Commit 44e2a3a4 authored by Vitali Tatarintev's avatar Vitali Tatarintev

Add more permission checks to HTTP Integration specs

parent 545f89c0
...@@ -23,7 +23,9 @@ RSpec.describe 'getting Alert Management HTTP Integrations' do ...@@ -23,7 +23,9 @@ RSpec.describe 'getting Alert Management HTTP Integrations' do
end end
let_it_be(:project) { create(:project, :repository) } let_it_be(:project) { create(:project, :repository) }
let_it_be(:current_user) { create(:user) } let_it_be(:maintainer) { create(:user) }
let_it_be(:developer) { create(:user) }
let_it_be(:guest) { create(:user) }
let_it_be(:prometheus_service) { create(:prometheus_service, project: project) } let_it_be(:prometheus_service) { create(:prometheus_service, project: project) }
let_it_be(:project_alerting_setting) { create(:project_alerting_setting, project: project) } let_it_be(:project_alerting_setting) { create(:project_alerting_setting, project: project) }
let_it_be(:inactive_http_integration) { create(:alert_management_http_integration, :inactive, project: project) } let_it_be(:inactive_http_integration) { create(:alert_management_http_integration, :inactive, project: project) }
...@@ -58,11 +60,16 @@ RSpec.describe 'getting Alert Management HTTP Integrations' do ...@@ -58,11 +60,16 @@ RSpec.describe 'getting Alert Management HTTP Integrations' do
stub_feature_flags(multiple_http_integrations_custom_mapping: project) stub_feature_flags(multiple_http_integrations_custom_mapping: project)
end end
before_all do
project.add_developer(developer)
project.add_maintainer(maintainer)
end
context 'with integrations' do context 'with integrations' do
let(:integrations) { graphql_data.dig('project', 'alertManagementHttpIntegrations', 'nodes') } let(:integrations) { graphql_data.dig('project', 'alertManagementHttpIntegrations', 'nodes') }
context 'without project permissions' do context 'without project permissions' do
let(:user) { create(:user) } let(:current_user) { guest }
before do before do
post_graphql(query, current_user: current_user) post_graphql(query, current_user: current_user)
...@@ -73,9 +80,22 @@ RSpec.describe 'getting Alert Management HTTP Integrations' do ...@@ -73,9 +80,22 @@ RSpec.describe 'getting Alert Management HTTP Integrations' do
specify { expect(integrations).to be_nil } specify { expect(integrations).to be_nil }
end end
context 'with project permissions' do context 'with developer permissions' do
let(:current_user) { developer }
before do
post_graphql(query, current_user: current_user)
end
it_behaves_like 'a working graphql query'
specify { expect(integrations).to eq([]) }
end
context 'with maintainer permissions' do
let(:current_user) { maintainer }
before do before do
project.add_maintainer(current_user)
post_graphql(query, current_user: current_user) post_graphql(query, current_user: current_user)
end end
......
...@@ -5,7 +5,9 @@ require 'spec_helper' ...@@ -5,7 +5,9 @@ require 'spec_helper'
RSpec.describe Resolvers::AlertManagement::HttpIntegrationsResolver do RSpec.describe Resolvers::AlertManagement::HttpIntegrationsResolver do
include GraphqlHelpers include GraphqlHelpers
let_it_be(:current_user) { create(:user) } let_it_be(:guest) { create(:user) }
let_it_be(:developer) { create(:user) }
let_it_be(:maintainer) { create(:user) }
let_it_be(:project) { create(:project) } let_it_be(:project) { create(:project) }
let_it_be(:prometheus_integration) { create(:prometheus_service, project: project) } let_it_be(:prometheus_integration) { create(:prometheus_service, project: project) }
let_it_be(:active_http_integration) { create(:alert_management_http_integration, project: project) } let_it_be(:active_http_integration) { create(:alert_management_http_integration, project: project) }
...@@ -14,19 +16,30 @@ RSpec.describe Resolvers::AlertManagement::HttpIntegrationsResolver do ...@@ -14,19 +16,30 @@ RSpec.describe Resolvers::AlertManagement::HttpIntegrationsResolver do
subject { sync(resolve_http_integrations) } subject { sync(resolve_http_integrations) }
before do
project.add_developer(developer)
project.add_maintainer(maintainer)
end
specify do specify do
expect(described_class).to have_nullable_graphql_type(Types::AlertManagement::HttpIntegrationType.connection_type) expect(described_class).to have_nullable_graphql_type(Types::AlertManagement::HttpIntegrationType.connection_type)
end end
context 'user does not have permission' do context 'user does not have permission' do
let(:current_user) { guest }
it { is_expected.to be_empty } it { is_expected.to be_empty }
end end
context 'user has permission' do context 'user has developer permission' do
before do let(:current_user) { developer }
project.add_maintainer(current_user)
it { is_expected.to be_empty }
end end
context 'user has maintainer permission' do
let(:current_user) { maintainer }
it { is_expected.to contain_exactly(active_http_integration) } it { is_expected.to contain_exactly(active_http_integration) }
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment