Commit 8b830b8c authored by Felipe Artur's avatar Felipe Artur

Fix specs

parent b959ae55
...@@ -969,8 +969,9 @@ class Project < ActiveRecord::Base ...@@ -969,8 +969,9 @@ class Project < ActiveRecord::Base
end end
def visibility_level_allowed?(level = self.visibility_level) def visibility_level_allowed?(level = self.visibility_level)
allowed_by_forks = if forked? allowed_by_forks = if forked? && forked_project_link.forked_from_project_id.present?
Gitlab::VisibilityLevel.allowed_fork_levels(forked_from_project.visibility_level).include?(level) from_project = eager_load_forked_from_project
Gitlab::VisibilityLevel.allowed_fork_levels(from_project.visibility_level).include?(level)
else else
true true
end end
...@@ -980,6 +981,11 @@ class Project < ActiveRecord::Base ...@@ -980,6 +981,11 @@ class Project < ActiveRecord::Base
allowed_by_forks && allowed_by_groups allowed_by_forks && allowed_by_groups
end end
#Necessary to retrieve many-to-many associations on new forks before validating visibility level
def eager_load_forked_from_project
Project.find(forked_project_link.forked_from_project_id)
end
def runners_token def runners_token
ensure_runners_token! ensure_runners_token!
end end
......
...@@ -10,7 +10,10 @@ module Projects ...@@ -10,7 +10,10 @@ module Projects
@project = Project.new(params) @project = Project.new(params)
# Make sure that the user is allowed to use the specified visibility level # Make sure that the user is allowed to use the specified visibility level
return @project unless visibility_level_allowed? unless visibility_level_allowed?
deny_visibility_level(@project)
return @project
end
# Set project name from path # Set project name from path
if @project.name.present? && @project.path.present? if @project.name.present? && @project.path.present?
......
...@@ -38,7 +38,7 @@ module SharedGroup ...@@ -38,7 +38,7 @@ module SharedGroup
def is_member_of(username, groupname, role) def is_member_of(username, groupname, role)
@project_count ||= 0 @project_count ||= 0
user = User.find_by(name: username) || create(:user, name: username) user = User.find_by(name: username) || create(:user, name: username)
group = Group.find_by(name: groupname) || create(:group, name: groupname) group = Group.find_by(name: groupname) || create(:group, name: groupname, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
group.add_user(user, role) group.add_user(user, role)
project ||= create(:project, namespace: group, path: "project#{@project_count}") project ||= create(:project, namespace: group, path: "project#{@project_count}")
create(:closed_issue_event, project: project) create(:closed_issue_event, project: project)
...@@ -47,6 +47,6 @@ module SharedGroup ...@@ -47,6 +47,6 @@ module SharedGroup
end end
def owned_group def owned_group
@owned_group ||= Group.find_by(name: "Owned") @owned_group ||= Group.find_by(name: "Owned", visibility_level: Gitlab::VisibilityLevel::PUBLIC)
end end
end end
...@@ -15,7 +15,7 @@ describe NamespacesController do ...@@ -15,7 +15,7 @@ describe NamespacesController do
end end
context "when the namespace belongs to a group" do context "when the namespace belongs to a group" do
let!(:group) { create(:group) } let!(:group) { create(:group, visibility_level: Gitlab::VisibilityLevel::PUBLIC) }
let!(:project) { create(:project, namespace: group) } let!(:project) { create(:project, namespace: group) }
context "when the group has public projects" do context "when the group has public projects" do
......
...@@ -131,6 +131,7 @@ describe UploadsController do ...@@ -131,6 +131,7 @@ describe UploadsController do
context "when the group has public projects" do context "when the group has public projects" do
before do before do
group.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PUBLIC)
project.update_attribute(:visibility_level, Project::PUBLIC) project.update_attribute(:visibility_level, Project::PUBLIC)
end end
......
...@@ -12,25 +12,25 @@ feature 'Project', feature: true do ...@@ -12,25 +12,25 @@ feature 'Project', feature: true do
it 'parses Markdown' do it 'parses Markdown' do
project.update_attribute(:description, 'This is **my** project') project.update_attribute(:description, 'This is **my** project')
visit path visit path
expect(page).to have_css('.project-home-desc > p > strong') expect(page).to have_css('.cover-title > p > strong')
end end
it 'passes through html-pipeline' do it 'passes through html-pipeline' do
project.update_attribute(:description, 'This project is the :poop:') project.update_attribute(:description, 'This project is the :poop:')
visit path visit path
expect(page).to have_css('.project-home-desc > p > img') expect(page).to have_css('.cover-title > p > img')
end end
it 'sanitizes unwanted tags' do it 'sanitizes unwanted tags' do
project.update_attribute(:description, "```\ncode\n```") project.update_attribute(:description, "```\ncode\n```")
visit path visit path
expect(page).not_to have_css('.project-home-desc code') expect(page).not_to have_css('.cover-title code')
end end
it 'permits `rel` attribute on links' do it 'permits `rel` attribute on links' do
project.update_attribute(:description, 'https://google.com/') project.update_attribute(:description, 'https://google.com/')
visit path visit path
expect(page).to have_css('.project-home-desc a[rel]') expect(page).to have_css('.cover-title a[rel]')
end end
end end
......
...@@ -4,7 +4,7 @@ describe 'Group access', feature: true do ...@@ -4,7 +4,7 @@ describe 'Group access', feature: true do
include AccessMatchers include AccessMatchers
def group def group
@group ||= create(:group) @group ||= create(:group, visibility_level: Gitlab::VisibilityLevel::PUBLIC)
end end
def create_project(access_level) def create_project(access_level)
......
...@@ -3,7 +3,7 @@ require 'spec_helper' ...@@ -3,7 +3,7 @@ require 'spec_helper'
describe ProjectsFinder do describe ProjectsFinder do
describe '#execute' do describe '#execute' do
let(:user) { create(:user) } let(:user) { create(:user) }
let(:group) { create(:group) } let(:group) { create(:group, visibility_level: Gitlab::VisibilityLevel::PUBLIC) }
let!(:private_project) do let!(:private_project) do
create(:project, :private, name: 'A', path: 'A') create(:project, :private, name: 'A', path: 'A')
......
...@@ -3,7 +3,7 @@ require 'spec_helper' ...@@ -3,7 +3,7 @@ require 'spec_helper'
describe SnippetsFinder do describe SnippetsFinder do
let(:user) { create :user } let(:user) { create :user }
let(:user1) { create :user } let(:user1) { create :user }
let(:group) { create :group } let(:group) { create :group, visibility_level: Gitlab::VisibilityLevel::PUBLIC }
let(:project1) { create(:empty_project, :public, group: group) } let(:project1) { create(:empty_project, :public, group: group) }
let(:project2) { create(:empty_project, :private, group: group) } let(:project2) { create(:empty_project, :private, group: group) }
......
...@@ -442,7 +442,7 @@ describe Project, models: true do ...@@ -442,7 +442,7 @@ describe Project, models: true do
end end
describe '.trending' do describe '.trending' do
let(:group) { create(:group) } let(:group) { create(:group, :public) }
let(:project1) { create(:empty_project, :public, group: group) } let(:project1) { create(:empty_project, :public, group: group) }
let(:project2) { create(:empty_project, :public, group: group) } let(:project2) { create(:empty_project, :public, group: group) }
......
...@@ -275,6 +275,7 @@ describe API::API, api: true do ...@@ -275,6 +275,7 @@ describe API::API, api: true do
it 'should not allow a non-admin to use a restricted visibility level' do it 'should not allow a non-admin to use a restricted visibility level' do
post api('/projects', user), @project post api('/projects', user), @project
expect(response.status).to eq(400) expect(response.status).to eq(400)
expect(json_response['message']['visibility_level'].first).to( expect(json_response['message']['visibility_level'].first).to(
match('restricted by your GitLab administrator') match('restricted by your GitLab administrator')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment