diff options
| -rw-r--r-- | app/controllers/projects/snippets_controller.rb | 7 | ||||
| -rw-r--r-- | app/controllers/snippets_controller.rb | 42 | ||||
| -rw-r--r-- | app/finders/snippets_finder.rb | 61 | ||||
| -rw-r--r-- | app/helpers/visibility_level_helper.rb | 17 | ||||
| -rw-r--r-- | app/models/project_team.rb | 4 | ||||
| -rw-r--r-- | app/models/snippet.rb | 16 | ||||
| -rw-r--r-- | app/views/shared/snippets/_form.html.haml | 18 | ||||
| -rw-r--r-- | app/views/shared/snippets/_visibility_level.html.haml | 27 | ||||
| -rw-r--r-- | app/views/snippets/current_user_index.html.haml | 5 | ||||
| -rw-r--r-- | app/views/snippets/index.html.haml | 10 | ||||
| -rw-r--r-- | app/views/snippets/user_index.html.haml | 5 | ||||
| -rw-r--r-- | db/migrate/20141007100818_add_visibility_level_to_snippet.rb | 21 | ||||
| -rw-r--r-- | db/schema.rb | 7 | ||||
| -rw-r--r-- | features/snippets/discover.feature | 2 | ||||
| -rw-r--r-- | features/snippets/user.feature | 13 | ||||
| -rw-r--r-- | features/steps/shared/snippet.rb | 16 | ||||
| -rw-r--r-- | features/steps/snippets/discover.rb | 4 | ||||
| -rw-r--r-- | features/steps/snippets/user.rb | 14 | ||||
| -rw-r--r-- | spec/finders/snippets_finder_spec.rb | 94 | ||||
| -rw-r--r-- | spec/models/project_team_spec.rb | 4 | 
20 files changed, 332 insertions, 55 deletions
| diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb index cba058fe214..9d5dd8a95cc 100644 --- a/app/controllers/projects/snippets_controller.rb +++ b/app/controllers/projects/snippets_controller.rb @@ -17,7 +17,10 @@ class Projects::SnippetsController < Projects::ApplicationController    respond_to :html    def index -    @snippets = @project.snippets.fresh.non_expired +    @snippets = SnippetsFinder.new.execute(current_user, { +      filter: :by_project, +      project: @project +    })    end    def new @@ -88,6 +91,6 @@ class Projects::SnippetsController < Projects::ApplicationController    end    def snippet_params -    params.require(:project_snippet).permit(:title, :content, :file_name, :private) +    params.require(:project_snippet).permit(:title, :content, :file_name, :private, :visibility_level)    end  end diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb index 5904dbbceda..30fb4c5552d 100644 --- a/app/controllers/snippets_controller.rb +++ b/app/controllers/snippets_controller.rb @@ -9,12 +9,14 @@ class SnippetsController < ApplicationController    before_filter :set_title +  skip_before_filter :authenticate_user!, only: [:index, :user_index] +    respond_to :html -  layout 'navless' +  layout :determine_layout    def index -    @snippets = Snippet.are_internal.fresh.non_expired.page(params[:page]).per(20) +    @snippets = SnippetsFinder.new.execute(current_user, filter: :all).page(params[:page]).per(20)    end    def user_index @@ -22,22 +24,11 @@ class SnippetsController < ApplicationController      render_404 and return unless @user -    @snippets = @user.snippets.fresh.non_expired - -    if @user == current_user -      @snippets = case params[:scope] -                  when 'are_internal' then -                    @snippets.are_internal -                  when 'are_private' then -                    @snippets.are_private -                  else -                    @snippets -                  end -    else -      @snippets = @snippets.are_internal -    end - -    @snippets = @snippets.page(params[:page]).per(20) +    @snippets = SnippetsFinder.new.execute(current_user, { +      filter: :by_user, +      user: @user, +      scope: params[:scope]}). +    page(params[:page]).per(20)      if @user == current_user        render 'current_user_index' @@ -95,7 +86,14 @@ class SnippetsController < ApplicationController    protected    def snippet -    @snippet ||= PersonalSnippet.where('author_id = :user_id or private is false', user_id: current_user.id).find(params[:id]) +    @snippet ||= if current_user +                   PersonalSnippet.where("author_id = ? OR visibility_level IN (?)", +                     current_user.id, +                     [Snippet::PUBLIC, Snippet::INTERNAL]). +                     find(params[:id]) +                 else +                   PersonalSnippet.are_public.find(params[:id]) +                 end    end    def authorize_modify_snippet! @@ -111,6 +109,10 @@ class SnippetsController < ApplicationController    end    def snippet_params -    params.require(:personal_snippet).permit(:title, :content, :file_name, :private) +    params.require(:personal_snippet).permit(:title, :content, :file_name, :private, :visibility_level) +  end + +  def determine_layout +    current_user ? 'navless' : 'public_users'    end  end diff --git a/app/finders/snippets_finder.rb b/app/finders/snippets_finder.rb new file mode 100644 index 00000000000..fda375aca2f --- /dev/null +++ b/app/finders/snippets_finder.rb @@ -0,0 +1,61 @@ +class SnippetsFinder +  def execute(current_user, params = {}) +    filter = params[:filter] + +    case filter +    when :all then +      snippets(current_user).fresh.non_expired +    when :by_user then +      by_user(current_user, params[:user], params[:scope]) +    when :by_project +      by_project(current_user, params[:project]) +    end +  end + +  private + +  def snippets(current_user) +    if current_user +      Snippet.public_and_internal +    else +      # Not authenticated +      # +      # Return only: +      #   public snippets +      Snippet.are_public +    end +  end + +  def by_user(current_user, user, scope) +    snippets = user.snippets.fresh.non_expired + +    if user == current_user +      snippets = case scope +                 when 'are_internal' then +                   snippets.are_internal +                 when 'are_private' then +                   snippets.are_private +                 when 'are_public' then +                   snippets.are_public +                 else +                   snippets +                 end +    else +      snippets = snippets.public_and_internal +    end +  end + +  def by_project(current_user, project) +    snippets = project.snippets.fresh.non_expired + +    if current_user +      if project.team.member?(current_user.id) +        snippets +      else +        snippets.public_and_internal +      end +    else +      snippets.are_public +    end +  end +end diff --git a/app/helpers/visibility_level_helper.rb b/app/helpers/visibility_level_helper.rb index 8b83b8ff640..deb9c8b4d49 100644 --- a/app/helpers/visibility_level_helper.rb +++ b/app/helpers/visibility_level_helper.rb @@ -28,6 +28,23 @@ module VisibilityLevelHelper      end    end +  def snippet_visibility_level_description(level) +    capture_haml do +      haml_tag :span do +        case level +        when Gitlab::VisibilityLevel::PRIVATE +          haml_concat "The snippet is visible only for me" +        when Gitlab::VisibilityLevel::INTERNAL +          haml_concat "The snippet is visible for any logged in user." +        when Gitlab::VisibilityLevel::PUBLIC +          haml_concat "The snippet can be accessed" +          haml_concat "without any" +          haml_concat "authentication." +        end +      end +    end +  end +    def visibility_level_icon(level)      case level      when Gitlab::VisibilityLevel::PRIVATE diff --git a/app/models/project_team.rb b/app/models/project_team.rb index e065554d3b8..657ee23ae23 100644 --- a/app/models/project_team.rb +++ b/app/models/project_team.rb @@ -133,6 +133,10 @@ class ProjectTeam      max_tm_access(user.id) == Gitlab::Access::MASTER    end +  def member?(user_id) +    !!find_tm(user_id) +  end +    def max_tm_access(user_id)      access = []      access << project.project_members.find_by(user_id: user_id).try(:access_field) diff --git a/app/models/snippet.rb b/app/models/snippet.rb index addde2d106a..974c239da5c 100644 --- a/app/models/snippet.rb +++ b/app/models/snippet.rb @@ -17,8 +17,9 @@  class Snippet < ActiveRecord::Base    include Linguist::BlobHelper +  include Gitlab::VisibilityLevel -  default_value_for :private, true +  default_value_for :visibility_level, Snippet::PRIVATE    belongs_to :author, class_name: "User" @@ -30,10 +31,13 @@ class Snippet < ActiveRecord::Base    validates :title, presence: true, length: { within: 0..255 }    validates :file_name, presence: true, length: { within: 0..255 }    validates :content, presence: true +  validates :visibility_level, inclusion: { in: Gitlab::VisibilityLevel.values }    # Scopes -  scope :are_internal,  -> { where(private: false) } -  scope :are_private, -> { where(private: true) } +  scope :are_internal,  -> { where(visibility_level: Snippet::INTERNAL) } +  scope :are_private, -> { where(visibility_level: Snippet::PRIVATE) } +  scope :are_public, -> { where(visibility_level: Snippet::PUBLIC) } +  scope :public_and_internal, -> { where(visibility_level: [Snippet::PUBLIC, Snippet::INTERNAL]) }    scope :fresh,   -> { order("created_at DESC") }    scope :expired, -> { where(["expires_at IS NOT NULL AND expires_at < ?", Time.current]) }    scope :non_expired, -> { where(["expires_at IS NULL OR expires_at > ?", Time.current]) } @@ -66,6 +70,10 @@ class Snippet < ActiveRecord::Base      expires_at && expires_at < Time.current    end +  def visibility_level_field +    visibility_level +  end  +    class << self      def search(query)        where('(title LIKE :query OR file_name LIKE :query)', query: "%#{query}%") @@ -76,7 +84,7 @@ class Snippet < ActiveRecord::Base      end      def accessible_to(user) -      where('private = ? OR author_id = ?', false, user) +      where('visibility_level IN (?) OR author_id = ?', [Snippet::INTERNAL, Snippet::PUBLIC], user)      end    end  end diff --git a/app/views/shared/snippets/_form.html.haml b/app/views/shared/snippets/_form.html.haml index f4d74045f77..f729f129e45 100644 --- a/app/views/shared/snippets/_form.html.haml +++ b/app/views/shared/snippets/_form.html.haml @@ -10,22 +10,8 @@        = f.label :title, class: 'control-label'        .col-sm-10= f.text_field :title, placeholder: "Example Snippet", class: 'form-control', required: true -    - unless @snippet.respond_to?(:project) -      .form-group -        = f.label "Access", class: 'control-label' -        .col-sm-10 -          = f.label :private_true, class: 'radio-label' do -            = f.radio_button :private, true -            %span -              %strong Private -              (only you can see this snippet) -          %br -          = f.label :private_false, class: 'radio-label' do -            = f.radio_button :private, false -            %span -              %strong Internal -              (GitLab users can see this snippet) - +    = render "shared/snippets/visibility_level", f: f, visibility_level: gitlab_config.default_projects_features.visibility_level, can_change_visibility_level: true +          .form-group        .file-editor          = f.label :file_name, "File", class: 'control-label' diff --git a/app/views/shared/snippets/_visibility_level.html.haml b/app/views/shared/snippets/_visibility_level.html.haml new file mode 100644 index 00000000000..9acff18e450 --- /dev/null +++ b/app/views/shared/snippets/_visibility_level.html.haml @@ -0,0 +1,27 @@ +.form-group.project-visibility-level-holder +  = f.label :visibility_level, class: 'control-label' do +    Visibility Level +    = link_to "(?)", help_page_path("public_access", "public_access") +  .col-sm-10 +    - if can_change_visibility_level +      - Gitlab::VisibilityLevel.values.each do |level| +        .radio +          - restricted = restricted_visibility_levels.include?(level) +          = f.radio_button :visibility_level, level, disabled: restricted +          = label "#{dom_class(@snippet)}_visibility_level", level do +            = visibility_level_icon(level) +            .option-title +              = visibility_level_label(level) +            .option-descr +              = snippet_visibility_level_description(level) +      - unless restricted_visibility_levels.empty? +        .col-sm-10 +          %span.info +            Some visibility level settings have been restricted by the administrator. +    - else +      .col-sm-10 +        %span.info +          = visibility_level_icon(visibility_level) +          %strong +            = visibility_level_label(visibility_level) +          .light= visibility_level_description(visibility_level) diff --git a/app/views/snippets/current_user_index.html.haml b/app/views/snippets/current_user_index.html.haml index 14b5b072ec2..b2b7ea4df0e 100644 --- a/app/views/snippets/current_user_index.html.haml +++ b/app/views/snippets/current_user_index.html.haml @@ -28,6 +28,11 @@            Internal            %span.pull-right              = @user.snippets.are_internal.count +      = nav_tab :scope, 'are_public' do +        = link_to user_snippets_path(@user, scope: 'are_public') do +          Public +          %span.pull-right +            = @user.snippets.are_public.count    .col-md-9.my-snippets      = render 'snippets' diff --git a/app/views/snippets/index.html.haml b/app/views/snippets/index.html.haml index cea2517a8e1..0d71c41e2e7 100644 --- a/app/views/snippets/index.html.haml +++ b/app/views/snippets/index.html.haml @@ -2,10 +2,12 @@    Public snippets    .pull-right -    = link_to new_snippet_path, class: "btn btn-new btn-grouped", title: "New Snippet" do -      Add new snippet -    = link_to user_snippets_path(current_user), class: "btn btn-grouped"  do -      My snippets +     +    - if current_user +      = link_to new_snippet_path, class: "btn btn-new btn-grouped", title: "New Snippet" do +        Add new snippet +      = link_to user_snippets_path(current_user), class: "btn btn-grouped"  do +        My snippets  %p.light    Public snippets created by you and other users are listed here diff --git a/app/views/snippets/user_index.html.haml b/app/views/snippets/user_index.html.haml index 1cb53ec6a25..67f3a68aa22 100644 --- a/app/views/snippets/user_index.html.haml +++ b/app/views/snippets/user_index.html.haml @@ -4,8 +4,9 @@    %span      \/      Snippets -  = link_to new_snippet_path, class: "btn btn-small add_new pull-right", title: "New Snippet" do -    Add new snippet +  - if current_user +    = link_to new_snippet_path, class: "btn btn-small add_new pull-right", title: "New Snippet" do +      Add new snippet  %hr diff --git a/db/migrate/20141007100818_add_visibility_level_to_snippet.rb b/db/migrate/20141007100818_add_visibility_level_to_snippet.rb new file mode 100644 index 00000000000..7f125acb5d1 --- /dev/null +++ b/db/migrate/20141007100818_add_visibility_level_to_snippet.rb @@ -0,0 +1,21 @@ +class AddVisibilityLevelToSnippet < ActiveRecord::Migration +  def up +    add_column :snippets, :visibility_level, :integer, :default => 0, :null => false + +    Snippet.where(private: true).update_all(visibility_level: Gitlab::VisibilityLevel::PRIVATE) +    Snippet.where(private: false).update_all(visibility_level: Gitlab::VisibilityLevel::INTERNAL) + +    add_index :snippets, :visibility_level + +    remove_column :snippets, :private +  end + +  def down +    add_column :snippets, :private, :boolean, :default => false, :null => false +     +    Snippet.where(visibility_level: Gitlab::VisibilityLevel::INTERNAL).update_all(private: false) +    Snippet.where(visibility_level: Gitlab::VisibilityLevel::PRIVATE).update_all(private: true) +     +    remove_column :snippets, :visibility_level +  end +end diff --git a/db/schema.rb b/db/schema.rb index 84fd1256677..8ddebc5132a 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@  #  # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20141006143943) do +ActiveRecord::Schema.define(version: 20141007100818) do    # These are extensions that must be enabled in order to support this database    enable_extension "plpgsql" @@ -293,20 +293,21 @@ ActiveRecord::Schema.define(version: 20141006143943) do    create_table "snippets", force: true do |t|      t.string   "title"      t.text     "content" -    t.integer  "author_id",                 null: false +    t.integer  "author_id",                    null: false      t.integer  "project_id"      t.datetime "created_at"      t.datetime "updated_at"      t.string   "file_name"      t.datetime "expires_at" -    t.boolean  "private",    default: true, null: false      t.string   "type" +    t.integer  "visibility_level", default: 0, null: false    end    add_index "snippets", ["author_id"], name: "index_snippets_on_author_id", using: :btree    add_index "snippets", ["created_at"], name: "index_snippets_on_created_at", using: :btree    add_index "snippets", ["expires_at"], name: "index_snippets_on_expires_at", using: :btree    add_index "snippets", ["project_id"], name: "index_snippets_on_project_id", using: :btree +  add_index "snippets", ["visibility_level"], name: "index_snippets_on_visibility_level", using: :btree    create_table "taggings", force: true do |t|      t.integer  "tag_id" diff --git a/features/snippets/discover.feature b/features/snippets/discover.feature index 5094062c8c3..1a7e132ea25 100644 --- a/features/snippets/discover.feature +++ b/features/snippets/discover.feature @@ -4,8 +4,10 @@ Feature: Snippets Discover      Given I sign in as a user      And I have public "Personal snippet one" snippet      And I have private "Personal snippet private" snippet +    And I have internal "Personal snippet internal" snippet    Scenario: I should see snippets      Given I visit snippets page      Then I should see "Personal snippet one" in snippets +    And I should see "Personal snippet internal" in snippets      And I should not see "Personal snippet private" in snippets diff --git a/features/snippets/user.feature b/features/snippets/user.feature index ae34e8e7ffa..5b5dadb7b39 100644 --- a/features/snippets/user.feature +++ b/features/snippets/user.feature @@ -4,20 +4,31 @@ Feature: Snippets User      Given I sign in as a user      And I have public "Personal snippet one" snippet      And I have private "Personal snippet private" snippet +    And I have internal "Personal snippet internal" snippet    Scenario: I should see all my snippets      Given I visit my snippets page      Then I should see "Personal snippet one" in snippets      And I should see "Personal snippet private" in snippets +    And I should see "Personal snippet internal" in snippets    Scenario: I can see only my private snippets      Given I visit my snippets page      And I click "Private" filter      Then I should not see "Personal snippet one" in snippets +    And I should not see "Personal snippet internal" in snippets      And I should see "Personal snippet private" in snippets    Scenario: I can see only my public snippets      Given I visit my snippets page -    And I click "Internal" filter +    And I click "Public" filter      Then I should see "Personal snippet one" in snippets      And I should not see "Personal snippet private" in snippets +    And I should not see "Personal snippet internal" in snippets + +  Scenario: I can see only my internal snippets +    Given I visit my snippets page +    And I click "Internal" filter +    Then I should see "Personal snippet internal" in snippets +    And I should not see "Personal snippet private" in snippets +    And I should not see "Personal snippet one" in snippets diff --git a/features/steps/shared/snippet.rb b/features/steps/shared/snippet.rb index 5a27e8750cf..432f32defce 100644 --- a/features/steps/shared/snippet.rb +++ b/features/steps/shared/snippet.rb @@ -6,7 +6,7 @@ module SharedSnippet             title: "Personal snippet one",             content: "Test content",             file_name: "snippet.rb", -           private: false, +           visibility_level: Snippet::PUBLIC,             author: current_user)    end @@ -15,9 +15,19 @@ module SharedSnippet             title: "Personal snippet private",             content: "Provate content",             file_name: "private_snippet.rb", -           private: true, +           visibility_level: Snippet::PRIVATE,             author: current_user)    end +   +  step 'I have internal "Personal snippet internal" snippet' do +    create(:personal_snippet, +           title: "Personal snippet internal", +           content: "Provate content", +           file_name: "internal_snippet.rb", +           visibility_level: Snippet::INTERNAL, +           author: current_user) +  end +      step 'I have a public many lined snippet' do      create(:personal_snippet,             title: 'Many lined snippet', @@ -38,7 +48,7 @@ module SharedSnippet               |line fourteen             END             file_name: 'many_lined_snippet.rb', -           private: true, +           visibility_level: Snippet::PUBLIC,             author: current_user)    end  end diff --git a/features/steps/snippets/discover.rb b/features/steps/snippets/discover.rb index 42bccafcc84..2667c1e3d44 100644 --- a/features/steps/snippets/discover.rb +++ b/features/steps/snippets/discover.rb @@ -7,6 +7,10 @@ class Spinach::Features::SnippetsDiscover < Spinach::FeatureSteps      page.should have_content "Personal snippet one"    end +  step 'I should see "Personal snippet internal" in snippets' do +    page.should have_content "Personal snippet internal" +  end +    step 'I should not see "Personal snippet private" in snippets' do      page.should_not have_content "Personal snippet private"    end diff --git a/features/steps/snippets/user.rb b/features/steps/snippets/user.rb index c41bc436142..866f637ab6c 100644 --- a/features/steps/snippets/user.rb +++ b/features/steps/snippets/user.rb @@ -15,6 +15,10 @@ class Spinach::Features::SnippetsUser < Spinach::FeatureSteps      page.should have_content "Personal snippet private"    end +  step 'I should see "Personal snippet internal" in snippets' do +    page.should have_content "Personal snippet internal" +  end +    step 'I should not see "Personal snippet one" in snippets' do      page.should_not have_content "Personal snippet one"    end @@ -23,6 +27,10 @@ class Spinach::Features::SnippetsUser < Spinach::FeatureSteps      page.should_not have_content "Personal snippet private"    end +  step 'I should not see "Personal snippet internal" in snippets' do +    page.should_not have_content "Personal snippet internal" +  end +    step 'I click "Internal" filter' do      within('.nav-stacked') do        click_link "Internal" @@ -35,6 +43,12 @@ class Spinach::Features::SnippetsUser < Spinach::FeatureSteps      end    end +  step 'I click "Public" filter' do +    within('.nav-stacked') do +      click_link "Public" +    end +  end +    def snippet      @snippet ||= PersonalSnippet.find_by!(title: "Personal snippet one")    end diff --git a/spec/finders/snippets_finder_spec.rb b/spec/finders/snippets_finder_spec.rb new file mode 100644 index 00000000000..5af76968183 --- /dev/null +++ b/spec/finders/snippets_finder_spec.rb @@ -0,0 +1,94 @@ +require 'spec_helper' + +describe SnippetsFinder do +  let(:user) { create :user } +  let(:user1) { create :user } +  let(:group) { create :group } + +  let(:project1) { create(:empty_project, :public,   group: group) } +  let(:project2) { create(:empty_project, :private,  group: group) } +   + +  context ':all filter' do +    before do +      @snippet1 = create(:personal_snippet, visibility_level: Snippet::PRIVATE) +      @snippet2 = create(:personal_snippet, visibility_level: Snippet::INTERNAL) +      @snippet3 = create(:personal_snippet, visibility_level: Snippet::PUBLIC) +    end + +    it "returns all private and internal snippets" do +      snippets = SnippetsFinder.new.execute(user, filter: :all) +      snippets.should include(@snippet2, @snippet3) +      snippets.should_not include(@snippet1) +    end + +    it "returns all public snippets" do +      snippets = SnippetsFinder.new.execute(nil, filter: :all) +      snippets.should include(@snippet3) +      snippets.should_not include(@snippet1, @snippet2) +    end +  end + +  context ':by_user filter' do +    before do +      @snippet1 = create(:personal_snippet, visibility_level: Snippet::PRIVATE, author: user) +      @snippet2 = create(:personal_snippet, visibility_level: Snippet::INTERNAL, author: user) +      @snippet3 = create(:personal_snippet, visibility_level: Snippet::PUBLIC, author: user) +    end + +    it "returns all public and internal snippets" do +      snippets = SnippetsFinder.new.execute(user1, filter: :by_user, user: user) +      snippets.should include(@snippet2, @snippet3) +      snippets.should_not include(@snippet1) +    end + +    it "returns internal snippets" do +      snippets = SnippetsFinder.new.execute(user, filter: :by_user, user: user, scope: "are_internal") +      snippets.should include(@snippet2) +      snippets.should_not include(@snippet1, @snippet3) +    end + +    it "returns private snippets" do +      snippets = SnippetsFinder.new.execute(user, filter: :by_user, user: user, scope: "are_private") +      snippets.should include(@snippet1) +      snippets.should_not include(@snippet2, @snippet3) +    end + +    it "returns public snippets" do +      snippets = SnippetsFinder.new.execute(user, filter: :by_user, user: user, scope: "are_public") +      snippets.should include(@snippet3) +      snippets.should_not include(@snippet1, @snippet2) +    end + +    it "returns all snippets" do +      snippets = SnippetsFinder.new.execute(user, filter: :by_user, user: user) +      snippets.should include(@snippet1, @snippet2, @snippet3) +    end +  end + +  context 'by_project filter' do +    before do +      @snippet1 = create(:project_snippet, visibility_level: Snippet::PRIVATE, project: project1) +      @snippet2 = create(:project_snippet, visibility_level: Snippet::INTERNAL, project: project1) +      @snippet3 = create(:project_snippet, visibility_level: Snippet::PUBLIC, project: project1) +    end + +    it "returns public snippets for unauthorized user" do +      snippets = SnippetsFinder.new.execute(nil, filter: :by_project, project: project1) +      snippets.should include(@snippet3) +      snippets.should_not include(@snippet1, @snippet2) +    end + +    it "returns public and internal snippets for none project members" do +      snippets = SnippetsFinder.new.execute(user, filter: :by_project, project: project1) +      snippets.should include(@snippet2, @snippet3) +      snippets.should_not include(@snippet1) +    end + +    it "returns all snippets for project members" do +      project1.team << [user, :developer]  +      snippets = SnippetsFinder.new.execute(user, filter: :by_project, project: project1) +      snippets.should include(@snippet1, @snippet2, @snippet3) +    end +  end +end diff --git a/spec/models/project_team_spec.rb b/spec/models/project_team_spec.rb index 34c1a686c96..bbf50b654f4 100644 --- a/spec/models/project_team_spec.rb +++ b/spec/models/project_team_spec.rb @@ -27,6 +27,8 @@ describe ProjectTeam do        it { project.team.master?(guest).should be_false }        it { project.team.master?(reporter).should be_false }        it { project.team.master?(nonmember).should be_false } +      it { project.team.member?(nonmember).should be_false } +      it { project.team.member?(guest).should be_true }      end    end @@ -60,6 +62,8 @@ describe ProjectTeam do        it { project.team.master?(guest).should be_true }        it { project.team.master?(reporter).should be_false }        it { project.team.master?(nonmember).should be_false } +      it { project.team.member?(nonmember).should be_false } +      it { project.team.member?(guest).should be_true }      end    end  end | 
