diff options
| author | Timothy Andrew <mail@timothyandrew.net> | 2017-07-03 05:14:00 +0000 |
|---|---|---|
| committer | Timothy Andrew <mail@timothyandrew.net> | 2017-07-03 05:14:00 +0000 |
| commit | 96e986327c4dad9248f9013f191119ffafe4a6d8 (patch) | |
| tree | eefcacbaa4c581c320df5bde765cc74bf0204496 | |
| parent | 5dedea358dc3012b4c2a876065c16cf748fbf7ea (diff) | |
| download | gitlab-ce-34141-allow-unauthenticated-access-to-the-users-api.tar.gz | |
Implement review comments for !12445 from @jneen.34141-allow-unauthenticated-access-to-the-users-api
- Fix duplicate `prevent` declaration
- Add spec for `GlobalPolicy`
| -rw-r--r-- | app/policies/global_policy.rb | 1 | ||||
| -rw-r--r-- | spec/policies/global_policy_spec.rb | 34 |
2 files changed, 34 insertions, 1 deletions
diff --git a/app/policies/global_policy.rb b/app/policies/global_policy.rb index 7767d3cccd5..55eefa76d3f 100644 --- a/app/policies/global_policy.rb +++ b/app/policies/global_policy.rb @@ -18,7 +18,6 @@ class GlobalPolicy < BasePolicy prevent :receive_notifications prevent :use_quick_actions prevent :create_group - prevent :log_in end rule { default }.policy do diff --git a/spec/policies/global_policy_spec.rb b/spec/policies/global_policy_spec.rb new file mode 100644 index 00000000000..bb0fa0c0e9c --- /dev/null +++ b/spec/policies/global_policy_spec.rb @@ -0,0 +1,34 @@ +require 'spec_helper' + +describe GlobalPolicy, models: true do + let(:current_user) { create(:user) } + let(:user) { create(:user) } + + subject { GlobalPolicy.new(current_user, [user]) } + + describe "reading the list of users" do + context "for a logged in user" do + it { is_expected.to be_allowed(:read_users_list) } + end + + context "for an anonymous user" do + let(:current_user) { nil } + + context "when the public level is restricted" do + before do + stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC]) + end + + it { is_expected.not_to be_allowed(:read_users_list) } + end + + context "when the public level is not restricted" do + before do + stub_application_setting(restricted_visibility_levels: []) + end + + it { is_expected.to be_allowed(:read_users_list) } + end + end + end +end |