Update effected testszj-guest-reads-public-builds

7 files changed, 45 insertions, 47 deletions

diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index b4c1fcabefd..d5aadfce76a 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -12,9 +12,6 @@ class ProjectPolicy < BasePolicy
       guest_access!
       public_access!
 
-      # Allow to read builds for internal projects
-      can! :read_build if project.public_builds?
-
       if project.request_access_enabled &&
          !(owner || user.admin? || project.team.member?(user) || project_group_member?(user))
         can! :request_access
diff --git a/features/steps/shared/project.rb b/features/steps/shared/project.rb
index cab85a48396..b51152c79c6 100644
--- a/features/steps/shared/project.rb
+++ b/features/steps/shared/project.rb
@@ -9,7 +9,7 @@ module SharedProject
 
   step "project exists in some group namespace" do
     @group = create(:group, name: 'some group')
-    @project = create(:project, namespace: @group)
+    @project = create(:project, namespace: @group, public_builds: false)
   end
 
   # Create a specific project called "Shop"
diff --git a/spec/features/security/project/private_access_spec.rb b/spec/features/security/project/private_access_spec.rb
index a942a1ace3b..f52e23f9433 100644
--- a/spec/features/security/project/private_access_spec.rb
+++ b/spec/features/security/project/private_access_spec.rb
@@ -3,7 +3,7 @@ require 'spec_helper'
 describe "Private Project Access", feature: true  do
   include AccessMatchers
 
-  let(:project) { create(:project, :private) }
+  let(:project) { create(:project, :private, public_builds: false) }
 
   describe "Project should be private" do
     describe '#private?' do
@@ -262,16 +262,15 @@ describe "Private Project Access", feature: true  do
     it { is_expected.to be_denied_for(:visitor) }
 
     context 'when public builds is enabled' do
-      it { is_expected.to be_allowed_for guest }
-    end
-
-    context 'when public buils are disabled' do
       before do
-        project.public_builds = false
-        project.save
+        project.update(public_builds: true)
       end
 
-      it { is_expected.to be_denied_for guest }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+    end
+
+    context 'when public buils are disabled' do
+      it { is_expected.to be_denied_for(:guest).of(project) }
     end
   end
 
@@ -290,16 +289,15 @@ describe "Private Project Access", feature: true  do
     it { is_expected.to be_denied_for(:visitor) }
 
     context 'when public builds is enabled' do
-      it { is_expected.to be_allowed_for guest }
-    end
-
-    context 'when public buils are disabled' do
       before do
-        project.public_builds = false
-        project.save
+        project.update(public_builds: true)
       end
 
-      it { is_expected.to be_denied_for guest }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+    end
+
+    context 'when public buils are disabled' do
+      it { is_expected.to be_denied_for(:guest).of(project) }
     end
   end
 
@@ -317,16 +315,15 @@ describe "Private Project Access", feature: true  do
     it { is_expected.to be_denied_for(:visitor) }
 
     context 'when public builds is enabled' do
-      it { is_expected.to be_allowed_for guest }
-    end
-
-    context 'when public buils are disabled' do
       before do
-        project.public_builds = false
-        project.save
+        project.update(public_builds: true)
       end
 
-      it { is_expected.to be_denied_for guest }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+    end
+
+    context 'when public buils are disabled' do
+      it { is_expected.to be_denied_for(:guest).of(project) }
     end
   end
 
@@ -346,7 +343,11 @@ describe "Private Project Access", feature: true  do
     it { is_expected.to be_denied_for(:visitor) }
 
     context 'when public builds is enabled' do
-      it { is_expected.to be_allowed_for guest }
+      before do
+        project.update(public_builds: true)
+      end
+
+      it { is_expected.to be_allowed_for(:guest).of(project) }
     end
 
     context 'when public buils are disabled' do
@@ -355,7 +356,7 @@ describe "Private Project Access", feature: true  do
         project.save
       end
 
-      it { is_expected.to be_denied_for guest }
+      it { is_expected.to be_denied_for(:guest).of(project) }
     end
   end
 
diff --git a/spec/lib/gitlab/cycle_analytics/permissions_spec.rb b/spec/lib/gitlab/cycle_analytics/permissions_spec.rb
index dc4f7dc69db..2d85e712db0 100644
--- a/spec/lib/gitlab/cycle_analytics/permissions_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/permissions_spec.rb
@@ -1,7 +1,7 @@
 require 'spec_helper'
 
 describe Gitlab::CycleAnalytics::Permissions do
-  let(:project) { create(:empty_project) }
+  let(:project) { create(:empty_project, public_builds: false) }
   let(:user) { create(:user) }
 
   subject { described_class.get(user: user, project: project) }
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index 34a0937d9bc..eeab9827d99 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -111,34 +111,34 @@ describe ProjectPolicy, models: true do
     context 'guests' do
       let(:current_user) { guest }
 
-      context 'public builds enabled' do
-        let(:reporter_public_build_permissions) do
-          reporter_permissions - [:read_build, :read_pipeline]
-        end
+      let(:reporter_public_build_permissions) do
+        reporter_permissions - [:read_build, :read_pipeline]
+      end
+
+      it do
+        is_expected.to include(*guest_permissions)
+        is_expected.not_to include(*reporter_public_build_permissions)
+        is_expected.not_to include(*team_member_reporter_permissions)
+        is_expected.not_to include(*developer_permissions)
+        is_expected.not_to include(*master_permissions)
+        is_expected.not_to include(*owner_permissions)
+      end
 
+      context 'public builds enabled' do
         it do
           is_expected.to include(*guest_permissions)
-          is_expected.not_to include(*reporter_public_build_permissions)
-          is_expected.not_to include(*team_member_reporter_permissions)
-          is_expected.not_to include(*developer_permissions)
-          is_expected.not_to include(*master_permissions)
-          is_expected.not_to include(*owner_permissions)
+          is_expected.to include(:read_build, :read_pipeline)
         end
       end
 
       context 'public builds disabled' do
         before do
-          project.public_builds = false
-          project.save
+          project.update(public_builds: false)
         end
 
         it do
           is_expected.to include(*guest_permissions)
-          is_expected.not_to include(*reporter_permissions)
-          is_expected.not_to include(*team_member_reporter_permissions)
-          is_expected.not_to include(*developer_permissions)
-          is_expected.not_to include(*master_permissions)
-          is_expected.not_to include(*owner_permissions)
+          is_expected.not_to include(:read_build, :read_pipeline)
         end
       end
     end
diff --git a/spec/requests/projects/cycle_analytics_events_spec.rb b/spec/requests/projects/cycle_analytics_events_spec.rb
index f5e0fdcda2d..e0368e6001f 100644
--- a/spec/requests/projects/cycle_analytics_events_spec.rb
+++ b/spec/requests/projects/cycle_analytics_events_spec.rb
@@ -2,7 +2,7 @@ require 'spec_helper'
 
 describe 'cycle analytics events' do
   let(:user) { create(:user) }
-  let(:project) { create(:project) }
+  let(:project) { create(:project, public_builds: false) }
   let(:issue) {  create(:issue, project: project, created_at: 2.days.ago) }
 
   describe 'GET /:namespace/:project/cycle_analytics/events/issues' do
diff --git a/spec/workers/pipeline_notification_worker_spec.rb b/spec/workers/pipeline_notification_worker_spec.rb
index 739f9b63967..603ae52ed1e 100644
--- a/spec/workers/pipeline_notification_worker_spec.rb
+++ b/spec/workers/pipeline_notification_worker_spec.rb
@@ -11,7 +11,7 @@ describe PipelineNotificationWorker do
            status: status)
   end
 
-  let(:project) { create(:project) }
+  let(:project) { create(:project, public_builds: false) }
   let(:user) { create(:user) }
   let(:pusher) { user }
   let(:watcher) { pusher }