diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-14 18:09:54 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-14 18:09:54 +0000 |
commit | f697dc5e76dfc5894df006d53b2b7e751653cf05 (patch) | |
tree | 1387cd225039e611f3683f96b318bb17d4c422cb /spec/controllers/projects/clusters_controller_spec.rb | |
parent | 874ead9c3a50de4c4ca4551eaf5b7eb976d26b50 (diff) | |
download | gitlab-ce-f697dc5e76dfc5894df006d53b2b7e751653cf05.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/controllers/projects/clusters_controller_spec.rb')
-rw-r--r-- | spec/controllers/projects/clusters_controller_spec.rb | 77 |
1 files changed, 66 insertions, 11 deletions
diff --git a/spec/controllers/projects/clusters_controller_spec.rb b/spec/controllers/projects/clusters_controller_spec.rb index a5683a27837..07733ec30d9 100644 --- a/spec/controllers/projects/clusters_controller_spec.rb +++ b/spec/controllers/projects/clusters_controller_spec.rb @@ -65,7 +65,12 @@ describe Projects::ClustersController do describe 'security' do let(:cluster) { create(:cluster, :provided_by_gcp, projects: [project]) } - it { expect { go }.to be_allowed_for(:admin) } + it 'is allowed for admin when admin mode enabled', :enable_admin_mode do + expect { go }.to be_allowed_for(:admin) + end + it 'is disabled for admin when admin mode disabled' do + expect { go }.to be_denied_for(:admin) + end it { expect { go }.to be_allowed_for(:owner).of(project) } it { expect { go }.to be_allowed_for(:maintainer).of(project) } it { expect { go }.to be_denied_for(:developer).of(project) } @@ -151,7 +156,12 @@ describe Projects::ClustersController do end describe 'security' do - it { expect { go }.to be_allowed_for(:admin) } + it 'is allowed for admin when admin mode enabled', :enable_admin_mode do + expect { go }.to be_allowed_for(:admin) + end + it 'is disabled for admin when admin mode disabled' do + expect { go }.to be_denied_for(:admin) + end it { expect { go }.to be_allowed_for(:owner).of(project) } it { expect { go }.to be_allowed_for(:maintainer).of(project) } it { expect { go }.to be_denied_for(:developer).of(project) } @@ -240,7 +250,12 @@ describe Projects::ClustersController do allow(WaitForClusterCreationWorker).to receive(:perform_in).and_return(nil) end - it { expect { go }.to be_allowed_for(:admin) } + it 'is allowed for admin when admin mode enabled', :enable_admin_mode do + expect { go }.to be_allowed_for(:admin) + end + it 'is disabled for admin when admin mode disabled' do + expect { go }.to be_denied_for(:admin) + end it { expect { go }.to be_allowed_for(:owner).of(project) } it { expect { go }.to be_allowed_for(:maintainer).of(project) } it { expect { go }.to be_denied_for(:developer).of(project) } @@ -346,7 +361,12 @@ describe Projects::ClustersController do stub_kubeclient_get_namespace('https://kubernetes.example.com', namespace: 'my-namespace') end - it { expect { go }.to be_allowed_for(:admin) } + it 'is allowed for admin when admin mode enabled', :enable_admin_mode do + expect { go }.to be_allowed_for(:admin) + end + it 'is disabled for admin when admin mode disabled' do + expect { go }.to be_denied_for(:admin) + end it { expect { go }.to be_allowed_for(:owner).of(project) } it { expect { go }.to be_allowed_for(:maintainer).of(project) } it { expect { go }.to be_denied_for(:developer).of(project) } @@ -414,7 +434,12 @@ describe Projects::ClustersController do allow(WaitForClusterCreationWorker).to receive(:perform_in) end - it { expect { post_create_aws }.to be_allowed_for(:admin) } + it 'is allowed for admin when admin mode enabled', :enable_admin_mode do + expect { post_create_aws }.to be_allowed_for(:admin) + end + it 'is disabled for admin when admin mode disabled' do + expect { post_create_aws }.to be_denied_for(:admin) + end it { expect { post_create_aws }.to be_allowed_for(:owner).of(project) } it { expect { post_create_aws }.to be_allowed_for(:maintainer).of(project) } it { expect { post_create_aws }.to be_denied_for(:developer).of(project) } @@ -469,7 +494,12 @@ describe Projects::ClustersController do end describe 'security' do - it { expect { go }.to be_allowed_for(:admin) } + it 'is allowed for admin when admin mode enabled', :enable_admin_mode do + expect { go }.to be_allowed_for(:admin) + end + it 'is disabled for admin when admin mode disabled' do + expect { go }.to be_denied_for(:admin) + end it { expect { go }.to be_allowed_for(:owner).of(project) } it { expect { go }.to be_allowed_for(:maintainer).of(project) } it { expect { go }.to be_denied_for(:developer).of(project) } @@ -501,7 +531,12 @@ describe Projects::ClustersController do end describe 'security' do - it { expect { go }.to be_allowed_for(:admin) } + it 'is allowed for admin when admin mode enabled', :enable_admin_mode do + expect { go }.to be_allowed_for(:admin) + end + it 'is disabled for admin when admin mode disabled' do + expect { go }.to be_denied_for(:admin) + end it { expect { go }.to be_allowed_for(:owner).of(project) } it { expect { go }.to be_allowed_for(:maintainer).of(project) } it { expect { go }.to be_denied_for(:developer).of(project) } @@ -541,7 +576,12 @@ describe Projects::ClustersController do end describe 'security' do - it { expect { go }.to be_allowed_for(:admin) } + it 'is allowed for admin when admin mode enabled', :enable_admin_mode do + expect { go }.to be_allowed_for(:admin) + end + it 'is disabled for admin when admin mode disabled' do + expect { go }.to be_denied_for(:admin) + end it { expect { go }.to be_allowed_for(:owner).of(project) } it { expect { go }.to be_allowed_for(:maintainer).of(project) } it { expect { go }.to be_denied_for(:developer).of(project) } @@ -574,7 +614,12 @@ describe Projects::ClustersController do end describe 'security' do - it { expect { go }.to be_allowed_for(:admin) } + it 'is allowed for admin when admin mode enabled', :enable_admin_mode do + expect { go }.to be_allowed_for(:admin) + end + it 'is disabled for admin when admin mode disabled' do + expect { go }.to be_denied_for(:admin) + end it { expect { go }.to be_allowed_for(:owner).of(project) } it { expect { go }.to be_allowed_for(:maintainer).of(project) } it { expect { go }.to be_denied_for(:developer).of(project) } @@ -677,7 +722,12 @@ describe Projects::ClustersController do describe 'security' do let_it_be(:cluster) { create(:cluster, :provided_by_gcp, projects: [project]) } - it { expect { go }.to be_allowed_for(:admin) } + it 'is allowed for admin when admin mode enabled', :enable_admin_mode do + expect { go }.to be_allowed_for(:admin) + end + it 'is disabled for admin when admin mode disabled' do + expect { go }.to be_denied_for(:admin) + end it { expect { go }.to be_allowed_for(:owner).of(project) } it { expect { go }.to be_allowed_for(:maintainer).of(project) } it { expect { go }.to be_denied_for(:developer).of(project) } @@ -746,7 +796,12 @@ describe Projects::ClustersController do describe 'security' do let_it_be(:cluster) { create(:cluster, :provided_by_gcp, :production_environment, projects: [project]) } - it { expect { go }.to be_allowed_for(:admin) } + it 'is allowed for admin when admin mode enabled', :enable_admin_mode do + expect { go }.to be_allowed_for(:admin) + end + it 'is disabled for admin when admin mode disabled' do + expect { go }.to be_denied_for(:admin) + end it { expect { go }.to be_allowed_for(:owner).of(project) } it { expect { go }.to be_allowed_for(:maintainer).of(project) } it { expect { go }.to be_denied_for(:developer).of(project) } |