Merge branch 'reduce-diff-in-spec-models' into 'master'

[EE] Reduce diff with CE in `spec/models` See merge request gitlab-org/gitlab-ee!10534

Merge branch 'reduce-diff-in-spec-models' into 'master'
[EE] Reduce diff with CE in `spec/models` See merge request gitlab-org/gitlab-ee!10534
f8e9013d · Lin Jen-Shin · b1f18a67 · d1548e0e · f8e9013d · f8e9013d
Commit f8e9013d authored Apr 02, 2019 by Lin Jen-Shin
23 changed files
--- a/ee/spec/models/ci/build_spec.rb
+++ b/ee/spec/models/ci/build_spec.rb
@@ -15,6 +15,8 @@ describe Ci::Build do

  let(:job) { create(:ci_build, pipeline: pipeline) }

+  it { is_expected.to have_many(:sourced_pipelines) }
+
  describe '#shared_runners_minutes_limit_enabled?' do
    subject { job.shared_runners_minutes_limit_enabled? }


--- a/ee/spec/models/ci/pipeline_spec.rb
+++ b/ee/spec/models/ci/pipeline_spec.rb
@@ -10,6 +10,10 @@ describe Ci::Pipeline do
    create(:ci_empty_pipeline, status: :created, project: project)
  end

+  it { is_expected.to have_one(:source_pipeline) }
+  it { is_expected.to have_many(:sourced_pipelines) }
+  it { is_expected.to have_one(:triggered_by_pipeline) }
+  it { is_expected.to have_many(:triggered_pipelines) }
  it { is_expected.to have_many(:job_artifacts).through(:builds) }
  it { is_expected.to have_many(:vulnerabilities).through(:vulnerabilities_occurrence_pipelines).class_name('Vulnerabilities::Occurrence') }
  it { is_expected.to have_many(:vulnerabilities_occurrence_pipelines).class_name('Vulnerabilities::OccurrencePipeline') }
@@ -483,4 +487,25 @@ describe Ci::Pipeline do
      end
    end
  end
+
+  describe '#ci_yaml_file_path' do
+    subject { pipeline.ci_yaml_file_path }
+
+    context 'the source is the repository' do
+      let(:implied_yml) { Gitlab::Template::GitlabCiYmlTemplate.find('Auto-DevOps').content }
+
+      before do
+        pipeline.repository_source!
+      end
+
+      it 'returns the configuration if found' do
+        allow(pipeline.project.repository).to receive(:gitlab_ci_yml_for)
+          .and_return('config')
+
+        expect(pipeline.ci_yaml_file).to be_a(String)
+        expect(pipeline.ci_yaml_file).not_to eq(implied_yml)
+        expect(pipeline.yaml_errors).to be_nil
+      end
+    end
+  end
 end
--- a/ee/spec/models/ci/variable_spec.rb
+++ b/ee/spec/models/ci/variable_spec.rb
+# frozen_string_literal: true
+
 require 'spec_helper'

 describe Ci::Variable do
  subject { build(:ci_variable) }

+  describe 'validations' do
+    it { is_expected.to include_module(HasEnvironmentScope) }
+  end
+
  it do
    is_expected.to validate_uniqueness_of(:key)
      .scoped_to(:project_id, :environment_scope)

--- a/ee/spec/models/ee/environment_spec.rb
+++ b/ee/spec/models/ee/environment_spec.rb
+# frozen_string_literal: true
+
 require 'spec_helper'

 describe Environment do
@@ -95,4 +97,45 @@ describe Environment do
      end
    end
  end
+
+  describe '#rollout_status' do
+    shared_examples 'same behavior between KubernetesService and Platform::Kubernetes' do
+      subject { environment.rollout_status }
+
+      context 'when the environment has rollout status' do
+        before do
+          allow(environment).to receive(:has_terminals?).and_return(true)
+        end
+
+        it 'returns the rollout status from the deployment service' do
+          expect(environment.deployment_platform)
+            .to receive(:rollout_status).with(environment)
+            .and_return(:fake_rollout_status)
+
+          is_expected.to eq(:fake_rollout_status)
+        end
+      end
+
+      context 'when the environment does not have rollout status' do
+        before do
+          allow(environment).to receive(:has_terminals?).and_return(false)
+        end
+
+        it { is_expected.to eq(nil) }
+      end
+    end
+
+    context 'when user configured kubernetes from Integration > Kubernetes' do
+      let(:project) { create(:kubernetes_project) }
+
+      it_behaves_like 'same behavior between KubernetesService and Platform::Kubernetes'
+    end
+
+    context 'when user configured kubernetes from CI/CD > Clusters' do
+      let!(:cluster) { create(:cluster, :project, :provided_by_gcp) }
+      let(:project) { cluster.project }
+
+      it_behaves_like 'same behavior between KubernetesService and Platform::Kubernetes'
+    end
+  end
 end
--- a/ee/spec/models/milestone_spec.rb
+++ b/ee/spec/models/milestone_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Milestone do
+  describe "Associations" do
+    it { is_expected.to have_many(:boards) }
+  end
+end
--- a/ee/spec/models/namespace_spec.rb
+++ b/ee/spec/models/namespace_spec.rb
+# frozen_string_literal: true
+
 require 'spec_helper'

 describe Namespace do
@@ -686,4 +688,128 @@ describe Namespace do
      end
    end
  end
+
+  describe '#actual_size_limit' do
+    let(:namespace) { build(:namespace) }
+
+    before do
+      allow_any_instance_of(ApplicationSetting).to receive(:repository_size_limit).and_return(50)
+    end
+
+    it 'returns the correct size limit' do
+      expect(namespace.actual_size_limit).to eq(50)
+    end
+  end
+
+  describe '#membership_lock with subgroups', :nested_groups do
+    context 'when creating a subgroup' do
+      let(:subgroup) { create(:group, parent: root_group) }
+
+      context 'under a parent with "Membership lock" enabled' do
+        let(:root_group) { create(:group, membership_lock: true) }
+
+        it 'enables "Membership lock" on the subgroup' do
+          expect(subgroup.membership_lock).to be_truthy
+        end
+      end
+
+      context 'under a parent with "Membership lock" disabled' do
+        let(:root_group) { create(:group) }
+
+        it 'does not enable "Membership lock" on the subgroup' do
+          expect(subgroup.membership_lock).to be_falsey
+        end
+      end
+
+      context 'when enabling the parent group "Membership lock"' do
+        let(:root_group) { create(:group) }
+        let!(:subgroup) { create(:group, parent: root_group) }
+
+        it 'the subgroup "Membership lock" not changed' do
+          root_group.update!(membership_lock: true)
+
+          expect(subgroup.reload.membership_lock).to be_falsey
+        end
+      end
+
+      context 'when disabling the parent group "Membership lock" (which was already enabled)' do
+        let(:root_group) { create(:group, membership_lock: true) }
+
+        context 'and the subgroup "Membership lock" is enabled' do
+          let(:subgroup) { create(:group, parent: root_group, membership_lock: true) }
+
+          it 'the subgroup "Membership lock" does not change' do
+            root_group.update!(membership_lock: false)
+
+            expect(subgroup.reload.membership_lock).to be_truthy
+          end
+        end
+
+        context 'but the subgroup "Membership lock" is disabled' do
+          let(:subgroup) { create(:group, parent: root_group) }
+
+          it 'the subgroup "Membership lock" does not change' do
+            root_group.update!(membership_lock: false)
+
+            expect(subgroup.reload.membership_lock?).to be_falsey
+          end
+        end
+      end
+    end
+
+    # Note: Group transfers are not yet implemented
+    context 'when a group is transferred into a root group' do
+      context 'when the root group "Membership lock" is enabled' do
+        let(:root_group) { create(:group, membership_lock: true) }
+
+        context 'when the subgroup "Membership lock" is enabled' do
+          let(:subgroup) { create(:group, membership_lock: true) }
+
+          it 'the subgroup "Membership lock" does not change' do
+            subgroup.parent = root_group
+            subgroup.save!
+
+            expect(subgroup.membership_lock).to be_truthy
+          end
+        end
+
+        context 'when the subgroup "Membership lock" is disabled' do
+          let(:subgroup) { create(:group) }
+
+          it 'the subgroup "Membership lock" not changed' do
+            subgroup.parent = root_group
+            subgroup.save!
+
+            expect(subgroup.membership_lock).to be_falsey
+          end
+        end
+      end
+
+      context 'when the root group "Membership lock" is disabled' do
+        let(:root_group) { create(:group) }
+
+        context 'when the subgroup "Membership lock" is enabled' do
+          let(:subgroup) { create(:group, membership_lock: true) }
+
+          it 'the subgroup "Membership lock" does not change' do
+            subgroup.parent = root_group
+            subgroup.save!
+
+            expect(subgroup.membership_lock).to be_truthy
+          end
+        end
+
+        context 'when the subgroup "Membership lock" is disabled' do
+          let(:subgroup) { create(:group) }
+
+          it 'the subgroup "Membership lock" does not change' do
+            subgroup.parent = root_group
+            subgroup.save!
+
+            expect(subgroup.membership_lock).to be_falsey
+          end
+        end
+      end
+    end
+  end
 end
--- a/ee/spec/models/project_feature_spec.rb
+++ b/ee/spec/models/project_feature_spec.rb
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe ProjectFeature do
+  let(:project) { create(:project) }
+  let(:user) { create(:user) }
+
+  describe '#feature_available?' do
+    let(:features) { %w(issues wiki builds merge_requests snippets repository pages) }
+
+    context 'when features are enabled only for team members' do
+      it "returns true if user is an auditor" do
+        user.update_attribute(:auditor, true)
+
+        features.each do |feature|
+          project.project_feature.update_attribute("#{feature}_access_level".to_sym, ProjectFeature::PRIVATE)
+          expect(project.feature_available?(:issues, user)).to eq(true)
+        end
+      end
+    end
+  end
+end
--- a/ee/spec/models/project_spec.rb
+++ b/ee/spec/models/project_spec.rb
--- a/ee/spec/models/project_wiki_spec.rb
+++ b/ee/spec/models/project_wiki_spec.rb
+# frozen_string_literal: true
+
+require "spec_helper"
+
+describe ProjectWiki do
+  let(:user) { create(:user, :commit_email) }
+  let(:project) { create(:project, :wiki_repo, namespace: user.namespace) }
+  let(:project_wiki) { described_class.new(project, user) }
+
+  subject { project_wiki }
+
+  describe "#kerberos_url_to_repo" do
+    it 'returns valid kerberos url for this repo' do
+      gitlab_kerberos_url = Gitlab.config.build_gitlab_kerberos_url
+      repo_kerberos_url = "#{gitlab_kerberos_url}/#{subject.full_path}.git"
+
+      expect(subject.kerberos_url_to_repo).to eq(repo_kerberos_url)
+    end
+  end
+end
--- a/ee/spec/models/ee/user_spec.rb
+++ b/ee/spec/models/ee/user_spec.rb
+# frozen_string_literal: true
+
 require 'spec_helper'

-describe EE::User do
-  subject(:user) { User.new }
+describe User do
+  subject(:user) { described_class.new }

  describe 'user creation' do
    describe 'with defaults' do
@@ -11,14 +13,46 @@ describe EE::User do
    end
  end

+  describe 'delegations' do
+    it { is_expected.to delegate_method(:shared_runners_minutes_limit).to(:namespace) }
+    it { is_expected.to delegate_method(:shared_runners_minutes_limit=).to(:namespace).with_arguments(133) }
+  end
+
  describe 'associations' do
    subject { build(:user) }

    it { is_expected.to have_many(:reviews) }
    it { is_expected.to have_many(:vulnerability_feedback) }
+    it { is_expected.to have_many(:path_locks).dependent(:destroy) }
+  end
+
+  describe 'nested attributes' do
+    it { is_expected.to respond_to(:namespace_attributes=) }
+  end
+
+  describe 'validations' do
+    it 'does not allow a user to be both an auditor and an admin' do
+      user = build(:user, :admin, :auditor)
+
+      expect(user).to be_invalid
+    end
  end

  describe "scopes" do
+    describe ".non_ldap" do
+      it "retuns non-ldap user" do
+        described_class.delete_all
+        create(:user)
+        ldap_user = create(:omniauth_user, provider: "ldapmain")
+        create(:omniauth_user, provider: "gitlub")
+
+        users = described_class.non_ldap
+
+        expect(users.count).to eq(2)
+        expect(users.detect { |user| user.username == ldap_user.username }).to be_nil
+      end
+    end
+
    describe '.excluding_guests' do
      let!(:user_without_membership) { create(:user).id }
      let!(:project_guest_user)      { create(:project_member, :guest).user_id }
@@ -27,7 +61,7 @@ describe EE::User do
      let!(:group_reporter_user)     { create(:group_member, :reporter).user_id }

      it 'exclude users with a Guest role in a Project/Group' do
-        user_ids = User.excluding_guests.pluck(:id)
+        user_ids = described_class.excluding_guests.pluck(:id)

        expect(user_ids).to include(project_reporter_user)
        expect(user_ids).to include(group_reporter_user)
@@ -44,12 +78,66 @@ describe EE::User do
    let!(:smartcard_identity) { create(:smartcard_identity, user: user) }

    it 'returns the user' do
-      expect(User.find_by_smartcard_identity(smartcard_identity.subject,
+      expect(described_class.find_by_smartcard_identity(smartcard_identity.subject,
                                             smartcard_identity.issuer))
        .to eq(user)
    end
  end

+  describe 'the GitLab_Auditor_User add-on' do
+    context 'creating an auditor user' do
+      it "does not allow creating an auditor user if the addon isn't enabled" do
+        stub_licensed_features(auditor_user: false)
+
+        expect(build(:user, :auditor)).to be_invalid
+      end
+
+      it "does not allow creating an auditor user if no license is present" do
+        allow(License).to receive(:current).and_return nil
+
+        expect(build(:user, :auditor)).to be_invalid
+      end
+
+      it "allows creating an auditor user if the addon is enabled" do
+        stub_licensed_features(auditor_user: true)
+
+        expect(build(:user, :auditor)).to be_valid
+      end
+
+      it "allows creating a regular user if the addon isn't enabled" do
+        stub_licensed_features(auditor_user: false)
+
+        expect(build(:user)).to be_valid
+      end
+    end
+
+    context '#auditor?' do
+      it "returns true for an auditor user if the addon is enabled" do
+        stub_licensed_features(auditor_user: true)
+
+        expect(build(:user, :auditor)).to be_auditor
+      end
+
+      it "returns false for an auditor user if the addon is not enabled" do
+        stub_licensed_features(auditor_user: false)
+
+        expect(build(:user, :auditor)).not_to be_auditor
+      end
+
+      it "returns false for an auditor user if a license is not present" do
+        stub_licensed_features(auditor_user: false)
+
+        expect(build(:user, :auditor)).not_to be_auditor
+      end
+
+      it "returns false for a non-auditor user even if the addon is present" do
+        stub_licensed_features(auditor_user: true)
+
+        expect(build(:user)).not_to be_auditor
+      end
+    end
+  end
+
  describe '#access_level=' do
    let(:user) { build(:user) }


--- a/spec/models/ci/bridge_spec.rb
+++ b/spec/models/ci/bridge_spec.rb
@@ -7,7 +7,7 @@ describe Ci::Bridge do
  set(:pipeline) { create(:ci_pipeline, project: project) }

  let(:bridge) do
-    create(:ci_bridge, status: :success, pipeline: pipeline)
+    create(:ci_bridge, pipeline: pipeline)
  end

  describe '#tags' do

--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -19,7 +19,6 @@ describe Ci::Build do
  it { is_expected.to belong_to(:runner) }
  it { is_expected.to belong_to(:trigger_request) }
  it { is_expected.to belong_to(:erased_by) }
-  it { is_expected.to have_many(:sourced_pipelines) }
  it { is_expected.to have_many(:trace_sections)}
  it { is_expected.to have_one(:deployment) }
  it { is_expected.to have_one(:runner_session)}

--- a/spec/models/ci/pipeline_spec.rb
+++ b/spec/models/ci/pipeline_spec.rb
@@ -26,10 +26,6 @@ describe Ci::Pipeline, :mailer do
  it { is_expected.to have_many(:builds) }
  it { is_expected.to have_many(:auto_canceled_pipelines) }
  it { is_expected.to have_many(:auto_canceled_jobs) }
-  it { is_expected.to have_one(:source_pipeline) }
-  it { is_expected.to have_many(:sourced_pipelines) }
-  it { is_expected.to have_one(:triggered_by_pipeline) }
-  it { is_expected.to have_many(:triggered_pipelines) }
  it { is_expected.to have_one(:chat_data) }

  it { is_expected.to validate_presence_of(:sha) }
@@ -820,8 +816,7 @@ describe Ci::Pipeline, :mailer do

  describe 'pipeline stages' do
    describe '#stage_seeds' do
-      let(:project) { create(:project, :repository) }
-      let(:pipeline) { build(:ci_pipeline, project: project, config: config) }
+      let(:pipeline) { build(:ci_pipeline, config: config) }
      let(:config) { { rspec: { script: 'rake' } } }

      it 'returns preseeded stage seeds object' do
@@ -851,7 +846,7 @@ describe Ci::Pipeline, :mailer do

      context 'when refs policy is specified' do
        let(:pipeline) do
-          build(:ci_pipeline, ref: 'feature', tag: true, project: project, config: config)
+          build(:ci_pipeline, ref: 'feature', tag: true, config: config)
        end

        let(:config) do
@@ -869,9 +864,7 @@ describe Ci::Pipeline, :mailer do
      end

      context 'when source policy is specified' do
-        let(:pipeline) do
-          build(:ci_pipeline, source: :schedule, project: project, config: config)
-        end
+        let(:pipeline) { build(:ci_pipeline, source: :schedule, config: config) }

        let(:config) do
          { production: { stage: 'deploy', script: 'cap prod', only: ['triggers'] },
@@ -911,7 +904,7 @@ describe Ci::Pipeline, :mailer do
          end

          context 'when user configured kubernetes from Integration > Kubernetes' do
-            let(:project) { create(:kubernetes_project, :repository) }
+            let(:project) { create(:kubernetes_project) }
            let(:pipeline) { build(:ci_pipeline, project: project, config: config) }

            it_behaves_like 'same behavior between KubernetesService and Platform::Kubernetes'
@@ -953,15 +946,13 @@ describe Ci::Pipeline, :mailer do

    describe '#seeds_size' do
      context 'when refs policy is specified' do
-        let(:project) { create(:project, :repository) }
-
        let(:config) do
          { production: { stage: 'deploy', script: 'cap prod', only: ['master'] },
            spinach: { stage: 'test', script: 'spinach', only: ['tags'] } }
        end

        let(:pipeline) do
-          build(:ci_pipeline, ref: 'feature', tag: true, project: project, config: config)
+          build(:ci_pipeline, ref: 'feature', tag: true, config: config)
        end

        it 'returns real seeds size' do
@@ -1945,23 +1936,6 @@ describe Ci::Pipeline, :mailer do
      end
    end

-    context 'the source is the repository' do
-      let(:implied_yml) { Gitlab::Template::GitlabCiYmlTemplate.find('Auto-DevOps').content }
-
-      before do
-        pipeline.repository_source!
-      end
-
-      it 'returns the configuration if found' do
-        allow(pipeline.project.repository).to receive(:gitlab_ci_yml_for)
-          .and_return('config')
-
-        expect(pipeline.ci_yaml_file).to be_a(String)
-        expect(pipeline.ci_yaml_file).not_to eq(implied_yml)
-        expect(pipeline.yaml_errors).to be_nil
-      end
-    end
-
    context 'when pipeline is for auto-devops' do
      before do
        pipeline.config_source = 'auto_devops_source'
@@ -2642,9 +2616,8 @@ describe Ci::Pipeline, :mailer do
    end

    context 'when pipeline does not have errors' do
-      let(:project) { create(:project, :repository) }
      let(:pipeline) do
-        create(:ci_pipeline, project: project, config: { rspec: { script: 'rake test' } })
+        create(:ci_pipeline, config: { rspec: { script: 'rake test' } })
      end

      it 'does not contain yaml errors' do

--- a/spec/models/ci/variable_spec.rb
+++ b/spec/models/ci/variable_spec.rb
@@ -6,12 +6,6 @@ describe Ci::Variable do
  subject { build(:ci_variable) }

  describe 'validations' do
-    # EE
-    before do
-      stub_licensed_features(variable_environment_scope: true)
-    end
-
-    it { is_expected.to include_module(HasEnvironmentScope) }
    it { is_expected.to include_module(HasVariable) }
    it { is_expected.to include_module(Presentable) }
    it { is_expected.to include_module(Maskable) }

--- a/spec/models/environment_spec.rb
+++ b/spec/models/environment_spec.rb
@@ -557,10 +557,6 @@ describe Environment do
  end

  describe '#deployment_platform' do
-    before do
-      stub_licensed_features(multiple_clusters: true)
-    end
-
    context 'when there is a deployment platform for environment' do
      let!(:cluster) do
        create(:cluster, :provided_by_gcp,
@@ -596,7 +592,9 @@ describe Environment do

      shared_examples 'same behavior between KubernetesService and Platform::Kubernetes' do
        it 'returns the terminals from the deployment service' do
-          expect(environment.deployment_platform)
+          deployment_platform_target = Gitlab.ee? ? environment : project
+
+          expect(deployment_platform_target.deployment_platform)
            .to receive(:terminals).with(environment)
            .and_return(:fake_terminals)

@@ -627,47 +625,6 @@ describe Environment do
    end
  end

-  describe '#rollout_status' do
-    shared_examples 'same behavior between KubernetesService and Platform::Kubernetes' do
-      subject { environment.rollout_status }
-
-      context 'when the environment has rollout status' do
-        before do
-          allow(environment).to receive(:has_terminals?).and_return(true)
-        end
-
-        it 'returns the rollout status from the deployment service' do
-          expect(environment.deployment_platform)
-            .to receive(:rollout_status).with(environment)
-            .and_return(:fake_rollout_status)
-
-          is_expected.to eq(:fake_rollout_status)
-        end
-      end
-
-      context 'when the environment does not have rollout status' do
-        before do
-          allow(environment).to receive(:has_terminals?).and_return(false)
-        end
-
-        it { is_expected.to eq(nil) }
-      end
-    end
-
-    context 'when user configured kubernetes from Integration > Kubernetes' do
-      let(:project) { create(:kubernetes_project) }
-
-      it_behaves_like 'same behavior between KubernetesService and Platform::Kubernetes'
-    end
-
-    context 'when user configured kubernetes from CI/CD > Clusters' do
-      let!(:cluster) { create(:cluster, :project, :provided_by_gcp) }
-      let(:project) { cluster.project }
-
-      it_behaves_like 'same behavior between KubernetesService and Platform::Kubernetes'
-    end
-  end
-
  describe '#has_metrics?' do
    subject { environment.has_metrics? }

@@ -732,7 +689,7 @@ describe Environment do
    let(:project) { create(:prometheus_project) }
    subject { environment.additional_metrics }

-    context 'when the environment has metrics' do
+    context 'when the environment has additional metrics' do
      before do
        allow(environment).to receive(:has_metrics?).and_return(true)
      end

--- a/spec/models/merge_request_spec.rb
+++ b/spec/models/merge_request_spec.rb
@@ -476,6 +476,7 @@ describe MergeRequest do
      it 'does not cache issues from external trackers' do
        issue  = ExternalIssue.new('JIRA-123', subject.project)
        commit = double('commit1', safe_message: "Fixes #{issue.to_reference}")
+
        allow(subject).to receive(:commits).and_return([commit])

        expect { subject.cache_merge_request_closes_issues!(subject.author) }.not_to raise_error

--- a/spec/models/milestone_spec.rb
+++ b/spec/models/milestone_spec.rb
@@ -42,8 +42,6 @@ describe Milestone do

  describe "Associations" do
    it { is_expected.to belong_to(:project) }
-
-    it { is_expected.to have_many(:boards) }
    it { is_expected.to have_many(:issues) }
  end


--- a/spec/models/namespace_spec.rb
+++ b/spec/models/namespace_spec.rb
@@ -376,18 +376,6 @@ describe Namespace do
    end
  end

-  describe '#actual_size_limit' do
-    let(:namespace) { build(:namespace) }
-
-    before do
-      allow_any_instance_of(ApplicationSetting).to receive(:repository_size_limit).and_return(50)
-    end
-
-    it 'returns the correct size limit' do
-      expect(namespace.actual_size_limit).to eq(50)
-    end
-  end
-
  describe '#rm_dir', 'callback' do
    let(:repository_storage_path) do
      Gitlab::GitalyClient::StorageSettings.allow_disk_access do
@@ -707,118 +695,6 @@ describe Namespace do
    end
  end

-  describe '#membership_lock with subgroups', :nested_groups do
-    context 'when creating a subgroup' do
-      let(:subgroup) { create(:group, parent: root_group) }
-
-      context 'under a parent with "Membership lock" enabled' do
-        let(:root_group) { create(:group, membership_lock: true) }
-
-        it 'enables "Membership lock" on the subgroup' do
-          expect(subgroup.membership_lock).to be_truthy
-        end
-      end
-
-      context 'under a parent with "Membership lock" disabled' do
-        let(:root_group) { create(:group) }
-
-        it 'does not enable "Membership lock" on the subgroup' do
-          expect(subgroup.membership_lock).to be_falsey
-        end
-      end
-
-      context 'when enabling the parent group "Membership lock"' do
-        let(:root_group) { create(:group) }
-        let!(:subgroup) { create(:group, parent: root_group) }
-
-        it 'the subgroup "Membership lock" not changed' do
-          root_group.update!(membership_lock: true)
-
-          expect(subgroup.reload.membership_lock).to be_falsey
-        end
-      end
-
-      context 'when disabling the parent group "Membership lock" (which was already enabled)' do
-        let(:root_group) { create(:group, membership_lock: true) }
-
-        context 'and the subgroup "Membership lock" is enabled' do
-          let(:subgroup) { create(:group, parent: root_group, membership_lock: true) }
-
-          it 'the subgroup "Membership lock" does not change' do
-            root_group.update!(membership_lock: false)
-
-            expect(subgroup.reload.membership_lock).to be_truthy
-          end
-        end
-
-        context 'but the subgroup "Membership lock" is disabled' do
-          let(:subgroup) { create(:group, parent: root_group) }
-
-          it 'the subgroup "Membership lock" does not change' do
-            root_group.update!(membership_lock: false)
-
-            expect(subgroup.reload.membership_lock?).to be_falsey
-          end
-        end
-      end
-    end
-
-    # Note: Group transfers are not yet implemented
-    context 'when a group is transferred into a root group' do
-      context 'when the root group "Membership lock" is enabled' do
-        let(:root_group) { create(:group, membership_lock: true) }
-
-        context 'when the subgroup "Membership lock" is enabled' do
-          let(:subgroup) { create(:group, membership_lock: true) }
-
-          it 'the subgroup "Membership lock" does not change' do
-            subgroup.parent = root_group
-            subgroup.save!
-
-            expect(subgroup.membership_lock).to be_truthy
-          end
-        end
-
-        context 'when the subgroup "Membership lock" is disabled' do
-          let(:subgroup) { create(:group) }
-
-          it 'the subgroup "Membership lock" not changed' do
-            subgroup.parent = root_group
-            subgroup.save!
-
-            expect(subgroup.membership_lock).to be_falsey
-          end
-        end
-      end
-
-      context 'when the root group "Membership lock" is disabled' do
-        let(:root_group) { create(:group) }
-
-        context 'when the subgroup "Membership lock" is enabled' do
-          let(:subgroup) { create(:group, membership_lock: true) }
-
-          it 'the subgroup "Membership lock" does not change' do
-            subgroup.parent = root_group
-            subgroup.save!
-
-            expect(subgroup.membership_lock).to be_truthy
-          end
-        end
-
-        context 'when the subgroup "Membership lock" is disabled' do
-          let(:subgroup) { create(:group) }
-
-          it 'the subgroup "Membership lock" does not change' do
-            subgroup.parent = root_group
-            subgroup.save!
-
-            expect(subgroup.membership_lock).to be_falsey
-          end
-        end
-      end
-    end
-  end
-
  describe '#find_fork_of?' do
    let(:project) { create(:project, :public) }
    let!(:forked_project) { fork_project(project, namespace.owner, namespace: namespace) }

--- a/spec/models/project_feature_spec.rb
+++ b/spec/models/project_feature_spec.rb
@@ -66,15 +66,6 @@ describe ProjectFeature do
          expect(project.feature_available?(:issues, user)).to eq(true)
        end
      end
-
-      it "returns true if user is an auditor" do
-        user.update_attribute(:auditor, true)
-
-        features.each do |feature|
-          project.project_feature.update_attribute("#{feature}_access_level".to_sym, ProjectFeature::PRIVATE)
-          expect(project.feature_available?(:issues, user)).to eq(true)
-        end
-      end
    end

    context 'when feature is enabled for everyone' do

--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
--- a/spec/models/project_team_spec.rb
+++ b/spec/models/project_team_spec.rb
@@ -180,6 +180,21 @@ describe ProjectTeam do
    end
  end

+  describe '#members_in_project_and_ancestors' do
+    context 'group project' do
+      it 'filters out users who are not members of the project' do
+        group = create(:group)
+        project = create(:project, group: group)
+        group_member = create(:group_member, group: group)
+        old_user = create(:user)
+
+        ProjectAuthorization.create!(project: project, user: old_user, access_level: Gitlab::Access::GUEST)
+
+        expect(project.team.members_in_project_and_ancestors).to contain_exactly(group_member.user)
+      end
+    end
+  end
+
  describe '#add_users' do
    let(:user1) { create(:user) }
    let(:user2) { create(:user) }

--- a/spec/models/project_wiki_spec.rb
+++ b/spec/models/project_wiki_spec.rb
-# coding: utf-8
 # frozen_string_literal: true

 require "spec_helper"
@@ -56,14 +55,6 @@ describe ProjectWiki do
    end
  end

-  describe "#kerberos_url_to_repo" do
-    it 'returns valid kerberos url for this repo' do
-      gitlab_kerberos_url = Gitlab.config.build_gitlab_kerberos_url
-      repo_kerberos_url = "#{gitlab_kerberos_url}/#{subject.full_path}.git"
-      expect(subject.kerberos_url_to_repo).to eq(repo_kerberos_url)
-    end
-  end
-
  describe "#wiki_base_path" do
    it "returns the wiki base path" do
      wiki_base_path = "#{Gitlab.config.gitlab.relative_url_root}/#{project.full_path}/wikis"

--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -20,10 +20,6 @@ describe User do

  describe 'delegations' do
    it { is_expected.to delegate_method(:path).to(:namespace).with_prefix }
-
-    # EE
-    it { is_expected.to delegate_method(:shared_runners_minutes_limit).to(:namespace) }
-    it { is_expected.to delegate_method(:shared_runners_minutes_limit=).to(:namespace).with_arguments(133) }
  end

  describe 'associations' do
@@ -44,7 +40,6 @@ describe User do
    it { is_expected.to have_many(:spam_logs).dependent(:destroy) }
    it { is_expected.to have_many(:todos) }
    it { is_expected.to have_many(:award_emoji).dependent(:destroy) }
-    it { is_expected.to have_many(:path_locks).dependent(:destroy) }
    it { is_expected.to have_many(:triggers).dependent(:destroy) }
    it { is_expected.to have_many(:builds).dependent(:nullify) }
    it { is_expected.to have_many(:pipelines).dependent(:nullify) }
@@ -102,10 +97,6 @@ describe User do
    end
  end

-  describe 'nested attributes' do
-    it { is_expected.to respond_to(:namespace_attributes=) }
-  end
-
  describe 'validations' do
    describe 'username' do
      it 'validates presence' do
@@ -388,25 +379,6 @@ describe User do
        end
      end
    end
-
-    it 'does not allow a user to be both an auditor and an admin' do
-      user = build(:user, :admin, :auditor)
-
-      expect(user).to be_invalid
-    end
-  end
-
-  describe "non_ldap" do
-    it "retuns non-ldap user" do
-      described_class.delete_all
-      create :user
-      ldap_user = create :omniauth_user, provider: "ldapmain"
-      create :omniauth_user, provider: "gitlub"
-
-      users = described_class.non_ldap
-      expect(users.count).to eq 2
-      expect(users.detect { |user| user.username == ldap_user.username }).to be_nil
-    end
  end

  describe "scopes" do
@@ -2606,60 +2578,6 @@ describe User do
    end
  end

-  describe 'the GitLab_Auditor_User add-on' do
-    context 'creating an auditor user' do
-      it "does not allow creating an auditor user if the addon isn't enabled" do
-        stub_licensed_features(auditor_user: false)
-
-        expect(build(:user, :auditor)).to be_invalid
-      end
-
-      it "does not allow creating an auditor user if no license is present" do
-        allow(License).to receive(:current).and_return nil
-
-        expect(build(:user, :auditor)).to be_invalid
-      end
-
-      it "allows creating an auditor user if the addon is enabled" do
-        stub_licensed_features(auditor_user: true)
-
-        expect(build(:user, :auditor)).to be_valid
-      end
-
-      it "allows creating a regular user if the addon isn't enabled" do
-        stub_licensed_features(auditor_user: false)
-
-        expect(build(:user)).to be_valid
-      end
-    end
-
-    context '#auditor?' do
-      it "returns true for an auditor user if the addon is enabled" do
-        stub_licensed_features(auditor_user: true)
-
-        expect(build(:user, :auditor)).to be_auditor
-      end
-
-      it "returns false for an auditor user if the addon is not enabled" do
-        stub_licensed_features(auditor_user: false)
-
-        expect(build(:user, :auditor)).not_to be_auditor
-      end
-
-      it "returns false for an auditor user if a license is not present" do
-        stub_licensed_features(auditor_user: false)
-
-        expect(build(:user, :auditor)).not_to be_auditor
-      end
-
-      it "returns false for a non-auditor user even if the addon is present" do
-        stub_licensed_features(auditor_user: true)
-
-        expect(build(:user)).not_to be_auditor
-      end
-    end
-  end
-
  describe '.ghost' do
    it "creates a ghost user if one isn't already present" do
      ghost = described_class.ghost