diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-12 18:07:54 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-12 18:07:54 +0000 |
| commit | 742a7f35acd8cf2150bf322e4b385ea104d74a05 (patch) | |
| tree | 3ca173ce1fa5549f49bc41fc9c52142d616bd943 /spec/controllers/graphql_controller_spec.rb | |
| parent | 8ff63012e9b7e3dc2279e636868af9a438d1fa93 (diff) | |
| download | gitlab-ce-742a7f35acd8cf2150bf322e4b385ea104d74a05.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/controllers/graphql_controller_spec.rb')
| -rw-r--r-- | spec/controllers/graphql_controller_spec.rb | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/spec/controllers/graphql_controller_spec.rb b/spec/controllers/graphql_controller_spec.rb index 06a949471a7..fcfda61f0dd 100644 --- a/spec/controllers/graphql_controller_spec.rb +++ b/spec/controllers/graphql_controller_spec.rb @@ -3,6 +3,8 @@ require 'spec_helper' describe GraphqlController do + include GraphqlHelpers + before do stub_feature_flags(graphql: true) end @@ -64,4 +66,52 @@ describe GraphqlController do end end end + + describe 'Admin Mode' do + let(:admin) { create(:admin) } + let(:project) { create(:project) } + let(:graphql_query) { graphql_query_for('project', { 'fullPath' => project.full_path }, %w(id name)) } + + before do + sign_in(admin) + end + + context 'when admin mode enabled' do + before do + Gitlab::Session.with_session(controller.session) do + controller.current_user_mode.request_admin_mode! + controller.current_user_mode.enable_admin_mode!(password: admin.password) + end + end + + it 'can query project data' do + post :execute, params: { query: graphql_query } + + expect(controller.current_user_mode.admin_mode?).to be(true) + expect(json_response['data']['project']['name']).to eq(project.name) + end + end + + context 'when admin mode disabled' do + it 'cannot query project data' do + post :execute, params: { query: graphql_query } + + expect(controller.current_user_mode.admin_mode?).to be(false) + expect(json_response['data']['project']).to be_nil + end + + context 'when admin is member of the project' do + before do + project.add_developer(admin) + end + + it 'can query project data' do + post :execute, params: { query: graphql_query } + + expect(controller.current_user_mode.admin_mode?).to be(false) + expect(json_response['data']['project']['name']).to eq(project.name) + end + end + end + end end |