diff options
author | Matija Čupić <matteeyah@gmail.com> | 2018-12-07 17:01:31 +0100 |
---|---|---|
committer | Matija Čupić <matteeyah@gmail.com> | 2018-12-07 17:07:58 +0100 |
commit | 6ad56a229f0eb2c97cfdbe6722d2f154d989918e (patch) | |
tree | a703e0330c34eb32fbaea24645782b9db55d2bf0 | |
parent | c2f72ad8a2ff02e310c1f3420342d10bec211277 (diff) | |
download | gitlab-ce-6ad56a229f0eb2c97cfdbe6722d2f154d989918e.tar.gz |
Add specs for TriggerVariableEntity
-rw-r--r-- | app/serializers/trigger_variable_entity.rb | 2 | ||||
-rw-r--r-- | spec/serializers/trigger_variable_entity_spec.rb | 48 |
2 files changed, 49 insertions, 1 deletions
diff --git a/app/serializers/trigger_variable_entity.rb b/app/serializers/trigger_variable_entity.rb index 8845540cc30..4b28db42e76 100644 --- a/app/serializers/trigger_variable_entity.rb +++ b/app/serializers/trigger_variable_entity.rb @@ -4,5 +4,5 @@ class TriggerVariableEntity < Grape::Entity include RequestAwareEntity expose :key, :public - expose :value, if: ->(_, _) { request.project.team.maintainer?(request.current_user) } + expose :value, if: ->(_, _) { can?(request.current_user, :admin_build, request.project) } end diff --git a/spec/serializers/trigger_variable_entity_spec.rb b/spec/serializers/trigger_variable_entity_spec.rb new file mode 100644 index 00000000000..198b3de4f3e --- /dev/null +++ b/spec/serializers/trigger_variable_entity_spec.rb @@ -0,0 +1,48 @@ +require 'spec_helper' + +describe TriggerVariableEntity do + let(:project) { create(:project) } + let(:request) { double('request') } + let(:user) { create(:user) } + let(:variable) { { key: 'TEST_KEY', value: 'TEST_VALUE' } } + + subject { described_class.new(variable, request: request).as_json } + + before do + allow(request).to receive(:current_user).and_return(user) + allow(request).to receive(:project).and_return(project) + end + + it 'exposes the variable key' do + end + + context 'when user has access to the value' do + context 'when user is maintainer' do + before do + project.team.add_maintainer(user) + end + + it 'exposes the variable value' do + expect(subject).to include(:value) + end + end + + context 'when user is owner' do + let(:user) { project.owner } + + it 'exposes the variable value' do + expect(subject).to include(:value) + end + end + end + + context 'when user does not have access to the value' do + before do + project.team.add_developer(user) + end + + it 'does not expose the variable value' do + expect(subject).not_to include(:value) + end + end +end |