diff options
| author | Thong Kuah <tkuah@gitlab.com> | 2018-12-07 07:47:41 +1300 |
|---|---|---|
| committer | Thong Kuah <tkuah@gitlab.com> | 2018-12-17 09:51:53 +1300 |
| commit | 2ad5f999e95ed0627e2c8aea9da670b7da559bab (patch) | |
| tree | 2174d4ea0a9b26828efe0e7aedf9f6e23788085a | |
| parent | 0e78834bc939980e40aef65b6b51f29293dab6d9 (diff) | |
| download | gitlab-ce-2ad5f999e95ed0627e2c8aea9da670b7da559bab.tar.gz | |
Check can :read_clusters in finder
This is in addtion to the can checks we have in the controller, as a
finder can be used elsewhere in the future.
| -rw-r--r-- | app/finders/cluster_ancestors_finder.rb | 12 | ||||
| -rw-r--r-- | spec/finders/cluster_ancestors_finder_spec.rb | 16 |
2 files changed, 25 insertions, 3 deletions
diff --git a/app/finders/cluster_ancestors_finder.rb b/app/finders/cluster_ancestors_finder.rb index 9f85e6e5c31..586fceb258a 100644 --- a/app/finders/cluster_ancestors_finder.rb +++ b/app/finders/cluster_ancestors_finder.rb @@ -1,18 +1,24 @@ # frozen_string_literal: true class ClusterAncestorsFinder - def initialize(clusterable, user) + def initialize(clusterable, current_user) @clusterable = clusterable - @user = user + @current_user = current_user end def execute + return [] unless can_read_clusters? + clusterable.clusters + ancestor_clusters end private - attr_reader :clusterable, :user + attr_reader :clusterable, :current_user + + def can_read_clusters? + Ability.allowed?(current_user, :read_cluster, clusterable) + end def ancestor_clusters Clusters::Cluster.ancestor_clusters_for_clusterable(clusterable) diff --git a/spec/finders/cluster_ancestors_finder_spec.rb b/spec/finders/cluster_ancestors_finder_spec.rb index c1897ef9077..332086c42e2 100644 --- a/spec/finders/cluster_ancestors_finder_spec.rb +++ b/spec/finders/cluster_ancestors_finder_spec.rb @@ -20,6 +20,10 @@ describe ClusterAncestorsFinder, '#execute' do context 'for a project' do let(:clusterable) { project } + before do + project.add_maintainer(user) + end + it 'returns the project clusters followed by group clusters' do is_expected.to eq([project_cluster, group_cluster]) end @@ -38,9 +42,21 @@ describe ClusterAncestorsFinder, '#execute' do end end + context 'user cannot read clusters for clusterable' do + let(:clusterable) { project } + + it 'returns nothing' do + is_expected.to be_empty + end + end + context 'for a group' do let(:clusterable) { group } + before do + group.add_maintainer(user) + end + it 'returns the list of group clusters' do is_expected.to eq([group_cluster]) end |