diff options
| author | Douwe Maan <douwe@gitlab.com> | 2017-09-25 07:47:39 +0000 |
|---|---|---|
| committer | Douwe Maan <douwe@gitlab.com> | 2017-09-25 07:47:39 +0000 |
| commit | 26f05621248c6155af196794239d80117f915a0c (patch) | |
| tree | 91bee5afd78d14076bc0247b1f2dad820664ca0b | |
| parent | 9ec3163470886e3dcf6b82ef9fb6380d95c1edb1 (diff) | |
| parent | 42fdbbe34a12ea580d67c55d24a0b83e036e9a92 (diff) | |
| download | gitlab-ce-26f05621248c6155af196794239d80117f915a0c.tar.gz | |
Merge branch 'rc/refactor-project_policy_spec-ce' into 'master'
Refactor spec/policies/project_policy_spec.rb to minimize the diff with EE
See merge request gitlab-org/gitlab-ce!14434
| -rw-r--r-- | spec/policies/project_policy_spec.rb | 133 |
1 files changed, 86 insertions, 47 deletions
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb index c0cbdeed03d..f2593a1a75c 100644 --- a/spec/policies/project_policy_spec.rb +++ b/spec/policies/project_policy_spec.rb @@ -1,15 +1,15 @@ require 'spec_helper' describe ProjectPolicy do - let(:guest) { create(:user) } - let(:reporter) { create(:user) } - let(:dev) { create(:user) } - let(:master) { create(:user) } - let(:owner) { create(:user) } - let(:admin) { create(:admin) } + set(:guest) { create(:user) } + set(:reporter) { create(:user) } + set(:developer) { create(:user) } + set(:master) { create(:user) } + set(:owner) { create(:user) } + set(:admin) { create(:admin) } let(:project) { create(:project, :public, namespace: owner.namespace) } - let(:guest_permissions) do + let(:base_guest_permissions) do %i[ read_project read_board read_list read_wiki read_issue read_label read_milestone read_project_snippet read_project_member @@ -18,7 +18,7 @@ describe ProjectPolicy do ] end - let(:reporter_permissions) do + let(:base_reporter_permissions) do %i[ download_code fork_project create_project_snippet update_issue admin_issue admin_label admin_list read_commit_status read_build @@ -41,7 +41,7 @@ describe ProjectPolicy do ] end - let(:master_permissions) do + let(:base_master_permissions) do %i[ delete_protected_branch update_project_snippet update_environment update_deployment admin_project_snippet @@ -66,11 +66,20 @@ describe ProjectPolicy do ] end + # Used in EE specs + let(:additional_guest_permissions) { [] } + let(:additional_reporter_permissions) { [] } + let(:additional_master_permissions) { [] } + + let(:guest_permissions) { base_guest_permissions + additional_guest_permissions } + let(:reporter_permissions) { base_reporter_permissions + additional_reporter_permissions } + let(:master_permissions) { base_master_permissions + additional_master_permissions } + before do - project.team << [guest, :guest] - project.team << [master, :master] - project.team << [dev, :developer] - project.team << [reporter, :reporter] + project.add_guest(guest) + project.add_master(master) + project.add_developer(developer) + project.add_reporter(reporter) end def expect_allowed(*permissions) @@ -127,38 +136,41 @@ describe ProjectPolicy do end end - context 'when a project has pending invites, and the current user is anonymous' do - let(:group) { create(:group, :public) } - let(:project) { create(:project, :public, namespace: group) } - let(:user_permissions) { [:create_project, :create_issue, :create_note, :upload_file] } - let(:anonymous_permissions) { guest_permissions - user_permissions } + shared_examples 'project policies as anonymous' do + context 'abilities for public projects' do + context 'when a project has pending invites' do + let(:group) { create(:group, :public) } + let(:project) { create(:project, :public, namespace: group) } + let(:user_permissions) { [:create_project, :create_issue, :create_note, :upload_file] } + let(:anonymous_permissions) { guest_permissions - user_permissions } - subject { described_class.new(nil, project) } + subject { described_class.new(nil, project) } - before do - create(:group_member, :invited, group: group) - end + before do + create(:group_member, :invited, group: group) + end - it 'does not grant owner access' do - expect_allowed(*anonymous_permissions) - expect_disallowed(*user_permissions) + it 'does not grant owner access' do + expect_allowed(*anonymous_permissions) + expect_disallowed(*user_permissions) + end + end end - end - context 'abilities for non-public projects' do - let(:project) { create(:project, namespace: owner.namespace) } + context 'abilities for non-public projects' do + let(:project) { create(:project, namespace: owner.namespace) } - subject { described_class.new(current_user, project) } - - context 'with no user' do - let(:current_user) { nil } + subject { described_class.new(nil, project) } it { is_expected.to be_banned } end + end - context 'guests' do - let(:current_user) { guest } + shared_examples 'project policies as guest' do + subject { described_class.new(guest, project) } + context 'abilities for non-public projects' do + let(:project) { create(:project, namespace: owner.namespace) } let(:reporter_public_build_permissions) do reporter_permissions - [:read_build, :read_pipeline] end @@ -179,7 +191,7 @@ describe ProjectPolicy do end end - context 'public builds disabled' do + context 'when public builds disabled' do before do project.update(public_builds: false) end @@ -192,8 +204,7 @@ describe ProjectPolicy do context 'when builds are disabled' do before do - project.project_feature.update( - builds_access_level: ProjectFeature::DISABLED) + project.project_feature.update(builds_access_level: ProjectFeature::DISABLED) end it do @@ -202,9 +213,13 @@ describe ProjectPolicy do end end end + end + + shared_examples 'project policies as reporter' do + context 'abilities for non-public projects' do + let(:project) { create(:project, namespace: owner.namespace) } - context 'reporter' do - let(:current_user) { reporter } + subject { described_class.new(reporter, project) } it do expect_allowed(*guest_permissions) @@ -216,9 +231,13 @@ describe ProjectPolicy do expect_disallowed(*owner_permissions) end end + end - context 'developer' do - let(:current_user) { dev } + shared_examples 'project policies as developer' do + context 'abilities for non-public projects' do + let(:project) { create(:project, namespace: owner.namespace) } + + subject { described_class.new(developer, project) } it do expect_allowed(*guest_permissions) @@ -229,9 +248,13 @@ describe ProjectPolicy do expect_disallowed(*owner_permissions) end end + end + + shared_examples 'project policies as master' do + context 'abilities for non-public projects' do + let(:project) { create(:project, namespace: owner.namespace) } - context 'master' do - let(:current_user) { master } + subject { described_class.new(master, project) } it do expect_allowed(*guest_permissions) @@ -242,9 +265,13 @@ describe ProjectPolicy do expect_disallowed(*owner_permissions) end end + end + + shared_examples 'project policies as owner' do + context 'abilities for non-public projects' do + let(:project) { create(:project, namespace: owner.namespace) } - context 'owner' do - let(:current_user) { owner } + subject { described_class.new(owner, project) } it do expect_allowed(*guest_permissions) @@ -255,9 +282,13 @@ describe ProjectPolicy do expect_allowed(*owner_permissions) end end + end - context 'admin' do - let(:current_user) { admin } + shared_examples 'project policies as admin' do + context 'abilities for non-public projects' do + let(:project) { create(:project, namespace: owner.namespace) } + + subject { described_class.new(admin, project) } it do expect_allowed(*guest_permissions) @@ -269,4 +300,12 @@ describe ProjectPolicy do end end end + + it_behaves_like 'project policies as anonymous' + it_behaves_like 'project policies as guest' + it_behaves_like 'project policies as reporter' + it_behaves_like 'project policies as developer' + it_behaves_like 'project policies as master' + it_behaves_like 'project policies as owner' + it_behaves_like 'project policies as admin' end |