last.push_access_levels.map(&:access_level)).to include(access_type_id)
-      end
-    end
-
-    ProtectedBranch::MergeAccessLevel.human_access_levels.each do |(access_type_id, access_type_name)|
-      it "allows creating protected branches that #{access_type_name} can merge to" do
-        visit namespace_project_protected_branches_path(project.namespace, project)
-        set_protected_branch_name('master')
-        set_allowed_to('push')
-        set_allowed_to('merge', access_type_name)
-        click_on "Protect"
-
-        expect(ProtectedBranch.count).to eq(1)
-        expect(ProtectedBranch.last.merge_access_levels.map(&:access_level)).to eq([access_type_id])
-      end
-
-      it "allows updating protected branches so that #{access_type_name} can merge to them", focus: true do
-        authorized_user = create(:user)
-        project.team << [authorized_user, :developer]
-
-        visit namespace_project_protected_branches_path(project.namespace, project)
-        set_protected_branch_name('master')
-        set_allowed_to('merge', authorized_user.name)
-        set_allowed_to('push')
-        click_on "Protect"
-
-        expect(ProtectedBranch.count).to eq(1)
-
-        within(".js-protected-branch-edit-form") do
-          set_allowed_to('merge', access_type_name)
-        end
-
-        wait_for_ajax
-        expect(ProtectedBranch.last.merge_access_levels.map(&:access_level)).to include(access_type_id)
-      end
-    end
-
-    context "while restricting access to a specific user" do
-      let(:authorized_user) { create(:user) }
-
-      before { project.team << [authorized_user, :developer] }
-
-      git_operations = ['push', 'merge']
-
-      git_operations.each_with_index do |git_operation_type, i|
-        alt_git_operation = git_operations[(i +1) %2] # Will return the next or previous operation
-
-        it "allows creating protected branches that a specific user can #{git_operation_type} to" do
-          visit namespace_project_protected_branches_path(project.namespace, project)
-          set_protected_branch_name('master')
-          within('.new_protected_branch') do
-            find(".js-allowed-to-#{git_operation_type}").click
-            click_on authorized_user.name
-          end
-          set_allowed_to(alt_git_operation)
-
-          perform_enqueued_jobs { click_on "Protect" }
-
-          within '.js-protected-branch-edit-form' do
-            find(".js-allowed-to-#{git_operation_type}").click
-            wait_for_ajax
-            expect(page).to have_selector('a.is-active', text: authorized_user.name)
-          end
-        end
-
-        it "allows updating a protected branch so that a specific user can #{git_operation_type} to it" do
-          visit namespace_project_protected_branches_path(project.namespace, project)
-          set_protected_branch_name('master')
-          set_allowed_to('merge')
-          set_allowed_to('push')
-          click_on "Protect"
-
-          within '.js-protected-branch-edit-form' do
-            set_allowed_to(git_operation_type, authorized_user.name)
-          end
-
-          wait_for_ajax
-
-          access_levels = ProtectedBranch.first.send("#{git_operation_type}_access_levels".to_sym)
-          expect(access_levels.last.user).to eq(authorized_user)
-        end
-
-        it "allows deleting a user-specific access level" do
-          other_authorized_user = create(:user)
-          project.team << [other_authorized_user, :developer]
-
-          visit namespace_project_protected_branches_path(project.namespace, project)
-          set_protected_branch_name('master')
-
-          within('.new_protected_branch') do
-            # First authorized user has access
-            set_allowed_to(git_operation_type, authorized_user.name)
-            set_allowed_to(alt_git_operation)
-          end
-          click_on "Protect"
-          
-          within '.js-protected-branch-edit-form' do
-            # Second authorized user has access
-            set_allowed_to(git_operation_type, other_authorized_user.name)
-
-            # Remove first user's access
-            find(".js-allowed-to-#{git_operation_type}").click
-            wait_for_ajax
-            click_on other_authorized_user.name
-            find(".js-allowed-to-#{git_operation_type}").click # Close to submit the form
-          end
-
-          access_levels = ProtectedBranch.first.send("#{git_operation_type}_access_levels".to_sym)
-
-          expect(access_levels.count).to eq(2)
-          expect(access_levels.last.user).to eq(other_authorized_user)
-        end
-      end
-    end
+    include_examples "protected branches > access control > EE"
   end
 end