Merge branch 'clean-up-access-error-graphql-specs-238959' into 'master'

Clean up GraphQL access error specs with shared example

See merge request gitlab-org/gitlab!40053

ee/spec/requests/api/graphql/mutations/clusters/agents/create_spec.rb

@@ -21,9 +21,7 @@ RSpec.describe 'Create a new cluster agent' do
   end
 
   context 'without project permissions' do
-    it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ['The resource that you are attempting to access does not exist '\
-               'or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
 
     it 'does not create cluster agent' do
       expect { post_graphql_mutation(mutation, current_user: current_user) }.not_to change(Clusters::Agent, :count)

ee/spec/requests/api/graphql/mutations/epics/add_issue_spec.rb

@@ -18,9 +18,7 @@ RSpec.describe 'Add an issue to an Epic' do
   end
 
   shared_examples 'mutation without access' do
-    it_behaves_like 'a mutation that returns top-level errors',
-      errors: ['The resource that you are attempting to access does not exist '\
-        'or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
 
     it 'does not add issue to the epic' do
       post_graphql_mutation(mutation, current_user: current_user)

ee/spec/requests/api/graphql/mutations/epics/create_spec.rb

@@ -35,9 +35,7 @@ RSpec.describe 'Creating an Epic' do
       stub_licensed_features(epics: true)
     end
 
-    it_behaves_like 'a mutation that returns top-level errors',
-      errors: ['The resource that you are attempting to access does not exist '\
-               'or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
 
     it 'does not create epic' do
       expect { post_graphql_mutation(mutation, current_user: current_user) }.not_to change(Epic, :count)

ee/spec/requests/api/graphql/mutations/epics/set_subscription_spec.rb

@@ -21,9 +21,7 @@ RSpec.describe 'Set an Epic Subscription' do
   end
 
   context 'when epics feature is disabled' do
-    it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ['The resource that you are attempting to access does not exist '\
-               'or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
 
     it 'does not subscribe user to the epic' do
       post_graphql_mutation(mutation, current_user: current_user)

ee/spec/requests/api/graphql/mutations/epics/update_spec.rb

@@ -39,9 +39,7 @@ RSpec.describe Mutations::Epics::Update do
       stub_licensed_features(epics: true)
     end
 
-    it_behaves_like 'a mutation that returns top-level errors',
-      errors: ['The resource that you are attempting to access does not exist '\
-               'or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
 
     it 'does not update the epic' do
       post_graphql_mutation(mutation, current_user: current_user)

ee/spec/requests/api/graphql/mutations/iterations/create_spec.rb

@@ -38,9 +38,7 @@ RSpec.describe 'Creating an Iteration' do
       stub_licensed_features(iterations: true)
     end
 
-    it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ['The resource that you are attempting to access does not exist '\
-               'or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
 
     it 'does not create iteration' do
       expect { post_graphql_mutation(mutation, current_user: current_user) }.not_to change(Iteration, :count)

ee/spec/requests/api/graphql/mutations/iterations/update_spec.rb

@@ -36,9 +36,7 @@ RSpec.describe 'Updating an Iteration' do
       group.add_guest(current_user)
     end
 
-    it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ['The resource that you are attempting to access does not exist '\
-               'or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
 
     it 'does not update iteration' do
       expect { post_graphql_mutation(mutation, current_user: current_user) }.not_to change(iteration, :title)

ee/spec/requests/api/graphql/mutations/requirements_management/create_requirement_spec.rb

@@ -24,9 +24,7 @@ RSpec.describe 'Creating a Requirement' do
       stub_licensed_features(requirements: true)
     end
 
-    it_behaves_like 'a mutation that returns top-level errors',
-      errors: ['The resource that you are attempting to access does not exist '\
-               'or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
 
     it 'does not create requirement' do
       expect { post_graphql_mutation(mutation, current_user: current_user) }.not_to change(RequirementsManagement::Requirement, :count)

ee/spec/requests/api/graphql/mutations/requirements_management/update_requirement_spec.rb

@@ -17,9 +17,7 @@ RSpec.describe 'Updating a Requirement' do
   end
 
   shared_examples 'requirement update fails' do
-    it_behaves_like 'a mutation that returns top-level errors',
-      errors: ['The resource that you are attempting to access does not exist '\
-               'or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
 
     it 'does not update requirement' do
       expect do

spec/requests/api/graphql/mutations/award_emojis/add_spec.rb

@@ -32,9 +32,7 @@ RSpec.describe 'Adding an AwardEmoji' do
 
   context 'when the user does not have permission' do
     it_behaves_like 'a mutation that does not create an AwardEmoji'
-
-    it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ['The resource that you are attempting to access does not exist or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
   end
 
   context 'when the user has permission' do

spec/requests/api/graphql/mutations/award_emojis/remove_spec.rb

@@ -33,9 +33,7 @@ RSpec.describe 'Removing an AwardEmoji' do
 
   shared_examples 'a mutation that does not authorize the user' do
     it_behaves_like 'a mutation that does not destroy an AwardEmoji'
-
-    it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ['The resource that you are attempting to access does not exist or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
   end
 
   context 'when the current_user does not own the award emoji' do

spec/requests/api/graphql/mutations/award_emojis/toggle_spec.rb

@@ -143,8 +143,6 @@ RSpec.describe 'Toggling an AwardEmoji' do
 
   context 'when the user does not have permission' do
     it_behaves_like 'a mutation that does not create or destroy an AwardEmoji'
-
-    it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ['The resource that you are attempting to access does not exist or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
   end
 end

spec/requests/api/graphql/mutations/boards/lists/update_spec.rb

@@ -15,8 +15,7 @@ RSpec.describe 'Update of an existing board list' do
   let(:mutation_response) { graphql_mutation_response(:update_board_list) }
 
   context 'the user is not allowed to read board lists' do
-    it_behaves_like 'a mutation that returns top-level errors',
-      errors: ['The resource that you are attempting to access does not exist or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
   end
 
   before do

spec/requests/api/graphql/mutations/branches/create_spec.rb

@@ -15,8 +15,7 @@ RSpec.describe 'Creation of a new branch' do
   let(:mutation_response) { graphql_mutation_response(:create_branch) }
 
   context 'the user is not allowed to create a branch' do
-    it_behaves_like 'a mutation that returns top-level errors',
-      errors: ['The resource that you are attempting to access does not exist or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
   end
 
   context 'when user has permissions to create a branch' do

spec/requests/api/graphql/mutations/commits/create_spec.rb

@@ -24,8 +24,7 @@ RSpec.describe 'Creation of a new commit' do
   let(:mutation_response) { graphql_mutation_response(:commit_create) }
 
   context 'the user is not allowed to create a commit' do
-    it_behaves_like 'a mutation that returns top-level errors',
-      errors: ['The resource that you are attempting to access does not exist or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
   end
 
   context 'when user has permissions to create a commit' do

spec/requests/api/graphql/mutations/discussions/toggle_resolve_spec.rb

@@ -20,8 +20,7 @@ RSpec.describe 'Toggling the resolve status of a discussion' do
   context 'when the user does not have permission' do
     let_it_be(:current_user) { create(:user) }
 
-    it_behaves_like 'a mutation that returns top-level errors',
-      errors: ["The resource that you are attempting to access does not exist or you don't have permission to perform this action"]
+    it_behaves_like 'a mutation that returns a top-level access error'
   end
 
   context 'when user has permission' do

spec/requests/api/graphql/mutations/issues/set_locked_spec.rb

@@ -32,12 +32,7 @@ RSpec.describe 'Setting an issue as locked' do
   end
 
   context 'when the user is not allowed to update the issue' do
-    it 'returns an error' do
-      error = "The resource that you are attempting to access does not exist or you don't have permission to perform this action"
-      post_graphql_mutation(mutation, current_user: current_user)
-
-      expect(graphql_errors).to include(a_hash_including('message' => error))
-    end
+    it_behaves_like 'a mutation that returns a top-level access error'
   end
 
   context 'when user is allowed to update the issue' do

spec/requests/api/graphql/mutations/issues/update_spec.rb

@@ -20,8 +20,7 @@ RSpec.describe 'Update of an existing issue' do
   let(:mutation_response) { graphql_mutation_response(:update_issue) }
 
   context 'the user is not allowed to update issue' do
-    it_behaves_like 'a mutation that returns top-level errors',
-      errors: ['The resource that you are attempting to access does not exist or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
   end
 
   context 'when user has permissions to update issue' do

spec/requests/api/graphql/mutations/merge_requests/create_spec.rb

@@ -24,8 +24,7 @@ RSpec.describe 'Creation of a new merge request' do
   let(:mutation_response) { graphql_mutation_response(:merge_request_create) }
 
   context 'the user is not allowed to create a branch' do
-    it_behaves_like 'a mutation that returns top-level errors',
-      errors: ['The resource that you are attempting to access does not exist or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
   end
 
   context 'when user has permissions to create a merge request' do

spec/requests/api/graphql/mutations/notes/destroy_spec.rb

@@ -21,8 +21,7 @@ RSpec.describe 'Destroying a Note' do
   context 'when the user does not have permission' do
     let(:current_user) { create(:user) }
 
-    it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ['The resource that you are attempting to access does not exist or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
 
     it 'does not destroy the Note' do
       expect do

spec/requests/api/graphql/mutations/notes/update/image_diff_note_spec.rb

@@ -59,8 +59,7 @@ RSpec.describe 'Updating an image DiffNote' do
   context 'when the user does not have permission' do
     let_it_be(:current_user) { create(:user) }
 
-    it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ['The resource that you are attempting to access does not exist or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
 
     it 'does not update the DiffNote' do
       post_graphql_mutation(mutation, current_user: current_user)

spec/requests/api/graphql/mutations/notes/update/note_spec.rb

@@ -22,8 +22,7 @@ RSpec.describe 'Updating a Note' do
   context 'when the user does not have permission' do
     let_it_be(:current_user) { create(:user) }
 
-    it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ['The resource that you are attempting to access does not exist or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
 
     it 'does not update the Note' do
       post_graphql_mutation(mutation, current_user: current_user)

spec/requests/api/graphql/mutations/todos/mark_all_done_spec.rb

@@ -59,7 +59,6 @@ RSpec.describe 'Marking all todos done' do
   context 'when user is not logged in' do
     let(:current_user) { nil }
 
-    it_behaves_like 'a mutation that returns top-level errors',
-                    errors: ['The resource that you are attempting to access does not exist or you don\'t have permission to perform this action']
+    it_behaves_like 'a mutation that returns a top-level access error'
   end
 end

spec/requests/api/graphql/mutations/todos/mark_done_spec.rb

@@ -63,14 +63,11 @@ RSpec.describe 'Marking todos done' do
 
   context 'when todo does not belong to requesting user' do
     let(:input) { { id: other_user_todo.to_global_id.to_s } }
-    let(:access_error) { 'The resource that you are attempting to access does not exist or you don\'t have permission to perform this action' }
 
-    it 'contains the expected error' do
-      post_graphql_mutation(mutation, current_user: current_user)
+    it_behaves_like 'a mutation that returns a top-level access error'
 
-      errors = json_response['errors']
-      expect(errors).not_to be_blank
-      expect(errors.first['message']).to eq(access_error)
+    it 'results in the correct todo states' do
+      post_graphql_mutation(mutation, current_user: current_user)
 
       expect(todo1.reload.state).to eq('pending')
       expect(todo2.reload.state).to eq('done')

spec/requests/api/graphql/mutations/todos/restore_spec.rb

@@ -63,14 +63,11 @@ RSpec.describe 'Restoring Todos' do
 
   context 'when todo does not belong to requesting user' do
     let(:input) { { id: other_user_todo.to_global_id.to_s } }
-    let(:access_error) { 'The resource that you are attempting to access does not exist or you don\'t have permission to perform this action' }
 
-    it 'contains the expected error' do
-      post_graphql_mutation(mutation, current_user: current_user)
+    it_behaves_like 'a mutation that returns a top-level access error'
 
-      errors = json_response['errors']
-      expect(errors).not_to be_blank
-      expect(errors.first['message']).to eq(access_error)
+    it 'results in the correct todo states' do
+      post_graphql_mutation(mutation, current_user: current_user)
 
       expect(todo1.reload.state).to eq('done')
       expect(todo2.reload.state).to eq('pending')