1# frozen_string_literal: true
2
3require 'spec_helper'
4
5RSpec.describe ProjectStatisticsPolicy do
6  using RSpec::Parameterized::TableSyntax
7
8  describe '#rules' do
9    let(:external)   { create(:user, :external) }
10    let(:guest)      { create(:user) }
11    let(:reporter)   { create(:user) }
12    let(:developer)  { create(:user) }
13    let(:maintainer) { create(:user) }
14
15    let(:users) do
16      {
17        unauthenticated: nil,
18        non_member: create(:user),
19        guest: guest,
20        reporter: reporter,
21        developer: developer,
22        maintainer: maintainer
23      }
24    end
25
26    where(:project_type, :user_type, :outcome) do
27      [
28        # Public projects
29        [:public, :unauthenticated, false],
30        [:public, :non_member, false],
31        [:public, :guest, false],
32        [:public, :reporter, true],
33        [:public, :developer, true],
34        [:public, :maintainer, true],
35
36        # Private project
37        [:private, :unauthenticated, false],
38        [:private, :non_member, false],
39        [:private, :guest, false],
40        [:private, :reporter, true],
41        [:private, :developer, true],
42        [:private, :maintainer, true],
43
44        # Internal projects
45        [:internal, :unauthenticated, false],
46        [:internal, :non_member, false],
47        [:internal, :guest, false],
48        [:internal, :reporter, true],
49        [:internal, :developer, true],
50        [:internal, :maintainer, true]
51      ]
52    end
53
54    with_them do
55      let(:user) { users[user_type] }
56      let(:project) { create(:project, visibility_level: Gitlab::VisibilityLevel.level_value(project_type.to_s)) }
57      let(:project_statistics) { create(:project_statistics, project: project) }
58
59      subject { Ability.allowed?(user, :read_statistics, project_statistics) }
60
61      before do
62        project.add_guest(guest)
63        project.add_reporter(reporter)
64        project.add_developer(developer)
65        project.add_maintainer(maintainer)
66      end
67
68      it { is_expected.to eq(outcome) }
69
70      context 'when the user is external' do
71        let(:user) { external }
72
73        before do
74          unless [:unauthenticated, :non_member].include?(user_type)
75            project.add_user(external, user_type)
76          end
77        end
78
79        it { is_expected.to eq(outcome) }
80      end
81    end
82  end
83end
84