RSpec: Provide a way to stub access level in policies

Problem

In #374088 (closed) we started to flag (with 👮 RSpec/FactoryBot/AvoidCreate) use of create(:factory) in certain type of specs and encourage the use of build_stubbed(:factory).

However, some specs need to assign user access level to projects/groups (via project.add_developer or group.add_maintainer and friends). This makes the use of build_stubbed not possible.

Proposed solution

Find a way to stub calls like project.add_developer to make stubbed user work with policies.

Before

let_it_be(:project) { create(:project) }
let_it_be(:group) { create(:group) }
let_it_be(:maintainer) { create(:user) }
let_it_be(:developer) { create(:user) }

before_all do
  project.add_developer(developer)
  project.add_maintainer(maintainer)
  group.add_developer(developer)
  group.add_developer(maintainer)
end

After

Avoid record creations by using stubs.

let(:project) { build_stubbed(:project) }
let(:group) { build_stubbed(:group) }
let(:maintainer) { build_stubbed(:user) }
let(:developer) { build_stubbed(:user) }

before do
  stub_member_access_level(project, developer: developer, maintainer: maintainer)
  stub_member_access_level(group, developer: developer, maintainer: maintainer)
end

stub_member_access_level stubs:

• project.team.max_member_access if the object is a Project
• group.max_member_access_for_user if the object is a Group

Usage list

Looking up access level in policies happens only in couple of locations:

• parent_namespace.team.max_member_access(@user.id)
• parent_namespace.max_member_access_for_user(@user)
• @subject.max_member_access_for_user(@user)
• project.team.max_member_access(@user.id)