Authorize environments controller actions

author: Kamil Trzcinski <ayufan@ayufan.eu> 2016-06-14 14:43:45 +0200
committer: Kamil Trzcinski <ayufan@ayufan.eu> 2016-06-14 14:43:45 +0200
commit: bb6f246790fb3a6b85ab2fd9341566557da64a23 (patch)
tree: f215918327d82cc629f8faba6deeebffef92cb3e /spec/features/security/project
parent: e129f66d9e597f43f7a85243ddedf3de0fc4946a (diff)
download: gitlab-ce-bb6f246790fb3a6b85ab2fd9341566557da64a23.tar.gz
1 files changed, 43 insertions, 0 deletions
diff --git a/spec/features/security/project/public_access_spec.rb b/spec/features/security/project/public_access_spec.rb
index c5f741709ad..f6c6687e162 100644
--- a/spec/features/security/project/public_access_spec.rb
+++ b/spec/features/security/project/public_access_spec.rb
@@ -175,6 +175,49 @@ describe "Public Project Access", feature: true  do
     end
   end
 
+  describe "GET /:project_path/environments" do
+    subject { namespace_project_environments_path(project.namespace, project) }
+
+    it { is_expected.to be_allowed_for :admin }
+    it { is_expected.to be_allowed_for owner }
+    it { is_expected.to be_allowed_for master }
+    it { is_expected.to be_allowed_for developer }
+    it { is_expected.to be_allowed_for reporter }
+    it { is_expected.to be_denied_for guest }
+    it { is_expected.to be_denied_for :user }
+    it { is_expected.to be_denied_for :external }
+    it { is_expected.to be_denied_for :visitor }
+  end
+
+  describe "GET /:project_path/environments/:id" do
+    let(:environment) { create(:environment, project: project) }
+    subject { namespace_project_environments_path(project.namespace, project, environment) }
+
+    it { is_expected.to be_allowed_for :admin }
+    it { is_expected.to be_allowed_for owner }
+    it { is_expected.to be_allowed_for master }
+    it { is_expected.to be_allowed_for developer }
+    it { is_expected.to be_allowed_for reporter }
+    it { is_expected.to be_denied_for guest }
+    it { is_expected.to be_denied_for :user }
+    it { is_expected.to be_denied_for :external }
+    it { is_expected.to be_denied_for :visitor }
+  end
+
+  describe "GET /:project_path/environments/new" do
+    subject { new_namespace_project_environment_path(project.namespace, project) }
+
+    it { is_expected.to be_allowed_for :admin }
+    it { is_expected.to be_allowed_for owner }
+    it { is_expected.to be_allowed_for master }
+    it { is_expected.to be_allowed_for developer }
+    it { is_expected.to be_denied_for reporter }
+    it { is_expected.to be_denied_for guest }
+    it { is_expected.to be_denied_for :user }
+    it { is_expected.to be_denied_for :external }
+    it { is_expected.to be_denied_for :visitor }
+  end
+
   describe "GET /:project_path/blob" do
     let(:commit) { project.repository.commit }
author	Kamil Trzcinski <ayufan@ayufan.eu>	2016-06-14 14:43:45 +0200
committer	Kamil Trzcinski <ayufan@ayufan.eu>	2016-06-14 14:43:45 +0200
commit	bb6f246790fb3a6b85ab2fd9341566557da64a23 (patch)
tree	f215918327d82cc629f8faba6deeebffef92cb3e /spec/features/security/project
parent	e129f66d9e597f43f7a85243ddedf3de0fc4946a (diff)
download	gitlab-ce-bb6f246790fb3a6b85ab2fd9341566557da64a23.tar.gz