diff options
author | Matija Čupić <matteeyah@gmail.com> | 2018-12-16 15:38:36 +0100 |
---|---|---|
committer | Matija Čupić <matteeyah@gmail.com> | 2018-12-20 12:21:49 +0100 |
commit | 178270a0f3689917e3764a128b8a281bb7feae76 (patch) | |
tree | 0c770121c42a6185022c672ad03c0a8c9038e592 /spec/controllers/groups | |
parent | f7ac8041f7ba3639085c26b4185eda00fd54a6e7 (diff) | |
download | gitlab-ce-178270a0f3689917e3764a128b8a281bb7feae76.tar.gz |
Check for group admin permissions
Diffstat (limited to 'spec/controllers/groups')
-rw-r--r-- | spec/controllers/groups/settings/ci_cd_controller_spec.rb | 55 |
1 files changed, 45 insertions, 10 deletions
diff --git a/spec/controllers/groups/settings/ci_cd_controller_spec.rb b/spec/controllers/groups/settings/ci_cd_controller_spec.rb index b7f04f732b9..40673d10b91 100644 --- a/spec/controllers/groups/settings/ci_cd_controller_spec.rb +++ b/spec/controllers/groups/settings/ci_cd_controller_spec.rb @@ -5,30 +5,65 @@ describe Groups::Settings::CiCdController do let(:user) { create(:user) } before do - group.add_maintainer(user) sign_in(user) end describe 'GET #show' do - it 'renders show with 200 status code' do - get :show, params: { group_id: group } + context 'when user is owner' do + before do + group.add_owner(user) + end - expect(response).to have_gitlab_http_status(200) - expect(response).to render_template(:show) + it 'renders show with 200 status code' do + get :show, params: { group_id: group } + + expect(response).to have_gitlab_http_status(200) + expect(response).to render_template(:show) + end + end + + context 'when user is not owner' do + before do + group.add_maintainer(user) + end + + it 'renders a 404' do + get :show, params: { group_id: group } + + expect(response).to have_gitlab_http_status(404) + end end end describe 'PUT #reset_registration_token' do subject { put :reset_registration_token, params: { group_id: group } } - it 'resets runner registration token' do - expect { subject }.to change { group.reload.runners_token } + context 'when user is owner' do + before do + group.add_owner(user) + end + + it 'resets runner registration token' do + expect { subject }.to change { group.reload.runners_token } + end + + it 'redirects the user to admin runners page' do + subject + + expect(response).to redirect_to(group_settings_ci_cd_path) + end end - it 'redirects the user to admin runners page' do - subject + context 'when user is not owner' do + before do + group.add_maintainer(user) + end + + it 'renders a 404' do + subject - expect(response).to redirect_to(group_settings_ci_cd_path) + expect(response).to have_gitlab_http_status(404) + end end end end |