Add improvements to the global search process

Removed the conditions added to Project.with_feature_available_for_user, and moved to the IssuableFinder. Now, we ensure that, in the projects retrieved in the Finder, the user has enough access for the feature.
author: Francisco Javier López <fjlopez@gitlab.com> 2019-05-07 11:08:25 +0000
committer: James Lopez <james@gitlab.com> 2019-05-07 11:08:25 +0000
commit: 68e533dc219be27f3485d2335e70aa61a193dabb (patch)
tree: f26b2a94b515469839f8498e18698f3782187260 /spec
parent: 0910dfb9d6eb9748b6ca24e10a3382a6515615e5 (diff)
download: gitlab-ce-68e533dc219be27f3485d2335e70aa61a193dabb.tar.gz
5 files changed, 80 insertions, 38 deletions
diff --git a/spec/factories/projects.rb b/spec/factories/projects.rb
index ab185ab3972..743ec322885 100644
--- a/spec/factories/projects.rb
+++ b/spec/factories/projects.rb
@@ -260,6 +260,7 @@ FactoryBot.define do
     trait(:merge_requests_enabled)  { merge_requests_access_level ProjectFeature::ENABLED }
     trait(:merge_requests_disabled) { merge_requests_access_level ProjectFeature::DISABLED }
     trait(:merge_requests_private)  { merge_requests_access_level ProjectFeature::PRIVATE }
+    trait(:merge_requests_public)   { merge_requests_access_level ProjectFeature::PUBLIC }
     trait(:repository_enabled)      { repository_access_level ProjectFeature::ENABLED }
     trait(:repository_disabled)     { repository_access_level ProjectFeature::DISABLED }
     trait(:repository_private)      { repository_access_level ProjectFeature::PRIVATE }
diff --git a/spec/finders/issues_finder_spec.rb b/spec/finders/issues_finder_spec.rb
index 6a47cd013f8..89fdaceaa9f 100644
--- a/spec/finders/issues_finder_spec.rb
+++ b/spec/finders/issues_finder_spec.rb
@@ -641,9 +641,7 @@ describe IssuesFinder do
         end
 
         it 'filters by confidentiality' do
-          expect(Issue).to receive(:where).with(a_string_matching('confidential'), anything)
-
-          subject
+          expect(subject.to_sql).to match("issues.confidential")
         end
       end
 
@@ -660,9 +658,7 @@ describe IssuesFinder do
         end
 
         it 'filters by confidentiality' do
-          expect(Issue).to receive(:where).with(a_string_matching('confidential'), anything)
-
-          subject
+          expect(subject.to_sql).to match("issues.confidential")
         end
       end
 
diff --git a/spec/finders/merge_requests_finder_spec.rb b/spec/finders/merge_requests_finder_spec.rb
index 117f4a03735..da5e9dab058 100644
--- a/spec/finders/merge_requests_finder_spec.rb
+++ b/spec/finders/merge_requests_finder_spec.rb
@@ -31,7 +31,7 @@ describe MergeRequestsFinder do
       end
 
       context 'filtering by group' do
-        it 'includes all merge requests when user has access exceluding merge requests from projects the user does not have access to' do
+        it 'includes all merge requests when user has access excluding merge requests from projects the user does not have access to' do
           private_project = allow_gitaly_n_plus_1 { create(:project, :private, group: group) }
           private_project.add_guest(user)
           create(:merge_request, :simple, author: user, source_project: private_project, target_project: private_project)
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index bb0257e7456..2a17bd6002e 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -3164,61 +3164,105 @@ describe Project do
   end
 
   describe '.with_feature_available_for_user' do
-    let!(:user) { create(:user) }
-    let!(:feature) { MergeRequest }
-    let!(:project) { create(:project, :public, :merge_requests_enabled) }
+    let(:user) { create(:user) }
+    let(:feature) { MergeRequest }
 
     subject { described_class.with_feature_available_for_user(feature, user) }
 
-    context 'when user has access to project' do
-      subject { described_class.with_feature_available_for_user(feature, user) }
+    shared_examples 'feature disabled' do
+      let(:project) { create(:project, :public, :merge_requests_disabled) }
+
+      it 'does not return projects with the project feature disabled' do
+        is_expected.not_to include(project)
+      end
+    end
+
+    shared_examples 'feature public' do
+      let(:project) { create(:project, :public, :merge_requests_public) }
+
+      it 'returns projects with the project feature public' do
+        is_expected.to include(project)
+      end
+    end
+
+    shared_examples 'feature enabled' do
+      let(:project) { create(:project, :public, :merge_requests_enabled) }
+
+      it 'returns projects with the project feature enabled' do
+        is_expected.to include(project)
+      end
+    end
+
+    shared_examples 'feature access level is nil' do
+      let(:project) { create(:project, :public) }
+
+      it 'returns projects with the project feature access level nil' do
+        project.project_feature.update(merge_requests_access_level: nil)
+
+        is_expected.to include(project)
+      end
+    end
 
+    context 'with user' do
       before do
         project.add_guest(user)
       end
 
-      context 'when public project' do
-        context 'when feature is public' do
-          it 'returns project' do
-            is_expected.to include(project)
+      it_behaves_like 'feature disabled'
+      it_behaves_like 'feature public'
+      it_behaves_like 'feature enabled'
+      it_behaves_like 'feature access level is nil'
+
+      context 'when feature is private' do
+        let(:project) { create(:project, :public, :merge_requests_private) }
+
+        context 'when user does not has access to the feature' do
+          it 'does not return projects with the project feature private' do
+            is_expected.not_to include(project)
           end
         end
 
-        context 'when feature is private' do
-          let!(:project) { create(:project, :public, :merge_requests_private) }
-
-          it 'returns project when user has access to the feature' do
-            project.add_maintainer(user)
+        context 'when user has access to the feature' do
+          it 'returns projects with the project feature private' do
+            project.add_reporter(user)
 
             is_expected.to include(project)
           end
-
-          it 'does not return project when user does not have the minimum access level required' do
-            is_expected.not_to include(project)
-          end
         end
       end
+    end
 
-      context 'when private project' do
-        let!(:project) { create(:project) }
+    context 'user is an admin' do
+      let(:user) { create(:user, :admin) }
 
-        it 'returns project when user has access to the feature' do
-          project.add_maintainer(user)
+      it_behaves_like 'feature disabled'
+      it_behaves_like 'feature public'
+      it_behaves_like 'feature enabled'
+      it_behaves_like 'feature access level is nil'
 
-          is_expected.to include(project)
-        end
+      context 'when feature is private' do
+        let(:project) { create(:project, :public, :merge_requests_private) }
 
-        it 'does not return project when user does not have the minimum access level required' do
-          is_expected.not_to include(project)
+        it 'returns projects with the project feature private' do
+          is_expected.to include(project)
         end
       end
     end
 
-    context 'when user does not have access to project' do
-      let!(:project) { create(:project) }
+    context 'without user' do
+      let(:user) { nil }
 
-      it 'does not return project when user cant access project' do
-        is_expected.not_to include(project)
+      it_behaves_like 'feature disabled'
+      it_behaves_like 'feature public'
+      it_behaves_like 'feature enabled'
+      it_behaves_like 'feature access level is nil'
+
+      context 'when feature is private' do
+        let(:project) { create(:project, :public, :merge_requests_private) }
+
+        it 'does not return projects with the project feature private' do
+          is_expected.not_to include(project)
+        end
       end
     end
   end
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index 577f61ae8d0..16d306f39cd 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -504,8 +504,9 @@ describe API::Projects do
           project4.add_reporter(user2)
         end
 
-        it 'returns an array of groups the user has at least developer access' do
+        it 'returns an array of projects the user has at least developer access' do
           get api('/projects', user2), params: { min_access_level: 30 }
+
           expect(response).to have_gitlab_http_status(200)
           expect(response).to include_pagination_headers
           expect(json_response).to be_an Array
author	Francisco Javier López <fjlopez@gitlab.com>	2019-05-07 11:08:25 +0000
committer	James Lopez <james@gitlab.com>	2019-05-07 11:08:25 +0000
commit	68e533dc219be27f3485d2335e70aa61a193dabb (patch)
tree	f26b2a94b515469839f8498e18698f3782187260 /spec
parent	0910dfb9d6eb9748b6ca24e10a3382a6515615e5 (diff)
download	gitlab-ce-68e533dc219be27f3485d2335e70aa61a193dabb.tar.gz