Merge branch '35444-error-500-viewing-notes-with-anonymous-user' into 'master'

Resolve "Error 500 viewing notes with anonymous user" Closes #35444 See merge request !13037
author: Robert Speicher <robert@gitlab.com> 2017-07-24 17:17:17 +0000
committer: Robert Speicher <robert@gitlab.com> 2017-07-24 17:17:17 +0000
commit: 3a26bce80eb739ca3f552dfe71e39b9a177eb36e (patch)
tree: 989aecfd60a43b771a4216a3379c44add037e2a4 /spec
parent: 67cbf04884ded7f8d6dda86f4d07d3e72f0740f6 (diff)
parent: ccac2abeba419f16029c40f29063f1812c9e159c (diff)
download: gitlab-ce-3a26bce80eb739ca3f552dfe71e39b9a177eb36e.tar.gz
3 files changed, 26 insertions, 4 deletions
diff --git a/spec/models/ability_spec.rb b/spec/models/ability_spec.rb
index dc7a0d80752..58f1a620ab4 100644
--- a/spec/models/ability_spec.rb
+++ b/spec/models/ability_spec.rb
@@ -98,7 +98,7 @@ describe Ability, lib: true do
         user2 = build(:user, external: true)
         users = [user1, user2]
 
-        expect(project).to receive(:owner).twice.and_return(user1)
+        expect(project).to receive(:owner).at_least(:once).and_return(user1)
 
         expect(described_class.users_that_can_read_project(users, project))
           .to eq([user1])
@@ -109,7 +109,7 @@ describe Ability, lib: true do
         user2 = build(:user, external: true)
         users = [user1, user2]
 
-        expect(project.team).to receive(:members).twice.and_return([user1])
+        expect(project.team).to receive(:members).at_least(:once).and_return([user1])
 
         expect(described_class.users_that_can_read_project(users, project))
           .to eq([user1])
@@ -140,7 +140,7 @@ describe Ability, lib: true do
         user2 = build(:user, external: true)
         users = [user1, user2]
 
-        expect(project).to receive(:owner).twice.and_return(user1)
+        expect(project).to receive(:owner).at_least(:once).and_return(user1)
 
         expect(described_class.users_that_can_read_project(users, project))
           .to eq([user1])
@@ -151,7 +151,7 @@ describe Ability, lib: true do
         user2 = build(:user, external: true)
         users = [user1, user2]
 
-        expect(project.team).to receive(:members).twice.and_return([user1])
+        expect(project.team).to receive(:members).at_least(:once).and_return([user1])
 
         expect(described_class.users_that_can_read_project(users, project))
           .to eq([user1])
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 770176451fe..d8e868265ed 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -236,6 +236,7 @@ describe Group, models: true do
   describe '#has_owner?' do
     before do
       @members = setup_group_members(group)
+      create(:group_member, :invited, :owner, group: group)
     end
 
     it { expect(group.has_owner?(@members[:owner])).to be_truthy }
@@ -244,11 +245,13 @@ describe Group, models: true do
     it { expect(group.has_owner?(@members[:reporter])).to be_falsey }
     it { expect(group.has_owner?(@members[:guest])).to be_falsey }
     it { expect(group.has_owner?(@members[:requester])).to be_falsey }
+    it { expect(group.has_owner?(nil)).to be_falsey }
   end
 
   describe '#has_master?' do
     before do
       @members = setup_group_members(group)
+      create(:group_member, :invited, :master, group: group)
     end
 
     it { expect(group.has_master?(@members[:owner])).to be_falsey }
@@ -257,6 +260,7 @@ describe Group, models: true do
     it { expect(group.has_master?(@members[:reporter])).to be_falsey }
     it { expect(group.has_master?(@members[:guest])).to be_falsey }
     it { expect(group.has_master?(@members[:requester])).to be_falsey }
+    it { expect(group.has_master?(nil)).to be_falsey }
   end
 
   describe '#lfs_enabled?' do
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index 4ed788af811..f244975e597 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -127,6 +127,24 @@ describe ProjectPolicy, models: true do
     end
   end
 
+  context 'when a project has pending invites, and the current user is anonymous' do
+    let(:group) { create(:group, :public) }
+    let(:project) { create(:empty_project, :public, namespace: group) }
+    let(:user_permissions) { [:create_project, :create_issue, :create_note, :upload_file] }
+    let(:anonymous_permissions) { guest_permissions - user_permissions }
+
+    subject { described_class.new(nil, project) }
+
+    before do
+      create(:group_member, :invited, group: group)
+    end
+
+    it 'does not grant owner access' do
+      expect_allowed(*anonymous_permissions)
+      expect_disallowed(*user_permissions)
+    end
+  end
+
   context 'abilities for non-public projects' do
     let(:project) { create(:empty_project, namespace: owner.namespace) }
author	Robert Speicher <robert@gitlab.com>	2017-07-24 17:17:17 +0000
committer	Robert Speicher <robert@gitlab.com>	2017-07-24 17:17:17 +0000
commit	3a26bce80eb739ca3f552dfe71e39b9a177eb36e (patch)
tree	989aecfd60a43b771a4216a3379c44add037e2a4 /spec
parent	67cbf04884ded7f8d6dda86f4d07d3e72f0740f6 (diff)
parent	ccac2abeba419f16029c40f29063f1812c9e159c (diff)
download	gitlab-ce-3a26bce80eb739ca3f552dfe71e39b9a177eb36e.tar.gz