Improve spec

spec/controllers/projects/jobs_controller_spec.rb

@@ -422,7 +422,7 @@ describe Projects::JobsController do
         let(:triggered_by) { create(:user) }
 
         it 'does not have successful status' do
-          expect(response).to have_gitlab_http_status(:not_found)
+          expect(response).not_to have_gitlab_http_status(:found)
         end
       end
     end

spec/policies/ci/build_policy_spec.rb

@@ -152,7 +152,7 @@ describe Ci::BuildPolicy do
     end
 
     describe 'rules for erase build' do
-      let(:project) { create(:project) }
+      let(:project) { create(:project, :repository) }
       let(:build) { create(:ci_build, pipeline: pipeline, ref: 'some-ref', user: owner) }
 
       context 'when a developer erases a build' do
@@ -162,7 +162,7 @@ describe Ci::BuildPolicy do
 
         context 'when developers can push to the branch' do
           before do
-            create(:protected_branch, :developers_can_merge,
+            create(:protected_branch, :developers_can_push,
                    name: build.ref, project: project)
           end
 
@@ -183,7 +183,7 @@ describe Ci::BuildPolicy do
           let(:owner) { user }
 
           before do
-            create(:protected_branch, :no_one_can_push,
+            create(:protected_branch, :no_one_can_push, :no_one_can_merge,
                    name: build.ref, project: project)
           end
 
@@ -196,6 +196,12 @@ describe Ci::BuildPolicy do
           project.add_master(user)
         end
 
+        context 'when masters can push to the branch' do
+          before do
+            create(:protected_branch, :masters_can_push,
+                   name: build.ref, project: project)
+          end
+
           context 'when the build was created by the master' do
             let(:owner) { user }
 
@@ -208,6 +214,18 @@ describe Ci::BuildPolicy do
             it { expect(policy).to be_allowed :erase_build }
           end
         end
+
+        context 'when no one can push or merge to the branch' do
+          let(:owner) { user }
+
+          before do
+            create(:protected_branch, :no_one_can_push, :no_one_can_merge,
+                   name: build.ref, project: project)
+          end
+
+          it { expect(policy).to be_disallowed :erase_build }
+        end
+      end
     end
   end
 end

spec/requests/api/jobs_spec.rb

@@ -500,6 +500,7 @@ describe API::Jobs do
   end
 
   describe 'POST /projects/:id/jobs/:job_id/erase' do
+    context 'when a master erases a build' do
       before do
         project.add_master(user)
 
@@ -533,6 +534,29 @@ describe API::Jobs do
       end
     end
 
+    context 'when a developer erases a build' do
+      before do
+        project.add_developer(user)
+
+        post api("/projects/#{project.id}/jobs/#{job.id}/erase", user)
+      end
+
+      let(:job) { create(:ci_build, :trace, :artifacts, :success, project: project, pipeline: pipeline, user: owner) }
+
+      context 'when the build was created by the developer' do
+        let(:owner) { user }
+
+        it { expect(response).to have_gitlab_http_status(201) }
+      end
+
+      context 'when the build was created by the other' do
+        let(:owner) { create(:user) }
+
+        it { expect(response).to have_gitlab_http_status(403) }
+      end
+    end
+  end
+
   describe 'POST /projects/:id/jobs/:job_id/artifacts/keep' do
     before do
       post api("/projects/#{project.id}/jobs/#{job.id}/artifacts/keep", user)