summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZ.J. van de Weg <git@zjvandeweg.nl>2016-11-29 13:43:58 +0100
committerZ.J. van de Weg <git@zjvandeweg.nl>2016-12-04 17:32:33 +0100
commit10960400245ca338e32a3c55538ace976df962c6 (patch)
treea0183e5234e45cbc1ae3b4e986bea0bbb2332275
parent617f43c74b967a085f6cd7afb1408cfa28187b52 (diff)
downloadgitlab-ce-10960400245ca338e32a3c55538ace976df962c6.tar.gz
Update effected testszj-guest-reads-public-builds
Diffstat
-rw-r--r--app/policies/project_policy.rb3
-rw-r--r--features/steps/shared/project.rb2
-rw-r--r--spec/features/security/project/private_access_spec.rb49
-rw-r--r--spec/lib/gitlab/cycle_analytics/permissions_spec.rb2
-rw-r--r--spec/policies/project_policy_spec.rb32
-rw-r--r--spec/requests/projects/cycle_analytics_events_spec.rb2
-rw-r--r--spec/workers/pipeline_notification_worker_spec.rb2
7 files changed, 45 insertions, 47 deletions
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index b4c1fcabefd..d5aadfce76a 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -12,9 +12,6 @@ class ProjectPolicy < BasePolicy
guest_access!
public_access!
- # Allow to read builds for internal projects
- can! :read_build if project.public_builds?
-
if project.request_access_enabled &&
!(owner || user.admin? || project.team.member?(user) || project_group_member?(user))
can! :request_access
diff --git a/features/steps/shared/project.rb b/features/steps/shared/project.rb
index cab85a48396..b51152c79c6 100644
--- a/features/steps/shared/project.rb
+++ b/features/steps/shared/project.rb
@@ -9,7 +9,7 @@ module SharedProject
step "project exists in some group namespace" do
@group = create(:group, name: 'some group')
- @project = create(:project, namespace: @group)
+ @project = create(:project, namespace: @group, public_builds: false)
end
# Create a specific project called "Shop"
diff --git a/spec/features/security/project/private_access_spec.rb b/spec/features/security/project/private_access_spec.rb
index a942a1ace3b..f52e23f9433 100644
--- a/spec/features/security/project/private_access_spec.rb
+++ b/spec/features/security/project/private_access_spec.rb
@@ -3,7 +3,7 @@ require 'spec_helper'
describe "Private Project Access", feature: true do
include AccessMatchers
- let(:project) { create(:project, :private) }
+ let(:project) { create(:project, :private, public_builds: false) }
describe "Project should be private" do
describe '#private?' do
@@ -262,16 +262,15 @@ describe "Private Project Access", feature: true do
it { is_expected.to be_denied_for(:visitor) }
context 'when public builds is enabled' do
- it { is_expected.to be_allowed_for guest }
- end
-
- context 'when public buils are disabled' do
before do
- project.public_builds = false
- project.save
+ project.update(public_builds: true)
end
- it { is_expected.to be_denied_for guest }
+ it { is_expected.to be_allowed_for(:guest).of(project) }
+ end
+
+ context 'when public buils are disabled' do
+ it { is_expected.to be_denied_for(:guest).of(project) }
end
end
@@ -290,16 +289,15 @@ describe "Private Project Access", feature: true do
it { is_expected.to be_denied_for(:visitor) }
context 'when public builds is enabled' do
- it { is_expected.to be_allowed_for guest }
- end
-
- context 'when public buils are disabled' do
before do
- project.public_builds = false
- project.save
+ project.update(public_builds: true)
end
- it { is_expected.to be_denied_for guest }
+ it { is_expected.to be_allowed_for(:guest).of(project) }
+ end
+
+ context 'when public buils are disabled' do
+ it { is_expected.to be_denied_for(:guest).of(project) }
end
end
@@ -317,16 +315,15 @@ describe "Private Project Access", feature: true do
it { is_expected.to be_denied_for(:visitor) }
context 'when public builds is enabled' do
- it { is_expected.to be_allowed_for guest }
- end
-
- context 'when public buils are disabled' do
before do
- project.public_builds = false
- project.save
+ project.update(public_builds: true)
end
- it { is_expected.to be_denied_for guest }
+ it { is_expected.to be_allowed_for(:guest).of(project) }
+ end
+
+ context 'when public buils are disabled' do
+ it { is_expected.to be_denied_for(:guest).of(project) }
end
end
@@ -346,7 +343,11 @@ describe "Private Project Access", feature: true do
it { is_expected.to be_denied_for(:visitor) }
context 'when public builds is enabled' do
- it { is_expected.to be_allowed_for guest }
+ before do
+ project.update(public_builds: true)
+ end
+
+ it { is_expected.to be_allowed_for(:guest).of(project) }
end
context 'when public buils are disabled' do
@@ -355,7 +356,7 @@ describe "Private Project Access", feature: true do
project.save
end
- it { is_expected.to be_denied_for guest }
+ it { is_expected.to be_denied_for(:guest).of(project) }
end
end
diff --git a/spec/lib/gitlab/cycle_analytics/permissions_spec.rb b/spec/lib/gitlab/cycle_analytics/permissions_spec.rb
index dc4f7dc69db..2d85e712db0 100644
--- a/spec/lib/gitlab/cycle_analytics/permissions_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/permissions_spec.rb
@@ -1,7 +1,7 @@
require 'spec_helper'
describe Gitlab::CycleAnalytics::Permissions do
- let(:project) { create(:empty_project) }
+ let(:project) { create(:empty_project, public_builds: false) }
let(:user) { create(:user) }
subject { described_class.get(user: user, project: project) }
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index 34a0937d9bc..eeab9827d99 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -111,34 +111,34 @@ describe ProjectPolicy, models: true do
context 'guests' do
let(:current_user) { guest }
- context 'public builds enabled' do
- let(:reporter_public_build_permissions) do
- reporter_permissions - [:read_build, :read_pipeline]
- end
+ let(:reporter_public_build_permissions) do
+ reporter_permissions - [:read_build, :read_pipeline]
+ end
+
+ it do
+ is_expected.to include(*guest_permissions)
+ is_expected.not_to include(*reporter_public_build_permissions)
+ is_expected.not_to include(*team_member_reporter_permissions)
+ is_expected.not_to include(*developer_permissions)
+ is_expected.not_to include(*master_permissions)
+ is_expected.not_to include(*owner_permissions)
+ end
+ context 'public builds enabled' do
it do
is_expected.to include(*guest_permissions)
- is_expected.not_to include(*reporter_public_build_permissions)
- is_expected.not_to include(*team_member_reporter_permissions)
- is_expected.not_to include(*developer_permissions)
- is_expected.not_to include(*master_permissions)
- is_expected.not_to include(*owner_permissions)
+ is_expected.to include(:read_build, :read_pipeline)
end
end
context 'public builds disabled' do
before do
- project.public_builds = false
- project.save
+ project.update(public_builds: false)
end
it do
is_expected.to include(*guest_permissions)
- is_expected.not_to include(*reporter_permissions)
- is_expected.not_to include(*team_member_reporter_permissions)
- is_expected.not_to include(*developer_permissions)
- is_expected.not_to include(*master_permissions)
- is_expected.not_to include(*owner_permissions)
+ is_expected.not_to include(:read_build, :read_pipeline)
end
end
end
diff --git a/spec/requests/projects/cycle_analytics_events_spec.rb b/spec/requests/projects/cycle_analytics_events_spec.rb
index f5e0fdcda2d..e0368e6001f 100644
--- a/spec/requests/projects/cycle_analytics_events_spec.rb
+++ b/spec/requests/projects/cycle_analytics_events_spec.rb
@@ -2,7 +2,7 @@ require 'spec_helper'
describe 'cycle analytics events' do
let(:user) { create(:user) }
- let(:project) { create(:project) }
+ let(:project) { create(:project, public_builds: false) }
let(:issue) { create(:issue, project: project, created_at: 2.days.ago) }
describe 'GET /:namespace/:project/cycle_analytics/events/issues' do
diff --git a/spec/workers/pipeline_notification_worker_spec.rb b/spec/workers/pipeline_notification_worker_spec.rb
index 739f9b63967..603ae52ed1e 100644
--- a/spec/workers/pipeline_notification_worker_spec.rb
+++ b/spec/workers/pipeline_notification_worker_spec.rb
@@ -11,7 +11,7 @@ describe PipelineNotificationWorker do
status: status)
end
- let(:project) { create(:project) }
+ let(:project) { create(:project, public_builds: false) }
let(:user) { create(:user) }
let(:pusher) { user }
let(:watcher) { pusher }
View Lorry Controller Status