Add test for permissions check for security and analysis edits (#1)

pkg/cmd/repo/edit/edit.go

@@ -252,7 +252,7 @@ func editRun(ctx context.Context, opts *EditOptions) error {
 		}
 	}
 
-	if hasSecurityEdits(opts.Edits) {
+	if opts.Edits.SecurityAndAnalysis != nil {
 		apiClient := api.NewClientFromHTTP(opts.HTTPClient)
 		repo, err := api.FetchRepository(apiClient, opts.Repository, []string{"viewerCanAdminister"})
 		if err != nil {

pkg/cmd/repo/edit/edit_test.go

@@ -220,6 +220,10 @@ func Test_editRun(t *testing.T) {
 				},
 			},
 			httpStubs: func(t *testing.T, r *httpmock.Registry) {
+				r.Register(
+					httpmock.GraphQL(`query RepositoryInfo\b`),
+					httpmock.StringResponse(`{"data": { "repository": { "viewerCanAdminister": true } } }`))
+
 				r.Register(
 					httpmock.REST("PATCH", "repos/OWNER/REPO"),
 					httpmock.RESTPayload(200, `{}`, func(payload map[string]interface{}) {
@@ -231,6 +235,31 @@ func Test_editRun(t *testing.T) {
 					}))
 			},
 		},
+		{
+			name: "does not have sufficient permissions for security edits",
+			opts: EditOptions{
+				Repository: ghrepo.NewWithHost("OWNER", "REPO", "github.com"),
+				Edits: EditRepositoryInput{
+					SecurityAndAnalysis: &SecurityAndAnalysisInput{
+						EnableAdvancedSecurity: &SecurityAndAnalysisStatus{
+							Status: sp("enabled"),
+						},
+						EnableSecretScanning: &SecurityAndAnalysisStatus{
+							Status: sp("enabled"),
+						},
+						EnableSecretScanningPushProtection: &SecurityAndAnalysisStatus{
+							Status: sp("disabled"),
+						},
+					},
+				},
+			},
+			httpStubs: func(t *testing.T, r *httpmock.Registry) {
+				r.Register(
+					httpmock.GraphQL(`query RepositoryInfo\b`),
+					httpmock.StringResponse(`{"data": { "repository": { "viewerCanAdminister": false } } }`))
+			},
+			wantsErr: "you do not have sufficient permissions to edit repository security and analysis features",
+		},
 	}
 
 	for _, tt := range tests {