diff options
author | Mark Chao <mchao@gitlab.com> | 2018-06-05 14:43:03 +0900 |
---|---|---|
committer | Mark Chao <mchao@gitlab.com> | 2018-06-22 10:23:58 +0800 |
commit | 3df573636551fd6b366f3b95b1d7c98b3306ab2c (patch) | |
tree | 79b9fd7fb2d7d7888a0a770264c403519c3f9037 | |
parent | 4faea77c59f65fc9ac0a6e32690e1f4a16f3f0b0 (diff) | |
download | gitlab-ce-3df573636551fd6b366f3b95b1d7c98b3306ab2c.tar.gz |
deploy_token_policy
-rw-r--r-- | app/policies/deploy_token_policy.rb | 4 | ||||
-rw-r--r-- | app/policies/group_policy.rb | 4 | ||||
-rw-r--r-- | app/policies/project_policy.rb | 8 | ||||
-rw-r--r-- | spec/policies/deploy_token_policy_spec.rb | 8 | ||||
-rw-r--r-- | spec/policies/group_policy_spec.rb | 42 | ||||
-rw-r--r-- | spec/policies/project_policy_spec.rb | 30 |
6 files changed, 48 insertions, 48 deletions
diff --git a/app/policies/deploy_token_policy.rb b/app/policies/deploy_token_policy.rb index 93a31ad6407..d1b459cfc90 100644 --- a/app/policies/deploy_token_policy.rb +++ b/app/policies/deploy_token_policy.rb @@ -1,10 +1,10 @@ class DeployTokenPolicy < BasePolicy with_options scope: :subject, score: 0 - condition(:master) { @subject.project.team.maintainer?(@user) } + condition(:maintainer) { @subject.project.team.maintainer?(@user) } rule { anonymous }.prevent_all - rule { master }.policy do + rule { maintainer }.policy do enable :create_deploy_token enable :update_deploy_token end diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb index ab6d6805ce4..e4758ff2781 100644 --- a/app/policies/group_policy.rb +++ b/app/policies/group_policy.rb @@ -11,7 +11,7 @@ class GroupPolicy < BasePolicy condition(:guest) { access_level >= GroupMember::GUEST } condition(:developer) { access_level >= GroupMember::DEVELOPER } condition(:owner) { access_level >= GroupMember::OWNER } - condition(:master) { access_level >= GroupMember::MAINTAINER } + condition(:maintainer) { access_level >= GroupMember::MAINTAINER } condition(:reporter) { access_level >= GroupMember::REPORTER } condition(:nested_groups_supported, scope: :global) { Group.supports_nested_groups? } @@ -59,7 +59,7 @@ class GroupPolicy < BasePolicy enable :admin_issue end - rule { master }.policy do + rule { maintainer }.policy do enable :create_projects enable :admin_pipeline enable :admin_build diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb index ef0b23e3377..bc49092633f 100644 --- a/app/policies/project_policy.rb +++ b/app/policies/project_policy.rb @@ -46,7 +46,7 @@ class ProjectPolicy < BasePolicy condition(:developer) { team_access_level >= Gitlab::Access::DEVELOPER } desc "User has maintainer access" - condition(:master) { team_access_level >= Gitlab::Access::MAINTAINER } + condition(:maintainer) { team_access_level >= Gitlab::Access::MAINTAINER } desc "Project is public" condition(:public_project, scope: :subject, score: 0) { project.public? } @@ -123,14 +123,14 @@ class ProjectPolicy < BasePolicy rule { guest }.enable :guest_access rule { reporter }.enable :reporter_access rule { developer }.enable :developer_access - rule { master }.enable :master_access + rule { maintainer }.enable :maintainer_access rule { owner | admin }.enable :owner_access rule { can?(:owner_access) }.policy do enable :guest_access enable :reporter_access enable :developer_access - enable :master_access + enable :maintainer_access enable :change_namespace enable :change_visibility_level @@ -228,7 +228,7 @@ class ProjectPolicy < BasePolicy enable :create_deployment end - rule { can?(:master_access) }.policy do + rule { can?(:maintainer_access) }.policy do enable :push_to_delete_protected_branch enable :update_project_snippet enable :update_environment diff --git a/spec/policies/deploy_token_policy_spec.rb b/spec/policies/deploy_token_policy_spec.rb index 1ff391f277c..cef5a4a22bc 100644 --- a/spec/policies/deploy_token_policy_spec.rb +++ b/spec/policies/deploy_token_policy_spec.rb @@ -8,7 +8,7 @@ describe DeployTokenPolicy do subject { described_class.new(current_user, deploy_token) } describe 'creating a deploy key' do - context 'when user is master' do + context 'when user is maintainer' do before do project.add_maintainer(current_user) end @@ -16,7 +16,7 @@ describe DeployTokenPolicy do it { is_expected.to be_allowed(:create_deploy_token) } end - context 'when user is not master' do + context 'when user is not maintainer' do before do project.add_developer(current_user) end @@ -26,7 +26,7 @@ describe DeployTokenPolicy do end describe 'updating a deploy key' do - context 'when user is master' do + context 'when user is maintainer' do before do project.add_maintainer(current_user) end @@ -34,7 +34,7 @@ describe DeployTokenPolicy do it { is_expected.to be_allowed(:update_deploy_token) } end - context 'when user is not master' do + context 'when user is not maintainer' do before do project.add_developer(current_user) end diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb index 6509fb8b89b..f7777f3f23c 100644 --- a/spec/policies/group_policy_spec.rb +++ b/spec/policies/group_policy_spec.rb @@ -4,7 +4,7 @@ describe GroupPolicy do let(:guest) { create(:user) } let(:reporter) { create(:user) } let(:developer) { create(:user) } - let(:master) { create(:user) } + let(:maintainer) { create(:user) } let(:owner) { create(:user) } let(:admin) { create(:admin) } let(:group) { create(:group, :private) } @@ -15,7 +15,7 @@ describe GroupPolicy do let(:developer_permissions) { [:admin_milestones] } - let(:master_permissions) do + let(:maintainer_permissions) do [ :create_projects ] @@ -35,7 +35,7 @@ describe GroupPolicy do group.add_guest(guest) group.add_reporter(reporter) group.add_developer(developer) - group.add_maintainer(master) + group.add_maintainer(maintainer) group.add_owner(owner) end @@ -58,7 +58,7 @@ describe GroupPolicy do expect_disallowed(:upload_file) expect_disallowed(*reporter_permissions) expect_disallowed(*developer_permissions) - expect_disallowed(*master_permissions) + expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) expect_disallowed(:read_namespace) end @@ -93,7 +93,7 @@ describe GroupPolicy do expect_allowed(*guest_permissions) expect_disallowed(*reporter_permissions) expect_disallowed(*developer_permissions) - expect_disallowed(*master_permissions) + expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end end @@ -105,7 +105,7 @@ describe GroupPolicy do expect_allowed(*guest_permissions) expect_allowed(*reporter_permissions) expect_disallowed(*developer_permissions) - expect_disallowed(*master_permissions) + expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end end @@ -117,19 +117,19 @@ describe GroupPolicy do expect_allowed(*guest_permissions) expect_allowed(*reporter_permissions) expect_allowed(*developer_permissions) - expect_disallowed(*master_permissions) + expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end end - context 'master' do - let(:current_user) { master } + context 'maintainer' do + let(:current_user) { maintainer } it do expect_allowed(*guest_permissions) expect_allowed(*reporter_permissions) expect_allowed(*developer_permissions) - expect_allowed(*master_permissions) + expect_allowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end end @@ -143,7 +143,7 @@ describe GroupPolicy do expect_allowed(*guest_permissions) expect_allowed(*reporter_permissions) expect_allowed(*developer_permissions) - expect_allowed(*master_permissions) + expect_allowed(*maintainer_permissions) expect_allowed(*owner_permissions) end end @@ -157,7 +157,7 @@ describe GroupPolicy do expect_allowed(*guest_permissions) expect_allowed(*reporter_permissions) expect_allowed(*developer_permissions) - expect_allowed(*master_permissions) + expect_allowed(*maintainer_permissions) expect_allowed(*owner_permissions) end end @@ -199,7 +199,7 @@ describe GroupPolicy do nested_group.add_guest(guest) nested_group.add_guest(reporter) nested_group.add_guest(developer) - nested_group.add_guest(master) + nested_group.add_guest(maintainer) group.owners.destroy_all @@ -216,7 +216,7 @@ describe GroupPolicy do expect_disallowed(*guest_permissions) expect_disallowed(*reporter_permissions) expect_disallowed(*developer_permissions) - expect_disallowed(*master_permissions) + expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end end @@ -228,7 +228,7 @@ describe GroupPolicy do expect_allowed(*guest_permissions) expect_disallowed(*reporter_permissions) expect_disallowed(*developer_permissions) - expect_disallowed(*master_permissions) + expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end end @@ -240,7 +240,7 @@ describe GroupPolicy do expect_allowed(*guest_permissions) expect_allowed(*reporter_permissions) expect_disallowed(*developer_permissions) - expect_disallowed(*master_permissions) + expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end end @@ -252,19 +252,19 @@ describe GroupPolicy do expect_allowed(*guest_permissions) expect_allowed(*reporter_permissions) expect_allowed(*developer_permissions) - expect_disallowed(*master_permissions) + expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end end - context 'master' do - let(:current_user) { master } + context 'maintainer' do + let(:current_user) { maintainer } it do expect_allowed(*guest_permissions) expect_allowed(*reporter_permissions) expect_allowed(*developer_permissions) - expect_allowed(*master_permissions) + expect_allowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end end @@ -278,7 +278,7 @@ describe GroupPolicy do expect_allowed(*guest_permissions) expect_allowed(*reporter_permissions) expect_allowed(*developer_permissions) - expect_allowed(*master_permissions) + expect_allowed(*maintainer_permissions) expect_allowed(*owner_permissions) end end diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb index 18eb394ed55..dd3fa4e6a51 100644 --- a/spec/policies/project_policy_spec.rb +++ b/spec/policies/project_policy_spec.rb @@ -4,7 +4,7 @@ describe ProjectPolicy do set(:guest) { create(:user) } set(:reporter) { create(:user) } set(:developer) { create(:user) } - set(:master) { create(:user) } + set(:maintainer) { create(:user) } set(:owner) { create(:user) } set(:admin) { create(:admin) } let(:project) { create(:project, :public, namespace: owner.namespace) } @@ -42,7 +42,7 @@ describe ProjectPolicy do ] end - let(:base_master_permissions) do + let(:base_maintainer_permissions) do %i[ push_to_delete_protected_branch update_project_snippet update_environment update_deployment admin_project_snippet @@ -70,15 +70,15 @@ describe ProjectPolicy do # Used in EE specs let(:additional_guest_permissions) { [] } let(:additional_reporter_permissions) { [] } - let(:additional_master_permissions) { [] } + let(:additional_maintainer_permissions) { [] } let(:guest_permissions) { base_guest_permissions + additional_guest_permissions } let(:reporter_permissions) { base_reporter_permissions + additional_reporter_permissions } - let(:master_permissions) { base_master_permissions + additional_master_permissions } + let(:maintainer_permissions) { base_maintainer_permissions + additional_maintainer_permissions } before do project.add_guest(guest) - project.add_maintainer(master) + project.add_maintainer(maintainer) project.add_developer(developer) project.add_reporter(reporter) end @@ -276,7 +276,7 @@ describe ProjectPolicy do expect_disallowed(*reporter_public_build_permissions) expect_disallowed(*team_member_reporter_permissions) expect_disallowed(*developer_permissions) - expect_disallowed(*master_permissions) + expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end @@ -326,7 +326,7 @@ describe ProjectPolicy do expect_allowed(*reporter_permissions) expect_allowed(*team_member_reporter_permissions) expect_disallowed(*developer_permissions) - expect_disallowed(*master_permissions) + expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end @@ -347,7 +347,7 @@ describe ProjectPolicy do expect_allowed(*reporter_permissions) expect_allowed(*team_member_reporter_permissions) expect_allowed(*developer_permissions) - expect_disallowed(*master_permissions) + expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end @@ -357,23 +357,23 @@ describe ProjectPolicy do end end - shared_examples 'project policies as master' do + shared_examples 'project policies as maintainer' do context 'abilities for non-public projects' do let(:project) { create(:project, namespace: owner.namespace) } - subject { described_class.new(master, project) } + subject { described_class.new(maintainer, project) } it do expect_allowed(*guest_permissions) expect_allowed(*reporter_permissions) expect_allowed(*team_member_reporter_permissions) expect_allowed(*developer_permissions) - expect_allowed(*master_permissions) + expect_allowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end it_behaves_like 'archived project policies' do - let(:regular_abilities) { master_permissions } + let(:regular_abilities) { maintainer_permissions } end end end @@ -389,7 +389,7 @@ describe ProjectPolicy do expect_allowed(*reporter_permissions) expect_allowed(*team_member_reporter_permissions) expect_allowed(*developer_permissions) - expect_allowed(*master_permissions) + expect_allowed(*maintainer_permissions) expect_allowed(*owner_permissions) end @@ -410,7 +410,7 @@ describe ProjectPolicy do expect_allowed(*reporter_permissions) expect_disallowed(*team_member_reporter_permissions) expect_allowed(*developer_permissions) - expect_allowed(*master_permissions) + expect_allowed(*maintainer_permissions) expect_allowed(*owner_permissions) end @@ -424,7 +424,7 @@ describe ProjectPolicy do it_behaves_like 'project policies as guest' it_behaves_like 'project policies as reporter' it_behaves_like 'project policies as developer' - it_behaves_like 'project policies as master' + it_behaves_like 'project policies as maintainer' it_behaves_like 'project policies as owner' it_behaves_like 'project policies as admin' |