diff options
author | Pawel Chojnacki <pawel@chojnacki.ws> | 2017-04-24 20:00:00 +0200 |
---|---|---|
committer | Pawel Chojnacki <pawel@chojnacki.ws> | 2017-04-24 20:00:00 +0200 |
commit | e1e0b763dcc98794c6f85ac2adeb4ac0ab9a7e7b (patch) | |
tree | dc65a487d9c02a69ef7625773a0d45fda0870008 | |
parent | 6dab3033c9c2f6a9a4cabf9daffeff2b914cf66c (diff) | |
download | gitlab-ce-e1e0b763dcc98794c6f85ac2adeb4ac0ab9a7e7b.tar.gz |
Fix deployments security check path and add checks for internal and public access
-rw-r--r-- | spec/features/security/project/internal_access_spec.rb | 15 | ||||
-rw-r--r-- | spec/features/security/project/private_access_spec.rb | 2 | ||||
-rw-r--r-- | spec/features/security/project/public_access_spec.rb | 15 |
3 files changed, 31 insertions, 1 deletions
diff --git a/spec/features/security/project/internal_access_spec.rb b/spec/features/security/project/internal_access_spec.rb index 6ecdc8cbb71..00d5645c7ac 100644 --- a/spec/features/security/project/internal_access_spec.rb +++ b/spec/features/security/project/internal_access_spec.rb @@ -428,6 +428,21 @@ describe "Internal Project Access", feature: true do it { is_expected.to be_denied_for(:visitor) } end + describe "GET /:project_path/environments/:id/deployments" do + let(:environment) { create(:environment, project: project) } + subject { namespace_project_environment_deployments_path(project.namespace, project, environment) } + + it { is_expected.to be_allowed_for(:admin) } + it { is_expected.to be_allowed_for(:owner).of(project) } + it { is_expected.to be_allowed_for(:master).of(project) } + it { is_expected.to be_allowed_for(:developer).of(project) } + it { is_expected.to be_allowed_for(:reporter).of(project) } + it { is_expected.to be_denied_for(:guest).of(project) } + it { is_expected.to be_denied_for(:user) } + it { is_expected.to be_denied_for(:external) } + it { is_expected.to be_denied_for(:visitor) } + end + describe "GET /:project_path/environments/new" do subject { new_namespace_project_environment_path(project.namespace, project) } diff --git a/spec/features/security/project/private_access_spec.rb b/spec/features/security/project/private_access_spec.rb index c9059ef8fa6..52b858e780d 100644 --- a/spec/features/security/project/private_access_spec.rb +++ b/spec/features/security/project/private_access_spec.rb @@ -419,7 +419,7 @@ describe "Private Project Access", feature: true do describe "GET /:project_path/environments/:id/deployments" do let(:environment) { create(:environment, project: project) } - subject { namespace_project_environment_path(project.namespace, project, environment) } + subject { namespace_project_environment_deployments_path(project.namespace, project, environment) } it { is_expected.to be_allowed_for(:admin) } it { is_expected.to be_allowed_for(:owner).of(project) } diff --git a/spec/features/security/project/public_access_spec.rb b/spec/features/security/project/public_access_spec.rb index c4d2f50ca14..761cedf8157 100644 --- a/spec/features/security/project/public_access_spec.rb +++ b/spec/features/security/project/public_access_spec.rb @@ -248,6 +248,21 @@ describe "Public Project Access", feature: true do it { is_expected.to be_denied_for(:visitor) } end + describe "GET /:project_path/environments/:id/deployments" do + let(:environment) { create(:environment, project: project) } + subject { namespace_project_environment_deployments_path(project.namespace, project, environment) } + + it { is_expected.to be_allowed_for(:admin) } + it { is_expected.to be_allowed_for(:owner).of(project) } + it { is_expected.to be_allowed_for(:master).of(project) } + it { is_expected.to be_allowed_for(:developer).of(project) } + it { is_expected.to be_allowed_for(:reporter).of(project) } + it { is_expected.to be_denied_for(:guest).of(project) } + it { is_expected.to be_denied_for(:user) } + it { is_expected.to be_denied_for(:external) } + it { is_expected.to be_denied_for(:visitor) } + end + describe "GET /:project_path/environments/new" do subject { new_namespace_project_environment_path(project.namespace, project) } |