Merge remote-tracking branch 'origin/master' into dockerfile-templatesdockerfile-templates

105 files changed, 3883 insertions, 1681 deletions

diff --git a/spec/features/abuse_report_spec.rb b/spec/features/abuse_report_spec.rb
new file mode 100644
index 00000000000..1e11fb756b2
--- /dev/null
+++ b/spec/features/abuse_report_spec.rb
@@ -0,0 +1,24 @@
+require 'spec_helper'
+
+feature 'Abuse reports', feature: true do
+  let(:another_user) { create(:user) }
+
+  before do
+    login_as :user
+  end
+
+  scenario 'Report abuse' do
+    visit user_path(another_user)
+
+    click_link 'Report abuse'
+
+    fill_in 'abuse_report_message', with: 'This user send spam'
+    click_button 'Send report'
+
+    expect(page).to have_content 'Thank you for your report'
+
+    visit user_path(another_user)
+
+    expect(page).to have_button("Already reported for abuse")
+  end
+end
diff --git a/spec/features/admin/admin_abuse_reports_spec.rb b/spec/features/admin/admin_abuse_reports_spec.rb
index c1731e6414a..7fcfe5a54c7 100644
--- a/spec/features/admin/admin_abuse_reports_spec.rb
+++ b/spec/features/admin/admin_abuse_reports_spec.rb
@@ -4,17 +4,21 @@ describe "Admin::AbuseReports", feature: true, js: true  do
   let(:user) { create(:user) }
 
   context 'as an admin' do
+    before do
+      login_as :admin
+    end
+
     describe 'if a user has been reported for abuse' do
-      before do
-        create(:abuse_report, user: user)
-        login_as :admin
-      end
+      let!(:abuse_report) { create(:abuse_report, user: user) }
 
       describe 'in the abuse report view' do
-        it "presents a link to the user's profile" do
+        it 'presents information about abuse report' do
           visit admin_abuse_reports_path
 
-          expect(page).to have_link user.name, href: user_path(user)
+          expect(page).to have_content('Abuse Reports')
+          expect(page).to have_content(abuse_report.message)
+          expect(page).to have_link(user.name, href: user_path(user))
+          expect(page).to have_link('Remove user')
         end
       end
 
diff --git a/spec/features/admin/admin_active_tab_spec.rb b/spec/features/admin/admin_active_tab_spec.rb
new file mode 100644
index 00000000000..16064d60ce2
--- /dev/null
+++ b/spec/features/admin/admin_active_tab_spec.rb
@@ -0,0 +1,90 @@
+require 'spec_helper'
+
+RSpec.describe 'admin active tab' do
+  before do
+    login_as :admin
+  end
+
+  shared_examples 'page has active tab' do |title|
+    it "activates #{title} tab" do
+      expect(page).to have_selector('.layout-nav .nav-links > li.active', count: 1)
+      expect(page.find('.layout-nav li.active')).to have_content(title)
+    end
+  end
+
+  shared_examples 'page has active sub tab' do |title|
+    it "activates #{title} sub tab" do
+      expect(page).to have_selector('.sub-nav li.active', count: 1)
+      expect(page.find('.sub-nav li.active')).to have_content(title)
+    end
+  end
+
+  context 'on home page' do
+    before do
+      visit admin_root_path
+    end
+
+    it_behaves_like 'page has active tab', 'Overview'
+  end
+
+  context 'on projects' do
+    before do
+      visit admin_projects_path
+    end
+
+    it_behaves_like 'page has active tab', 'Overview'
+    it_behaves_like 'page has active sub tab', 'Projects'
+  end
+
+  context 'on groups' do
+    before do
+      visit admin_groups_path
+    end
+
+    it_behaves_like 'page has active tab', 'Overview'
+    it_behaves_like 'page has active sub tab', 'Groups'
+  end
+
+  context 'on users' do
+    before do
+      visit admin_users_path
+    end
+
+    it_behaves_like 'page has active tab', 'Overview'
+    it_behaves_like 'page has active sub tab', 'Users'
+  end
+
+  context 'on logs' do
+    before do
+      visit admin_logs_path
+    end
+
+    it_behaves_like 'page has active tab', 'Monitoring'
+    it_behaves_like 'page has active sub tab', 'Logs'
+  end
+
+  context 'on messages' do
+    before do
+      visit admin_broadcast_messages_path
+    end
+
+    it_behaves_like 'page has active tab', 'Messages'
+  end
+
+  context 'on hooks' do
+    before do
+      visit admin_hooks_path
+    end
+
+    it_behaves_like 'page has active tab', 'Hooks'
+  end
+
+  context 'on background jobs' do
+    before do
+      visit admin_background_jobs_path
+    end
+
+    it_behaves_like 'page has active tab', 'Monitoring'
+    it_behaves_like 'page has active sub tab', 'Background Jobs'
+  end
+end
diff --git a/spec/features/admin/admin_browse_spam_logs_spec.rb b/spec/features/admin/admin_browse_spam_logs_spec.rb
new file mode 100644
index 00000000000..562ace92598
--- /dev/null
+++ b/spec/features/admin/admin_browse_spam_logs_spec.rb
@@ -0,0 +1,22 @@
+require 'spec_helper'
+
+describe 'Admin browse spam logs' do
+  let!(:spam_log) { create(:spam_log) }
+
+  before do
+    login_as :admin
+  end
+
+  scenario 'Browse spam logs' do
+    visit admin_spam_logs_path
+
+    expect(page).to have_content('Spam Logs')
+    expect(page).to have_content(spam_log.source_ip)
+    expect(page).to have_content(spam_log.noteable_type)
+    expect(page).to have_content('N')
+    expect(page).to have_content(spam_log.title)
+    expect(page).to have_content("#{spam_log.description[0...97]}...")
+    expect(page).to have_link('Remove user')
+    expect(page).to have_link('Block user')
+  end
+end
diff --git a/spec/features/admin/admin_browses_logs_spec.rb b/spec/features/admin/admin_browses_logs_spec.rb
new file mode 100644
index 00000000000..d880f3f07db
--- /dev/null
+++ b/spec/features/admin/admin_browses_logs_spec.rb
@@ -0,0 +1,15 @@
+require 'spec_helper'
+
+describe 'Admin browses logs' do
+  before do
+    login_as :admin
+  end
+
+  it 'shows available log files' do
+    visit admin_logs_path
+
+    expect(page).to have_content 'test.log'
+    expect(page).to have_content 'githost.log'
+    expect(page).to have_content 'application.log'
+  end
+end
diff --git a/spec/features/admin/admin_groups_spec.rb b/spec/features/admin/admin_groups_spec.rb
new file mode 100644
index 00000000000..0aa01fc499a
--- /dev/null
+++ b/spec/features/admin/admin_groups_spec.rb
@@ -0,0 +1,35 @@
+require 'spec_helper'
+
+feature 'Admin Groups', feature: true do
+  let(:internal) { Gitlab::VisibilityLevel::INTERNAL }
+
+  before do
+    login_as(:admin)
+
+    stub_application_setting(default_group_visibility: internal)
+  end
+
+  describe 'create a group' do
+    scenario 'shows the visibility level radio populated with the default value' do
+      visit new_admin_group_path
+
+      expect_selected_visibility(internal)
+    end
+  end
+
+  describe 'group edit' do
+    scenario 'shows the visibility level radio populated with the group visibility_level value' do
+      group = create(:group, :private)
+
+      visit admin_group_edit_path(group)
+
+      expect_selected_visibility(group.visibility_level)
+    end
+  end
+
+  def expect_selected_visibility(level)
+    selector = "#group_visibility_level_#{level}[checked=checked]"
+
+    expect(page).to have_selector(selector, count: 1)
+  end
+end
diff --git a/spec/features/admin/admin_hooks_spec.rb b/spec/features/admin/admin_hooks_spec.rb
index b3ce72b1452..f246997d5a2 100644
--- a/spec/features/admin/admin_hooks_spec.rb
+++ b/spec/features/admin/admin_hooks_spec.rb
@@ -26,16 +26,17 @@ describe "Admin::Hooks", feature: true do
   end
 
   describe "New Hook" do
-    before do
-      @url = FFaker::Internet.uri("http")
+    let(:url) { FFaker::Internet.uri('http') }
+
+    it 'adds new hook' do
       visit admin_hooks_path
-      fill_in "hook_url", with: @url
-      expect { click_button "Add System Hook" }.to change(SystemHook, :count).by(1)
-    end
+      fill_in 'hook_url', with: url
+      check 'Enable SSL verification'
 
-    it "opens new hook popup" do
+      expect { click_button 'Add System Hook' }.to change(SystemHook, :count).by(1)
+      expect(page).to have_content 'SSL Verification: enabled'
       expect(current_path).to eq(admin_hooks_path)
-      expect(page).to have_content(@url)
+      expect(page).to have_content(url)
     end
   end
 
diff --git a/spec/features/admin/admin_projects_spec.rb b/spec/features/admin/admin_projects_spec.rb
index 30ded9202a4..a36bfd574cb 100644
--- a/spec/features/admin/admin_projects_spec.rb
+++ b/spec/features/admin/admin_projects_spec.rb
@@ -8,11 +8,11 @@ describe "Admin::Projects", feature: true  do
 
   describe "GET /admin/projects" do
     before do
-      visit admin_namespaces_projects_path
+      visit admin_projects_path
     end
 
     it "is ok" do
-      expect(current_path).to eq(admin_namespaces_projects_path)
+      expect(current_path).to eq(admin_projects_path)
     end
 
     it "has projects list" do
@@ -22,7 +22,7 @@ describe "Admin::Projects", feature: true  do
 
   describe "GET /admin/projects/:id" do
     before do
-      visit admin_namespaces_projects_path
+      visit admin_projects_path
       click_link "#{@project.name}"
     end
 
diff --git a/spec/features/admin/admin_settings_spec.rb b/spec/features/admin/admin_settings_spec.rb
new file mode 100644
index 00000000000..8cd66f189be
--- /dev/null
+++ b/spec/features/admin/admin_settings_spec.rb
@@ -0,0 +1,53 @@
+require 'spec_helper'
+
+feature 'Admin updates settings', feature: true do
+  before(:each) do
+    login_as :admin
+    visit admin_application_settings_path
+  end
+
+  scenario 'Change application settings' do
+    uncheck 'Gravatar enabled'
+    fill_in 'Home page URL', with: 'https://about.gitlab.com/'
+    fill_in 'Help page text', with: 'Example text'
+    click_button 'Save'
+
+    expect(current_application_settings.gravatar_enabled).to be_falsey
+    expect(current_application_settings.home_page_url).to eq "https://about.gitlab.com/"
+    expect(page).to have_content "Application settings saved successfully"
+  end
+
+  scenario 'Change Slack Service template settings' do
+    click_link 'Service Templates'
+    click_link 'Slack'
+    fill_in 'Webhook', with: 'http://localhost'
+    fill_in 'Username', with: 'test_user'
+    fill_in 'service_push_channel', with: '#test_channel'
+    page.check('Notify only broken builds')
+
+    check_all_events
+    click_on 'Save'
+
+    expect(page).to have_content 'Application settings saved successfully'
+
+    click_link 'Slack'
+
+    page.all('input[type=checkbox]').each do |checkbox|
+      expect(checkbox).to be_checked
+    end
+    expect(find_field('Webhook').value).to eq 'http://localhost'
+    expect(find_field('Username').value).to eq 'test_user'
+    expect(find('#service_push_channel').value).to eq '#test_channel'
+  end
+
+  def check_all_events
+    page.check('Active')
+    page.check('Push')
+    page.check('Tag push')
+    page.check('Note')
+    page.check('Issue')
+    page.check('Merge request')
+    page.check('Build')
+    page.check('Pipeline')
+  end
+end
diff --git a/spec/features/admin/admin_users_spec.rb b/spec/features/admin/admin_users_spec.rb
index cb3191dfdde..e31325ce47b 100644
--- a/spec/features/admin/admin_users_spec.rb
+++ b/spec/features/admin/admin_users_spec.rb
@@ -225,4 +225,32 @@ describe "Admin::Users", feature: true  do
       end
     end
   end
+
+  describe "GET /admin/users/:id/projects" do
+    before do
+      @group = create(:group)
+      @project = create(:project, group: @group)
+      @simple_user = create(:user)
+      @group.add_developer(@simple_user)
+
+      visit projects_admin_user_path(@simple_user)
+    end
+
+    it "lists group projects" do
+      within(:css, '.append-bottom-default + .panel') do
+        expect(page).to have_content 'Group projects'
+        expect(page).to have_link @group.name, admin_group_path(@group)
+      end
+    end
+
+    it 'allows navigation to the group details' do
+      within(:css, '.append-bottom-default + .panel') do
+        click_link @group.name
+      end
+      within(:css, 'h3.page-title') do
+        expect(page).to have_content "Group: #{@group.name}"
+      end
+      expect(page).to have_content @project.name
+    end
+  end
 end
diff --git a/spec/features/boards/boards_spec.rb b/spec/features/boards/boards_spec.rb
index 6cb8753e8fc..973d5b286e9 100644
--- a/spec/features/boards/boards_spec.rb
+++ b/spec/features/boards/boards_spec.rb
@@ -158,7 +158,7 @@ describe 'Issue Boards', feature: true, js: true do
     end
 
     it 'removes checkmark in new list dropdown after deleting' do
-      click_button 'Create new list'
+      click_button 'Add list'
       wait_for_ajax
 
       page.within(find('.board:nth-child(2)')) do
@@ -304,7 +304,7 @@ describe 'Issue Boards', feature: true, js: true do
 
       context 'new list' do
         it 'shows all labels in new list dropdown' do
-          click_button 'Create new list'
+          click_button 'Add list'
           wait_for_ajax
 
           page.within('.dropdown-menu-issues-board-new') do
@@ -315,7 +315,7 @@ describe 'Issue Boards', feature: true, js: true do
         end
 
         it 'creates new list for label' do
-          click_button 'Create new list'
+          click_button 'Add list'
           wait_for_ajax
 
           page.within('.dropdown-menu-issues-board-new') do
@@ -328,7 +328,7 @@ describe 'Issue Boards', feature: true, js: true do
         end
 
         it 'creates new list for Backlog label' do
-          click_button 'Create new list'
+          click_button 'Add list'
           wait_for_ajax
 
           page.within('.dropdown-menu-issues-board-new') do
@@ -341,7 +341,7 @@ describe 'Issue Boards', feature: true, js: true do
         end
 
         it 'creates new list for Done label' do
-          click_button 'Create new list'
+          click_button 'Add list'
           wait_for_ajax
 
           page.within('.dropdown-menu-issues-board-new') do
@@ -354,7 +354,7 @@ describe 'Issue Boards', feature: true, js: true do
         end
 
         it 'keeps dropdown open after adding new list' do
-          click_button 'Create new list'
+          click_button 'Add list'
           wait_for_ajax
 
           page.within('.dropdown-menu-issues-board-new') do
@@ -369,7 +369,7 @@ describe 'Issue Boards', feature: true, js: true do
         it 'moves issues from backlog into new list' do
           wait_for_board_cards(1, 6)
 
-          click_button 'Create new list'
+          click_button 'Add list'
           wait_for_ajax
 
           page.within('.dropdown-menu-issues-board-new') do
@@ -382,7 +382,7 @@ describe 'Issue Boards', feature: true, js: true do
         end
 
         it 'creates new list from a new label' do
-          click_button 'Create new list'
+          click_button 'Add list'
 
           wait_for_ajax
 
@@ -659,6 +659,10 @@ describe 'Issue Boards', feature: true, js: true do
       wait_for_vue_resource
     end
 
+    it 'displays lists' do
+      expect(page).to have_selector('.board')
+    end
+
     it 'does not show create new list' do
       expect(page).not_to have_selector('.js-new-board-list')
     end
diff --git a/spec/features/boards/new_issue_spec.rb b/spec/features/boards/new_issue_spec.rb
index 760a8967123..a03cd6fbf2d 100644
--- a/spec/features/boards/new_issue_spec.rb
+++ b/spec/features/boards/new_issue_spec.rb
@@ -46,7 +46,7 @@ describe 'Issue Boards new issue', feature: true, js: true do
 
         click_button 'Cancel'
 
-        expect(page).to have_selector('.board-new-issue-form', visible: false)
+        expect(page).not_to have_selector('.board-new-issue-form')
       end
     end
 
diff --git a/spec/features/boards/sidebar_spec.rb b/spec/features/boards/sidebar_spec.rb
index f160052a844..c16aafa1470 100644
--- a/spec/features/boards/sidebar_spec.rb
+++ b/spec/features/boards/sidebar_spec.rb
@@ -304,8 +304,8 @@ describe 'Issue Boards', feature: true, js: true do
 
       page.within('.subscription') do
         click_button 'Subscribe'
-
-        expect(page).to have_content("You're receiving notifications because you're subscribed to this thread.")
+        wait_for_ajax
+        expect(page).to have_content("Unsubscribe")
       end
     end
   end
diff --git a/spec/features/calendar_spec.rb b/spec/features/calendar_spec.rb
index 7fa0c95cae2..3e0b6364e0d 100644
--- a/spec/features/calendar_spec.rb
+++ b/spec/features/calendar_spec.rb
@@ -52,6 +52,10 @@ feature 'Contributions Calendar', js: true, feature: true do
     Event.create(push_params)
   end
 
+  def get_first_cell_content
+    find('.user-calendar-activities').text
+  end
+
   before do
     login_as :user
     visit @user.username
@@ -62,6 +66,43 @@ feature 'Contributions Calendar', js: true, feature: true do
     expect(page).to have_css('.js-contrib-calendar')
   end
 
+  describe 'select calendar day', js: true do
+    let(:cells) { page.all('.user-contrib-cell') }
+    let(:first_cell_content_before) { get_first_cell_content }
+
+    before do
+      cells[0].click
+      wait_for_ajax
+      first_cell_content_before
+    end
+
+    it 'displays calendar day activities', js: true do
+      expect(get_first_cell_content).not_to eq('')
+    end
+
+    describe 'select another calendar day', js: true do
+      before do
+        cells[1].click
+        wait_for_ajax
+      end
+
+      it 'displays different calendar day activities', js: true do
+        expect(get_first_cell_content).not_to eq(first_cell_content_before)
+      end
+    end
+
+    describe 'deselect calendar day', js: true do
+      before do
+        cells[0].click
+        wait_for_ajax
+      end
+
+      it 'hides calendar day activities', js: true do
+        expect(get_first_cell_content).to eq('')
+      end
+    end
+  end
+
   describe '1 calendar activity' do
     before do
       Issues::CreateService.new(contributed_project, @user, issue_params).execute
diff --git a/spec/features/commits_spec.rb b/spec/features/commits_spec.rb
index 44646ffc602..8f561c8f90b 100644
--- a/spec/features/commits_spec.rb
+++ b/spec/features/commits_spec.rb
@@ -107,7 +107,7 @@ describe 'Commits' do
         describe 'Cancel build' do
           it 'cancels build' do
             visit ci_status_path(pipeline)
-            click_on 'Cancel'
+            find('a.btn[title="Cancel"]').click
             expect(page).to have_content 'canceled'
           end
         end
@@ -177,4 +177,23 @@ describe 'Commits' do
       end
     end
   end
+
+  context 'viewing commits for a branch' do
+    let(:branch_name) { 'master' }
+    let(:user) { create(:user) }
+
+    before do
+      project.team << [user, :master]
+      login_with(user)
+      visit namespace_project_commits_path(project.namespace, project, branch_name)
+    end
+
+    it 'includes the committed_date for each commit' do
+      commits = project.repository.commits(branch_name)
+
+      commits.each do |commit|
+        expect(page).to have_content("committed #{commit.committed_date}")
+      end
+    end
+  end
 end
diff --git a/spec/features/dashboard/datetime_on_tooltips_spec.rb b/spec/features/dashboard/datetime_on_tooltips_spec.rb
index 365cb445df1..44dfc2dff45 100644
--- a/spec/features/dashboard/datetime_on_tooltips_spec.rb
+++ b/spec/features/dashboard/datetime_on_tooltips_spec.rb
@@ -36,7 +36,7 @@ feature 'Tooltips on .timeago dates', feature: true, js: true do
       visit user_snippets_path(user)
       wait_for_ajax()
 
-      page.find('.js-timeago').hover
+      page.find('.js-timeago.snippet-created-ago').hover
     end
 
     it 'has the datetime formated correctly' do
diff --git a/spec/features/dashboard/issuables_counter_spec.rb b/spec/features/dashboard/issuables_counter_spec.rb
new file mode 100644
index 00000000000..41dcfe439c2
--- /dev/null
+++ b/spec/features/dashboard/issuables_counter_spec.rb
@@ -0,0 +1,44 @@
+require 'spec_helper'
+
+describe 'Navigation bar counter', feature: true, js: true, caching: true do
+  let(:user) { create(:user) }
+  let(:project) { create(:empty_project, namespace: user.namespace) }
+  let(:issue) { create(:issue, project: project) }
+  let(:merge_request) { create(:merge_request, source_project: project) }
+
+  before do
+    issue.update(assignee: user)
+    merge_request.update(assignee: user)
+    login_as(user)
+  end
+
+  it 'reflects dashboard issues count' do
+    visit issues_dashboard_path
+
+    expect_counters('issues', '1')
+
+    issue.update(assignee: nil)
+    visit issues_dashboard_path
+
+    expect_counters('issues', '1')
+  end
+
+  it 'reflects dashboard merge requests count' do
+    visit merge_requests_dashboard_path
+
+    expect_counters('merge_requests', '1')
+
+    merge_request.update(assignee: nil)
+    visit merge_requests_dashboard_path
+
+    expect_counters('merge_requests', '1')
+  end
+
+  def expect_counters(issuable_type, count)
+    dashboard_count = find('li.active span.badge')
+    nav_count = find(".dashboard-shortcuts-#{issuable_type} span.count")
+
+    expect(nav_count).to have_content(count)
+    expect(dashboard_count).to have_content(count)
+  end
+end
diff --git a/spec/features/environment_spec.rb b/spec/features/environment_spec.rb
new file mode 100644
index 00000000000..0c1939fd885
--- /dev/null
+++ b/spec/features/environment_spec.rb
@@ -0,0 +1,161 @@
+require 'spec_helper'
+
+feature 'Environment', :feature do
+  given(:project) { create(:empty_project) }
+  given(:user) { create(:user) }
+  given(:role) { :developer }
+
+  background do
+    login_as(user)
+    project.team << [user, role]
+  end
+
+  feature 'environment details page' do
+    given!(:environment) { create(:environment, project: project) }
+    given!(:deployment) { }
+    given!(:manual) { }
+
+    before do
+      visit_environment(environment)
+    end
+
+    context 'without deployments' do
+      scenario 'does show no deployments' do
+        expect(page).to have_content('You don\'t have any deployments right now.')
+      end
+    end
+
+    context 'with deployments' do
+      context 'when there is no related deployable' do
+        given(:deployment) do
+          create(:deployment, environment: environment, deployable: nil)
+        end
+
+        scenario 'does show deployment SHA' do
+          expect(page).to have_link(deployment.short_sha)
+        end
+
+        scenario 'does not show a re-deploy button for deployment without build' do
+          expect(page).not_to have_link('Re-deploy')
+        end
+      end
+
+      context 'with related deployable present' do
+        given(:pipeline) { create(:ci_pipeline, project: project) }
+        given(:build) { create(:ci_build, pipeline: pipeline) }
+
+        given(:deployment) do
+          create(:deployment, environment: environment, deployable: build)
+        end
+
+        scenario 'does show build name' do
+          expect(page).to have_link("#{build.name} (##{build.id})")
+        end
+
+        scenario 'does show re-deploy button' do
+          expect(page).to have_link('Re-deploy')
+        end
+
+        scenario 'does not show stop button' do
+          expect(page).not_to have_link('Stop')
+        end
+
+        context 'with manual action' do
+          given(:manual) { create(:ci_build, :manual, pipeline: pipeline, name: 'deploy to production') }
+
+          scenario 'does show a play button' do
+            expect(page).to have_link(manual.name.humanize)
+          end
+
+          scenario 'does allow to play manual action' do
+            expect(manual).to be_skipped
+            expect{ click_link(manual.name.humanize) }.not_to change { Ci::Pipeline.count }
+            expect(page).to have_content(manual.name)
+            expect(manual.reload).to be_pending
+          end
+
+          context 'with external_url' do
+            given(:environment) { create(:environment, project: project, external_url: 'https://git.gitlab.com') }
+            given(:build) { create(:ci_build, pipeline: pipeline) }
+            given(:deployment) { create(:deployment, environment: environment, deployable: build) }
+
+            scenario 'does show an external link button' do
+              expect(page).to have_link(nil, href: environment.external_url)
+            end
+          end
+
+          context 'with stop action' do
+            given(:manual) { create(:ci_build, :manual, pipeline: pipeline, name: 'close_app') }
+            given(:deployment) { create(:deployment, environment: environment, deployable: build, on_stop: 'close_app') }
+
+            scenario 'does show stop button' do
+              expect(page).to have_link('Stop')
+            end
+
+            scenario 'does allow to stop environment' do
+              click_link('Stop')
+
+              expect(page).to have_content('close_app')
+            end
+
+            context 'for reporter' do
+              let(:role) { :reporter }
+
+              scenario 'does not show stop button' do
+                expect(page).not_to have_link('Stop')
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+
+  feature 'auto-close environment when branch is deleted' do
+    given(:project) { create(:project) }
+
+    given!(:environment) do
+      create(:environment, :with_review_app, project: project,
+                                             ref: 'feature')
+    end
+
+    scenario 'user visits environment page' do
+      visit_environment(environment)
+
+      expect(page).to have_link('Stop')
+    end
+
+    scenario 'user deletes the branch with running environment' do
+      visit namespace_project_branches_path(project.namespace, project)
+
+      remove_branch_with_hooks(project, user, 'feature') do
+        page.within('.js-branch-feature') { find('a.btn-remove').click }
+      end
+
+      visit_environment(environment)
+
+      expect(page).to have_no_link('Stop')
+    end
+
+    ##
+    # This is a workaround for problem described in #24543
+    #
+    def remove_branch_with_hooks(project, user, branch)
+      params = {
+        oldrev: project.commit(branch).id,
+        newrev: Gitlab::Git::BLANK_SHA,
+        ref: "refs/heads/#{branch}"
+      }
+
+      yield
+
+      GitPushService.new(project, user, params).execute
+    end
+  end
+
+  def visit_environment(environment)
+    visit namespace_project_environment_path(environment.project.namespace,
+                                             environment.project,
+                                             environment)
+  end
+end
diff --git a/spec/features/environments_spec.rb b/spec/features/environments_spec.rb
index b565586ee14..e1b97b31e5d 100644
--- a/spec/features/environments_spec.rb
+++ b/spec/features/environments_spec.rb
@@ -1,228 +1,147 @@
 require 'spec_helper'
 
-feature 'Environments', feature: true do
+feature 'Environments page', :feature, :js do
   given(:project) { create(:empty_project) }
   given(:user) { create(:user) }
   given(:role) { :developer }
 
   background do
-    login_as(user)
     project.team << [user, role]
+    login_as(user)
   end
 
-  describe 'when showing environments' do
-    given!(:environment) { }
-    given!(:deployment) { }
-    given!(:manual) { }
-
-    before do
-      visit namespace_project_environments_path(project.namespace, project)
-    end
+  given!(:environment) { }
+  given!(:deployment) { }
+  given!(:manual) { }
 
-    context 'shows two tabs' do
-      scenario 'shows "Available" and "Stopped" tab with links' do
-        expect(page).to have_link('Available')
-        expect(page).to have_link('Stopped')
-      end
-    end
-
-    context 'without environments' do
-      scenario 'does show no environments' do
-        expect(page).to have_content('You don\'t have any environments right now.')
-      end
+  before do
+    visit_environments(project)
+  end
 
-      scenario 'does show 0 as counter for environments in both tabs' do
-        expect(page.find('.js-available-environments-count').text).to eq('0')
-        expect(page.find('.js-stopped-environments-count').text).to eq('0')
-      end
+  describe 'page tabs' do
+    scenario 'shows "Available" and "Stopped" tab with links' do
+      expect(page).to have_link('Available')
+      expect(page).to have_link('Stopped')
     end
+  end
 
-    context 'with environments' do
-      given(:environment) { create(:environment, project: project) }
-
-      scenario 'does show environment name' do
-        expect(page).to have_link(environment.name)
-      end
-
-      scenario 'does show number of available and stopped environments' do
-        expect(page.find('.js-available-environments-count').text).to eq('1')
-        expect(page.find('.js-stopped-environments-count').text).to eq('0')
-      end
-
-      context 'without deployments' do
-        scenario 'does show no deployments' do
-          expect(page).to have_content('No deployments yet')
-        end
-      end
-
-      context 'with deployments' do
-        given(:deployment) { create(:deployment, environment: environment) }
-
-        scenario 'does show deployment SHA' do
-          expect(page).to have_link(deployment.short_sha)
-        end
-
-        scenario 'does show deployment internal id' do
-          expect(page).to have_content(deployment.iid)
-        end
-
-        context 'with build and manual actions' do
-          given(:pipeline) { create(:ci_pipeline, project: project) }
-          given(:build) { create(:ci_build, pipeline: pipeline) }
-          given(:deployment) { create(:deployment, environment: environment, deployable: build) }
-          given(:manual) { create(:ci_build, :manual, pipeline: pipeline, name: 'deploy to production') }
-
-          scenario 'does show a play button' do
-            expect(page).to have_link(manual.name.humanize)
-          end
-
-          scenario 'does allow to play manual action' do
-            expect(manual).to be_skipped
-            expect{ click_link(manual.name.humanize) }.not_to change { Ci::Pipeline.count }
-            expect(page).to have_content(manual.name)
-            expect(manual.reload).to be_pending
-          end
-
-          scenario 'does show build name and id' do
-            expect(page).to have_link("#{build.name} (##{build.id})")
-          end
-
-          scenario 'does not show stop button' do
-            expect(page).not_to have_selector('.stop-env-link')
-          end
-
-          scenario 'does not show external link button' do
-            expect(page).not_to have_css('external-url')
-          end
-
-          context 'with external_url' do
-            given(:environment) { create(:environment, project: project, external_url: 'https://git.gitlab.com') }
-            given(:build) { create(:ci_build, pipeline: pipeline) }
-            given(:deployment) { create(:deployment, environment: environment, deployable: build) }
-
-            scenario 'does show an external link button' do
-              expect(page).to have_link(nil, href: environment.external_url)
-            end
-          end
-
-          context 'with stop action' do
-            given(:manual) { create(:ci_build, :manual, pipeline: pipeline, name: 'close_app') }
-            given(:deployment) { create(:deployment, environment: environment, deployable: build, on_stop: 'close_app') }
-
-            scenario 'does show stop button' do
-              expect(page).to have_selector('.stop-env-link')
-            end
-
-            scenario 'starts build when stop button clicked' do
-              first('.stop-env-link').click
-
-              expect(page).to have_content('close_app')
-            end
-
-            context 'for reporter' do
-              let(:role) { :reporter }
-
-              scenario 'does not show stop button' do
-                expect(page).not_to have_selector('.stop-env-link')
-              end
-            end
-          end
-        end
-      end
+  context 'without environments' do
+    scenario 'does show no environments' do
+      expect(page).to have_content('You don\'t have any environments right now.')
     end
 
-    scenario 'does have a New environment button' do
-      expect(page).to have_link('New environment')
+    scenario 'does show 0 as counter for environments in both tabs' do
+      expect(page.find('.js-available-environments-count').text).to eq('0')
+      expect(page.find('.js-stopped-environments-count').text).to eq('0')
     end
   end
 
   describe 'when showing the environment' do
     given(:environment) { create(:environment, project: project) }
-    given!(:deployment) { }
-    given!(:manual) { }
 
-    before do
-      visit namespace_project_environment_path(project.namespace, project, environment)
+    scenario 'does show environment name' do
+      expect(page).to have_link(environment.name)
+    end
+
+    scenario 'does show number of available and stopped environments' do
+      expect(page.find('.js-available-environments-count').text).to eq('1')
+      expect(page.find('.js-stopped-environments-count').text).to eq('0')
     end
 
     context 'without deployments' do
       scenario 'does show no deployments' do
-        expect(page).to have_content('You don\'t have any deployments right now.')
+        expect(page).to have_content('No deployments yet')
       end
     end
 
     context 'with deployments' do
-      given(:deployment) { create(:deployment, environment: environment) }
+      given(:project) { create(:project) }
+
+      given(:deployment) do
+        create(:deployment, environment: environment,
+                            sha: project.commit.id)
+      end
 
       scenario 'does show deployment SHA' do
         expect(page).to have_link(deployment.short_sha)
       end
 
-      scenario 'does not show a re-deploy button for deployment without build' do
-        expect(page).not_to have_link('Re-deploy')
+      scenario 'does show deployment internal id' do
+        expect(page).to have_content(deployment.iid)
       end
 
-      context 'with build' do
+      context 'with build and manual actions' do
         given(:pipeline) { create(:ci_pipeline, project: project) }
         given(:build) { create(:ci_build, pipeline: pipeline) }
-        given(:deployment) { create(:deployment, environment: environment, deployable: build) }
 
-        scenario 'does show build name' do
-          expect(page).to have_link("#{build.name} (##{build.id})")
+        given(:manual) do
+          create(:ci_build, :manual, pipeline: pipeline, name: 'deploy to production')
         end
 
-        scenario 'does show re-deploy button' do
-          expect(page).to have_link('Re-deploy')
+        given(:deployment) do
+          create(:deployment, environment: environment,
+                              deployable: build,
+                              sha: project.commit.id)
         end
 
-        scenario 'does not show stop button' do
-          expect(page).not_to have_link('Stop')
+        scenario 'does show a play button' do
+          find('.js-dropdown-play-icon-container').click
+          expect(page).to have_content(manual.name.humanize)
         end
 
-        context 'with manual action' do
-          given(:manual) { create(:ci_build, :manual, pipeline: pipeline, name: 'deploy to production') }
+        scenario 'does allow to play manual action', js: true do
+          expect(manual).to be_skipped
 
-          scenario 'does show a play button' do
-            expect(page).to have_link(manual.name.humanize)
-          end
+          find('.js-dropdown-play-icon-container').click
+          expect(page).to have_content(manual.name.humanize)
 
-          scenario 'does allow to play manual action' do
-            expect(manual).to be_skipped
-            expect{ click_link(manual.name.humanize) }.not_to change { Ci::Pipeline.count }
-            expect(page).to have_content(manual.name)
-            expect(manual.reload).to be_pending
-          end
+          expect { click_link(manual.name.humanize) }
+            .not_to change { Ci::Pipeline.count }
 
-          context 'with external_url' do
-            given(:environment) { create(:environment, project: project, external_url: 'https://git.gitlab.com') }
-            given(:build) { create(:ci_build, pipeline: pipeline) }
-            given(:deployment) { create(:deployment, environment: environment, deployable: build) }
+          expect(manual.reload).to be_pending
+        end
 
-            scenario 'does show an external link button' do
-              expect(page).to have_link(nil, href: environment.external_url)
-            end
+        scenario 'does show build name and id' do
+          expect(page).to have_link("#{build.name} ##{build.id}")
+        end
+
+        scenario 'does not show stop button' do
+          expect(page).not_to have_selector('.stop-env-link')
+        end
+
+        scenario 'does not show external link button' do
+          expect(page).not_to have_css('external-url')
+        end
+
+        context 'with external_url' do
+          given(:environment) { create(:environment, project: project, external_url: 'https://git.gitlab.com') }
+          given(:build) { create(:ci_build, pipeline: pipeline) }
+          given(:deployment) { create(:deployment, environment: environment, deployable: build) }
+
+          scenario 'does show an external link button' do
+            expect(page).to have_link(nil, href: environment.external_url)
           end
+        end
 
-          context 'with stop action' do
-            given(:manual) { create(:ci_build, :manual, pipeline: pipeline, name: 'close_app') }
-            given(:deployment) { create(:deployment, environment: environment, deployable: build, on_stop: 'close_app') }
+        context 'with stop action' do
+          given(:manual) { create(:ci_build, :manual, pipeline: pipeline, name: 'close_app') }
+          given(:deployment) { create(:deployment, environment: environment, deployable: build, on_stop: 'close_app') }
 
-            scenario 'does show stop button' do
-              expect(page).to have_link('Stop')
-            end
+          scenario 'does show stop button' do
+            expect(page).to have_selector('.stop-env-link')
+          end
 
-            scenario 'does allow to stop environment' do
-              click_link('Stop')
+          scenario 'starts build when stop button clicked' do
+            find('.stop-env-link').click
 
-              expect(page).to have_content('close_app')
-            end
+            expect(page).to have_content('close_app')
+          end
 
-            context 'for reporter' do
-              let(:role) { :reporter }
+          context 'for reporter' do
+            let(:role) { :reporter }
 
-              scenario 'does not show stop button' do
-                expect(page).not_to have_link('Stop')
-              end
+            scenario 'does not show stop button' do
+              expect(page).not_to have_selector('.stop-env-link')
             end
           end
         end
@@ -230,9 +149,13 @@ feature 'Environments', feature: true do
     end
   end
 
+  scenario 'does have a New environment button' do
+    expect(page).to have_link('New environment')
+  end
+
   describe 'when creating a new environment' do
     before do
-      visit namespace_project_environments_path(project.namespace, project)
+      visit_environments(project)
     end
 
     context 'when logged as developer' do
@@ -271,4 +194,8 @@ feature 'Environments', feature: true do
       end
     end
   end
+
+  def visit_environments(project)
+    visit namespace_project_environments_path(project.namespace, project)
+  end
 end
diff --git a/spec/features/expand_collapse_diffs_spec.rb b/spec/features/expand_collapse_diffs_spec.rb
index 6c938bdead8..3934c936f20 100644
--- a/spec/features/expand_collapse_diffs_spec.rb
+++ b/spec/features/expand_collapse_diffs_spec.rb
@@ -182,6 +182,20 @@ feature 'Expand and collapse diffs', js: true, feature: true do
         end
       end
     end
+
+    context 'expanding a diff when symlink was converted to a regular file' do
+      let(:branch) { 'symlink-expand-diff' }
+
+      it 'shows the content of the regular file' do
+        expect(page).to have_content('This diff is collapsed')
+        expect(page).to have_no_content('No longer a symlink')
+
+        find('.click-to-expand').click
+        wait_for_ajax
+
+        expect(page).to have_content('No longer a symlink')
+      end
+    end
   end
 
   context 'visiting a commit without collapsed diffs' do
diff --git a/spec/features/global_search_spec.rb b/spec/features/global_search_spec.rb
new file mode 100644
index 00000000000..f6409e00f22
--- /dev/null
+++ b/spec/features/global_search_spec.rb
@@ -0,0 +1,28 @@
+require 'spec_helper'
+
+feature 'Global search', feature: true do
+  let(:user) { create(:user) }
+  let(:project) { create(:project, namespace: user.namespace) }
+
+  before do
+    project.team << [user, :master]
+    login_with(user)
+  end
+
+  describe 'I search through the issues and I see pagination' do
+    before do
+      allow_any_instance_of(Gitlab::SearchResults).to receive(:per_page).and_return(1)
+      create_list(:issue, 2, project: project, title: 'initial')
+    end
+
+    it "has a pagination" do
+      visit dashboard_projects_path
+
+      fill_in "search", with: "initial"
+      click_button "Go"
+
+      select_filter("Issues")
+      expect(page).to have_selector('.gl-pagination .page', count: 2)
+    end
+  end
+end
diff --git a/spec/features/groups/issues_spec.rb b/spec/features/groups/issues_spec.rb
new file mode 100644
index 00000000000..476eca17a9d
--- /dev/null
+++ b/spec/features/groups/issues_spec.rb
@@ -0,0 +1,8 @@
+require 'spec_helper'
+
+feature 'Group issues page', feature: true do
+  let(:path) { issues_group_path(group) }
+  let(:issuable) { create(:issue, project: project, title: "this is my created issuable")}
+
+  include_examples 'project features apply to issuables', Issue
+end
diff --git a/spec/features/groups/labels/edit_spec.rb b/spec/features/groups/labels/edit_spec.rb
new file mode 100644
index 00000000000..69281cecb7b
--- /dev/null
+++ b/spec/features/groups/labels/edit_spec.rb
@@ -0,0 +1,21 @@
+require 'spec_helper'
+
+feature 'Edit group label', feature: true do
+  given(:user)  { create(:user) }
+  given(:group) { create(:group) }
+  given(:label) { create(:group_label, group: group) }
+
+  background do
+    group.add_owner(user)
+    login_as(user)
+    visit edit_group_label_path(group, label)
+  end
+
+  scenario 'update label with new title' do
+    fill_in 'label_title', with: 'new label name'
+    click_button 'Save changes'
+
+    expect(current_path).to eq(root_path)
+    expect(label.reload.title).to eq('new label name')
+  end
+end
diff --git a/spec/features/groups/members/last_owner_cannot_leave_group_spec.rb b/spec/features/groups/members/last_owner_cannot_leave_group_spec.rb
index 33bf6d3752f..be60b0489c7 100644
--- a/spec/features/groups/members/last_owner_cannot_leave_group_spec.rb
+++ b/spec/features/groups/members/last_owner_cannot_leave_group_spec.rb
@@ -10,7 +10,7 @@ feature 'Groups > Members > Last owner cannot leave group', feature: true do
     visit group_path(group)
   end
 
-  scenario 'user does not see a "Leave Group" link' do
-    expect(page).not_to have_content 'Leave Group'
+  scenario 'user does not see a "Leave group" link' do
+    expect(page).not_to have_content 'Leave group'
   end
 end
diff --git a/spec/features/groups/members/member_leaves_group_spec.rb b/spec/features/groups/members/member_leaves_group_spec.rb
index 3185ff924b9..ac4d94658ae 100644
--- a/spec/features/groups/members/member_leaves_group_spec.rb
+++ b/spec/features/groups/members/member_leaves_group_spec.rb
@@ -13,7 +13,7 @@ feature 'Groups > Members > Member leaves group', feature: true do
   end
 
   scenario 'user leaves group' do
-    click_link 'Leave Group'
+    click_link 'Leave group'
 
     expect(current_path).to eq(dashboard_groups_path)
     expect(group.users.exists?(user.id)).to be_falsey
diff --git a/spec/features/groups/members/owner_manages_access_requests_spec.rb b/spec/features/groups/members/owner_manages_access_requests_spec.rb
index d811b05b0c3..dbe150823ba 100644
--- a/spec/features/groups/members/owner_manages_access_requests_spec.rb
+++ b/spec/features/groups/members/owner_manages_access_requests_spec.rb
@@ -3,7 +3,7 @@ require 'spec_helper'
 feature 'Groups > Members > Owner manages access requests', feature: true do
   let(:user) { create(:user) }
   let(:owner) { create(:user) }
-  let(:group) { create(:group, :public) }
+  let(:group) { create(:group, :public, :access_requestable) }
 
   background do
     group.request_access(user)
diff --git a/spec/features/groups/members/sorting_spec.rb b/spec/features/groups/members/sorting_spec.rb
new file mode 100644
index 00000000000..608aedd3471
--- /dev/null
+++ b/spec/features/groups/members/sorting_spec.rb
@@ -0,0 +1,98 @@
+require 'spec_helper'
+
+feature 'Groups > Members > Sorting', feature: true do
+  let(:owner)     { create(:user, name: 'John Doe') }
+  let(:developer) { create(:user, name: 'Mary Jane', last_sign_in_at: 5.days.ago) }
+  let(:group)     { create(:group) }
+
+  background do
+    create(:group_member, :owner, user: owner, group: group, created_at: 5.days.ago)
+    create(:group_member, :developer, user: developer, group: group, created_at: 3.days.ago)
+
+    login_as(owner)
+  end
+
+  scenario 'sorts alphabetically by default' do
+    visit_members_list(sort: nil)
+
+    expect(first_member).to include(owner.name)
+    expect(second_member).to include(developer.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Name, ascending')
+  end
+
+  scenario 'sorts by access level ascending' do
+    visit_members_list(sort: :access_level_asc)
+
+    expect(first_member).to include(developer.name)
+    expect(second_member).to include(owner.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Access level, ascending')
+  end
+
+  scenario 'sorts by access level descending' do
+    visit_members_list(sort: :access_level_desc)
+
+    expect(first_member).to include(owner.name)
+    expect(second_member).to include(developer.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Access level, descending')
+  end
+
+  scenario 'sorts by last joined' do
+    visit_members_list(sort: :last_joined)
+
+    expect(first_member).to include(developer.name)
+    expect(second_member).to include(owner.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Last joined')
+  end
+
+  scenario 'sorts by oldest joined' do
+    visit_members_list(sort: :oldest_joined)
+
+    expect(first_member).to include(owner.name)
+    expect(second_member).to include(developer.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Oldest joined')
+  end
+
+  scenario 'sorts by name ascending' do
+    visit_members_list(sort: :name_asc)
+
+    expect(first_member).to include(owner.name)
+    expect(second_member).to include(developer.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Name, ascending')
+  end
+
+  scenario 'sorts by name descending' do
+    visit_members_list(sort: :name_desc)
+
+    expect(first_member).to include(developer.name)
+    expect(second_member).to include(owner.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Name, descending')
+  end
+
+  scenario 'sorts by recent sign in' do
+    visit_members_list(sort: :recent_sign_in)
+
+    expect(first_member).to include(owner.name)
+    expect(second_member).to include(developer.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Recent sign in')
+  end
+
+  scenario 'sorts by oldest sign in' do
+    visit_members_list(sort: :oldest_sign_in)
+
+    expect(first_member).to include(developer.name)
+    expect(second_member).to include(owner.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Oldest sign in')
+  end
+
+  def visit_members_list(sort:)
+    visit group_group_members_path(group.to_param, sort: sort)
+  end
+
+  def first_member
+    page.all('ul.content-list > li').first.text
+  end
+
+  def second_member
+    page.all('ul.content-list > li').last.text
+  end
+end
diff --git a/spec/features/groups/members/user_requests_access_spec.rb b/spec/features/groups/members/user_requests_access_spec.rb
index b3baa2ab57c..e4b5ea91bd3 100644
--- a/spec/features/groups/members/user_requests_access_spec.rb
+++ b/spec/features/groups/members/user_requests_access_spec.rb
@@ -3,7 +3,7 @@ require 'spec_helper'
 feature 'Groups > Members > User requests access', feature: true do
   let(:user) { create(:user) }
   let(:owner) { create(:user) }
-  let(:group) { create(:group, :public) }
+  let(:group) { create(:group, :public, :access_requestable) }
   let!(:project) { create(:project, :private, namespace: group) }
 
   background do
@@ -29,7 +29,7 @@ feature 'Groups > Members > User requests access', feature: true do
     expect(page).to have_content 'Your request for access has been queued for review.'
 
     expect(page).to have_content 'Withdraw Access Request'
-    expect(page).not_to have_content 'Leave Group'
+    expect(page).not_to have_content 'Leave group'
   end
 
   scenario 'user does not see private projects' do
diff --git a/spec/features/groups/merge_requests_spec.rb b/spec/features/groups/merge_requests_spec.rb
new file mode 100644
index 00000000000..30b80aa82b0
--- /dev/null
+++ b/spec/features/groups/merge_requests_spec.rb
@@ -0,0 +1,36 @@
+require 'spec_helper'
+
+feature 'Group merge requests page', feature: true do
+  let(:path) { merge_requests_group_path(group) }
+  let(:issuable) { create(:merge_request, source_project: project, target_project: project, title: 'this is my created issuable') }
+
+  include_examples 'project features apply to issuables', MergeRequest
+
+  context 'archived issuable' do
+    let(:project_archived) { create(:project, group: group, merge_requests_access_level: ProjectFeature::ENABLED, archived: true) }
+    let(:issuable_archived) { create(:merge_request, source_project: project_archived, target_project: project_archived, title: 'issuable of an archived project') }
+    let(:access_level) { ProjectFeature::ENABLED }
+    let(:user) { user_in_group }
+
+    before do
+      issuable_archived
+      visit path
+    end
+
+    it 'hides archived merge requests' do
+      expect(page).to have_content(issuable.title)
+      expect(page).not_to have_content(issuable_archived.title)
+    end
+
+    it 'ignores archived merge request count badges in navbar' do
+      expect( page.find('[title="Merge Requests"] span.badge.count').text).to eq("1")
+    end
+
+    it 'ignores archived merge request count badges in state-filters' do
+      expect(page.find('#state-opened span.badge').text).to eq("1")
+      expect(page.find('#state-merged span.badge').text).to eq("0")
+      expect(page.find('#state-closed span.badge').text).to eq("0")
+      expect(page.find('#state-all span.badge').text).to eq("1")
+    end
+  end
+end
diff --git a/spec/features/groups_spec.rb b/spec/features/groups_spec.rb
index 13bfe90302c..4b19886274e 100644
--- a/spec/features/groups_spec.rb
+++ b/spec/features/groups_spec.rb
@@ -80,7 +80,7 @@ feature 'Group', feature: true do
 
       visit path
 
-      expect(page).to have_css('.description > p > strong')
+      expect(page).to have_css('.group-home-desc > p > strong')
     end
 
     it 'passes through html-pipeline' do
@@ -88,7 +88,7 @@ feature 'Group', feature: true do
 
       visit path
 
-      expect(page).to have_css('.description > p > img')
+      expect(page).to have_css('.group-home-desc > p > img')
     end
 
     it 'sanitizes unwanted tags' do
@@ -96,7 +96,7 @@ feature 'Group', feature: true do
 
       visit path
 
-      expect(page).not_to have_css('.description h1')
+      expect(page).not_to have_css('.group-home-desc h1')
     end
 
     it 'permits `rel` attribute on links' do
@@ -104,7 +104,7 @@ feature 'Group', feature: true do
 
       visit path
 
-      expect(page).to have_css('.description a[rel]')
+      expect(page).to have_css('.group-home-desc a[rel]')
     end
   end
 end
diff --git a/spec/features/help_pages_spec.rb b/spec/features/help_pages_spec.rb
index e2101b333e2..40a1fced8d8 100644
--- a/spec/features/help_pages_spec.rb
+++ b/spec/features/help_pages_spec.rb
@@ -1,13 +1,36 @@
 require 'spec_helper'
 
 describe 'Help Pages', feature: true do
-  describe 'Show SSH page' do
-    before do
-      login_as :user
+  describe 'Get the main help page' do
+    shared_examples_for 'help page' do |prefix: ''|
+      it 'prefixes links correctly' do
+        expect(page).to have_selector(%(div.documentation-index > ul a[href="#{prefix}/help/api/README.md"]))
+      end
     end
-    it 'replaces the variable $your_email with the email of the user' do
-      visit help_page_path('ssh/README')
-      expect(page).to have_content("ssh-keygen -t rsa -C \"#{@user.email}\"")
+
+    context 'without a trailing slash' do
+      before do
+        visit help_path
+      end
+
+      it_behaves_like 'help page'
+    end
+
+    context 'with a trailing slash' do
+      before do
+        visit help_path + '/'
+      end
+
+      it_behaves_like 'help page'
+    end
+
+    context 'with a relative installation' do
+      before do
+        stub_config_setting(relative_url_root: '/gitlab')
+        visit help_path
+      end
+
+      it_behaves_like 'help page', prefix: '/gitlab'
     end
   end
 end
diff --git a/spec/features/issues/award_emoji_spec.rb b/spec/features/issues/award_emoji_spec.rb
index ef00f209998..efb53026449 100644
--- a/spec/features/issues/award_emoji_spec.rb
+++ b/spec/features/issues/award_emoji_spec.rb
@@ -3,72 +3,83 @@ require 'rails_helper'
 describe 'Awards Emoji', feature: true do
   include WaitForAjax
 
-  let!(:project)   { create(:project) }
+  let!(:project)   { create(:project, :public) }
   let!(:user)      { create(:user) }
-
-  before do
-    project.team << [user, :master]
-    login_as(user)
+  let(:issue) do
+    create(:issue,
+           assignee: @user,
+           project: project)
   end
 
-  describe 'Click award emoji from issue#show' do
-    let!(:issue) do
-      create(:issue,
-             assignee: @user,
-             project: project)
-    end
-
-    let!(:note) {  create(:note_on_issue, noteable: issue, project: issue.project, note: "Hello world") }
-
+  context 'authorized user' do
     before do
-      visit namespace_project_issue_path(project.namespace, project, issue)
+      project.team << [user, :master]
+      login_as(user)
     end
 
-    it 'increments the thumbsdown emoji', js: true do
-      find('[data-emoji="thumbsdown"]').click
-      wait_for_ajax
-      expect(thumbsdown_emoji).to have_text("1")
-    end
+    describe 'Click award emoji from issue#show' do
+      let!(:note) {  create(:note_on_issue, noteable: issue, project: issue.project, note: "Hello world") }
 
-    context 'click the thumbsup emoji' do
-      it 'increments the thumbsup emoji', js: true do
-        find('[data-emoji="thumbsup"]').click
-        wait_for_ajax
-        expect(thumbsup_emoji).to have_text("1")
+      before do
+        visit namespace_project_issue_path(project.namespace, project, issue)
       end
 
-      it 'decrements the thumbsdown emoji', js: true do
-        expect(thumbsdown_emoji).to have_text("0")
-      end
-    end
-
-    context 'click the thumbsdown emoji' do
       it 'increments the thumbsdown emoji', js: true do
         find('[data-emoji="thumbsdown"]').click
         wait_for_ajax
         expect(thumbsdown_emoji).to have_text("1")
       end
 
-      it 'decrements the thumbsup emoji', js: true do
-        expect(thumbsup_emoji).to have_text("0")
+      context 'click the thumbsup emoji' do
+        it 'increments the thumbsup emoji', js: true do
+          find('[data-emoji="thumbsup"]').click
+          wait_for_ajax
+          expect(thumbsup_emoji).to have_text("1")
+        end
+
+        it 'decrements the thumbsdown emoji', js: true do
+          expect(thumbsdown_emoji).to have_text("0")
+        end
       end
-    end
 
-    it 'toggles the smiley emoji on a note', js: true do
-      toggle_smiley_emoji(true)
+      context 'click the thumbsdown emoji' do
+        it 'increments the thumbsdown emoji', js: true do
+          find('[data-emoji="thumbsdown"]').click
+          wait_for_ajax
+          expect(thumbsdown_emoji).to have_text("1")
+        end
 
-      within('.note-awards') do
-        expect(find(emoji_counter)).to have_text("1")
+        it 'decrements the thumbsup emoji', js: true do
+          expect(thumbsup_emoji).to have_text("0")
+        end
       end
 
-      toggle_smiley_emoji(false)
+      it 'toggles the smiley emoji on a note', js: true do
+        toggle_smiley_emoji(true)
+
+        within('.note-awards') do
+          expect(find(emoji_counter)).to have_text("1")
+        end
+
+        toggle_smiley_emoji(false)
 
-      within('.note-awards') do
-        expect(page).not_to have_selector(emoji_counter)
+        within('.note-awards') do
+          expect(page).not_to have_selector(emoji_counter)
+        end
       end
     end
   end
 
+  context 'unauthorized user', js: true do
+    before do
+      visit namespace_project_issue_path(project.namespace, project, issue)
+    end
+
+    it 'has disabled emoji button' do
+      expect(first('.award-control')[:disabled]).to be(true)
+    end
+  end
+
   def thumbsup_emoji
     page.all(emoji_counter).first
   end
diff --git a/spec/features/issues/bulk_assignment_labels_spec.rb b/spec/features/issues/bulk_assignment_labels_spec.rb
index bc2c087c9b9..832757b24d4 100644
--- a/spec/features/issues/bulk_assignment_labels_spec.rb
+++ b/spec/features/issues/bulk_assignment_labels_spec.rb
@@ -9,6 +9,7 @@ feature 'Issues > Labels bulk assignment', feature: true do
   let!(:issue2)   { create(:issue, project: project, title: "Issue 2") }
   let!(:bug)      { create(:label, project: project, title: 'bug') }
   let!(:feature)  { create(:label, project: project, title: 'feature') }
+  let!(:wontfix)  { create(:label, project: project, title: 'wontfix') }
 
   context 'as an allowed user', js: true do
     before do
@@ -291,6 +292,45 @@ feature 'Issues > Labels bulk assignment', feature: true do
         expect(find("#issue_#{issue1.id}")).not_to have_content 'feature'
       end
     end
+
+    # Special case https://gitlab.com/gitlab-org/gitlab-ce/issues/24877
+    context 'unmarking common label' do
+      before do
+        issue1.labels << bug
+        issue1.labels << feature
+        issue2.labels << bug
+
+        visit namespace_project_issues_path(project.namespace, project)
+      end
+
+      it 'applies label from filtered results' do
+        check 'check_all_issues'
+
+        page.within('.issues_bulk_update') do
+          click_button 'Labels'
+          wait_for_ajax
+
+          expect(find('.dropdown-menu-labels li', text: 'bug')).to have_css('.is-active')
+          expect(find('.dropdown-menu-labels li', text: 'feature')).to have_css('.is-indeterminate')
+
+          click_link 'bug'
+          find('.dropdown-input-field', visible: true).set('wontfix')
+          click_link 'wontfix'
+        end
+
+        update_issues
+
+        page.within '.issues-holder' do
+          expect(find("#issue_#{issue1.id}")).not_to have_content 'bug'
+          expect(find("#issue_#{issue1.id}")).to have_content 'feature'
+          expect(find("#issue_#{issue1.id}")).to have_content 'wontfix'
+
+          expect(find("#issue_#{issue2.id}")).not_to have_content 'bug'
+          expect(find("#issue_#{issue2.id}")).not_to have_content 'feature'
+          expect(find("#issue_#{issue2.id}")).to have_content 'wontfix'
+        end
+      end
+    end
   end
 
   context 'as a guest' do
@@ -320,7 +360,7 @@ feature 'Issues > Labels bulk assignment', feature: true do
 
   def open_labels_dropdown(items = [], unmark = false)
     page.within('.issues_bulk_update') do
-      click_button 'Label'
+      click_button 'Labels'
       wait_for_ajax
       items.map do |item|
         click_link item
diff --git a/spec/features/issues/create_issue_for_discussions_in_merge_request_spec.rb b/spec/features/issues/create_issue_for_discussions_in_merge_request_spec.rb
new file mode 100644
index 00000000000..762cab0c0e1
--- /dev/null
+++ b/spec/features/issues/create_issue_for_discussions_in_merge_request_spec.rb
@@ -0,0 +1,76 @@
+require 'rails_helper'
+
+feature 'Resolving all open discussions in a merge request from an issue', feature: true do
+  let(:user) { create(:user) }
+  let(:project) { create(:project, only_allow_merge_if_all_discussions_are_resolved: true) }
+  let(:merge_request) { create(:merge_request, source_project: project) }
+  let!(:discussion) { Discussion.for_diff_notes([create(:diff_note_on_merge_request, noteable: merge_request, project: project)]).first }
+
+  before do
+    project.team << [user, :master]
+    login_as user
+  end
+
+  context 'with the internal tracker disabled' do
+    before do
+      project.project_feature.update_attribute(:issues_access_level, ProjectFeature::DISABLED)
+      visit namespace_project_merge_request_path(project.namespace, project, merge_request)
+    end
+
+    it 'does not show a link to create a new issue' do
+      expect(page).not_to have_link 'open an issue to resolve them later'
+    end
+  end
+
+  context 'merge request has discussions that need to be resolved' do
+    before do
+      visit namespace_project_merge_request_path(project.namespace, project, merge_request)
+    end
+
+    it 'shows a warning that the merge request contains unresolved discussions' do
+      expect(page).to have_content 'This merge request has unresolved discussions'
+    end
+
+    it 'has a link to resolve all discussions by creating an issue' do
+      page.within '.mr-widget-body' do
+        expect(page).to have_link 'open an issue to resolve them later', href: new_namespace_project_issue_path(project.namespace, project, merge_request_for_resolving_discussions: merge_request.iid)
+      end
+    end
+
+    context 'creating an issue for discussions' do
+      before do
+        page.click_link 'open an issue to resolve them later', href: new_namespace_project_issue_path(project.namespace, project, merge_request_for_resolving_discussions: merge_request.iid)
+      end
+
+      it 'shows an issue with the title filled in' do
+        title_field = page.find_field('issue[title]')
+
+        expect(title_field.value).to include(merge_request.title)
+      end
+
+      it 'has a mention of the discussion in the description'  do
+        description_field = page.find_field('issue[description]')
+
+        expect(description_field.value).to include(discussion.first_note.note)
+      end
+
+      it 'has a hidden field for the merge request' do
+        merge_request_field = find('#merge_request_for_resolving_discussions', visible: false)
+
+        expect(merge_request_field.value).to eq(merge_request.iid.to_s)
+      end
+
+      it 'can create a new issue for the project' do
+        expect { click_button 'Submit issue' }.to change { project.issues.reload.size }.by(1)
+      end
+
+      it 'resolves the discussion in the merge request' do
+        click_button 'Submit issue'
+
+        discussion.first_note.reload
+
+        expect(discussion.resolved?).to eq(true)
+      end
+    end
+  end
+end
diff --git a/spec/features/issues/filter_issues_spec.rb b/spec/features/issues/filter_issues_spec.rb
index 2798db92f0f..0d19563d628 100644
--- a/spec/features/issues/filter_issues_spec.rb
+++ b/spec/features/issues/filter_issues_spec.rb
@@ -3,8 +3,8 @@ require 'rails_helper'
 describe 'Filter issues', feature: true do
   include WaitForAjax
 
-  let!(:project)   { create(:project) }
   let!(:group)     { create(:group) }
+  let!(:project)   { create(:project, group: group) }
   let!(:user)      { create(:user)}
   let!(:milestone) { create(:milestone, project: project) }
   let!(:label)     { create(:label, project: project) }
@@ -127,7 +127,7 @@ describe 'Filter issues', feature: true do
         expect(page).to have_content wontfix.title
       end
 
-      find('body').click
+      find('.dropdown-menu-close-icon').click
 
       expect(find('.filtered-labels')).to have_content(wontfix.title)
 
@@ -135,7 +135,7 @@ describe 'Filter issues', feature: true do
       wait_for_ajax
       find('.dropdown-menu-labels a', text: label.title).click
 
-      find('body').click
+      find('.dropdown-menu-close-icon').click
 
       expect(find('.filtered-labels')).to have_content(wontfix.title)
       expect(find('.filtered-labels')).to have_content(label.title)
@@ -150,8 +150,8 @@ describe 'Filter issues', feature: true do
     it "selects and unselects `won't fix`" do
       find('.dropdown-menu-labels a', text: wontfix.title).click
       find('.dropdown-menu-labels a', text: wontfix.title).click
-      # Close label dropdown to load
-      find('body').click
+
+      find('.dropdown-menu-close-icon').click
       expect(page).not_to have_css('.filtered-labels')
     end
   end
diff --git a/spec/features/issues/gfm_autocomplete_spec.rb b/spec/features/issues/gfm_autocomplete_spec.rb
new file mode 100644
index 00000000000..da64827b377
--- /dev/null
+++ b/spec/features/issues/gfm_autocomplete_spec.rb
@@ -0,0 +1,100 @@
+require 'rails_helper'
+
+feature 'GFM autocomplete', feature: true, js: true do
+  include WaitForAjax
+  let(:user)    { create(:user, username: 'someone.special') }
+  let(:project) { create(:project) }
+  let(:label) { create(:label, project: project, title: 'special+') }
+  let(:issue)   { create(:issue, project: project) }
+
+  before do
+    project.team << [user, :master]
+    login_as(user)
+    visit namespace_project_issue_path(project.namespace, project, issue)
+
+    wait_for_ajax
+  end
+
+  it 'opens autocomplete menu when field starts with text' do
+    page.within '.timeline-content-form' do
+      find('#note_note').native.send_keys('')
+      find('#note_note').native.send_keys('@')
+    end
+
+    expect(page).to have_selector('.atwho-container')
+  end
+
+  it 'doesnt open autocomplete menu character is prefixed with text' do
+    page.within '.timeline-content-form' do
+      find('#note_note').native.send_keys('testing')
+      find('#note_note').native.send_keys('@')
+    end
+
+    expect(page).not_to have_selector('.atwho-view')
+  end
+
+  context 'if a selected value has special characters' do
+    it 'wraps the result in double quotes' do
+      note = find('#note_note')
+      page.within '.timeline-content-form' do
+        note.native.send_keys('')
+        note.native.send_keys("~#{label.title[0]}")
+        sleep 1
+        note.click
+      end
+
+      label_item = find('.atwho-view li', text: label.title)
+
+      expect_to_wrap(true, label_item, note, label.title)
+    end
+
+    it 'doesn\'t wrap for assignee values' do
+      note = find('#note_note')
+      page.within '.timeline-content-form' do
+        note.native.send_keys('')
+        note.native.send_keys("@#{user.username[0]}")
+        sleep 1
+        note.click
+      end
+
+      user_item = find('.atwho-view li', text: user.username)
+
+      expect_to_wrap(false, user_item, note, user.username)
+    end
+
+    it 'doesn\'t wrap for emoji values' do
+      note = find('#note_note')
+      page.within '.timeline-content-form' do
+        note.native.send_keys('')
+        note.native.send_keys(":cartwheel")
+        sleep 1
+        note.click
+      end
+
+      emoji_item = find('.atwho-view li', text: 'cartwheel_tone1')
+
+      expect_to_wrap(false, emoji_item, note, 'cartwheel_tone1')
+    end
+
+    def expect_to_wrap(should_wrap, item, note, value)
+      expect(item).to have_content(value)
+      expect(item).not_to have_content("\"#{value}\"")
+
+      item.click
+
+      if should_wrap
+        expect(note.value).to include("\"#{value}\"")
+      else
+        expect(note.value).not_to include("\"#{value}\"")
+      end
+    end
+  end
+
+  it 'doesnt open autocomplete after non-word character' do
+    page.within '.timeline-content-form' do
+      find('#note_note').native.send_keys("@#{user.username[0..2]}!")
+    end
+
+    expect(page).not_to have_selector('.atwho-view')
+  end
+end
diff --git a/spec/features/issues/issue_sidebar_spec.rb b/spec/features/issues/issue_sidebar_spec.rb
index 4b1aec8bf71..bc068b5e7e0 100644
--- a/spec/features/issues/issue_sidebar_spec.rb
+++ b/spec/features/issues/issue_sidebar_spec.rb
@@ -1,7 +1,9 @@
 require 'rails_helper'
 
 feature 'Issue Sidebar', feature: true do
-  let(:project) { create(:project) }
+  include WaitForAjax
+
+  let(:project) { create(:project, :public) }
   let(:issue) { create(:issue, project: project) }
   let!(:user) { create(:user)}
 
@@ -10,6 +12,37 @@ feature 'Issue Sidebar', feature: true do
     login_as(user)
   end
 
+  context 'assignee', js: true do
+    let(:user2) { create(:user) }
+    let(:issue2) { create(:issue, project: project, author: user2) }
+
+    before do
+      project.team << [user, :developer]
+      visit_issue(project, issue2)
+
+      find('.block.assignee .edit-link').click
+
+      wait_for_ajax
+    end
+
+    it 'shows author in assignee dropdown' do
+      page.within '.dropdown-menu-user' do
+        expect(page).to have_content(user2.name)
+      end
+    end
+
+    it 'shows author when filtering assignee dropdown' do
+      page.within '.dropdown-menu-user' do
+        find('.dropdown-input-field').native.send_keys user2.name
+        sleep 1 # Required to wait for end of input delay
+
+        wait_for_ajax
+
+        expect(page).to have_content(user2.name)
+      end
+    end
+  end
+
   context 'as a allowed user' do
     before do
       project.team << [user, :developer]
diff --git a/spec/features/issues/move_spec.rb b/spec/features/issues/move_spec.rb
index 055210399a7..f89b4db9e62 100644
--- a/spec/features/issues/move_spec.rb
+++ b/spec/features/issues/move_spec.rb
@@ -27,8 +27,8 @@ feature 'issue move to another project' do
     let!(:mr) { create(:merge_request, source_project: old_project) }
     let(:new_project) { create(:project) }
     let(:new_project_search) { create(:project) }
-    let(:text) { 'Text with !1' }
-    let(:cross_reference) { old_project.to_reference }
+    let(:text) { "Text with #{mr.to_reference}" }
+    let(:cross_reference) { old_project.to_reference(new_project) }
 
     background do
       old_project.team << [user, :reporter]
@@ -43,8 +43,8 @@ feature 'issue move to another project' do
 
       expect(current_url).to include project_path(new_project)
 
-      expect(page).to have_content("Text with #{cross_reference}!1")
-      expect(page).to have_content("Moved from #{cross_reference}#1")
+      expect(page).to have_content("Text with #{cross_reference}#{mr.to_reference}")
+      expect(page).to have_content("moved from #{cross_reference}#{issue.to_reference}")
       expect(page).to have_content(issue.title)
     end
 
diff --git a/spec/features/issues/new_branch_button_spec.rb b/spec/features/issues/new_branch_button_spec.rb
index fb0c4704285..a4d3053d10c 100644
--- a/spec/features/issues/new_branch_button_spec.rb
+++ b/spec/features/issues/new_branch_button_spec.rb
@@ -18,22 +18,24 @@ feature 'Start new branch from an issue', feature: true do
     end
 
     context "when there is a referenced merge request" do
-      let(:note) do
-        create(:note, :on_issue, :system, project: project,
-                                          note: "Mentioned in !#{referenced_mr.iid}")
+      let!(:note) do
+        create(:note, :on_issue, :system, project: project, noteable: issue,
+                                          note: "mentioned in #{referenced_mr.to_reference}")
       end
+
       let(:referenced_mr) do
         create(:merge_request, :simple, source_project: project, target_project: project,
-                                        description: "Fixes ##{issue.iid}", author: user)
+                                        description: "Fixes #{issue.to_reference}", author: user)
       end
 
       before do
-        issue.notes << note
+        referenced_mr.cache_merge_request_closes_issues!(user)
 
         visit namespace_project_issue_path(project.namespace, project, issue)
       end
 
       it "hides the new branch button", js: true do
+        expect(page).to have_css('#new-branch .unavailable')
         expect(page).not_to have_css('#new-branch .available')
         expect(page).to have_content /1 Related Merge Request/
       end
diff --git a/spec/features/issues/todo_spec.rb b/spec/features/issues/todo_spec.rb
index de8fdda388d..41ff31d2b99 100644
--- a/spec/features/issues/todo_spec.rb
+++ b/spec/features/issues/todo_spec.rb
@@ -13,8 +13,8 @@ feature 'Manually create a todo item from issue', feature: true, js: true do
 
   it 'creates todo when clicking button' do
     page.within '.issuable-sidebar' do
-      click_button 'Add Todo'
-      expect(page).to have_content 'Mark Done'
+      click_button 'Add todo'
+      expect(page).to have_content 'Mark done'
     end
 
     page.within '.header-content .todos-pending-count' do
@@ -30,8 +30,8 @@ feature 'Manually create a todo item from issue', feature: true, js: true do
 
   it 'marks a todo as done' do
     page.within '.issuable-sidebar' do
-      click_button 'Add Todo'
-      click_button 'Mark Done'
+      click_button 'Add todo'
+      click_button 'Mark done'
     end
 
     expect(page).to have_selector('.todos-pending-count', visible: false)
diff --git a/spec/features/issues_spec.rb b/spec/features/issues_spec.rb
index cdd02a8c8e3..5c958455604 100644
--- a/spec/features/issues_spec.rb
+++ b/spec/features/issues_spec.rb
@@ -371,10 +371,12 @@ describe 'Issues', feature: true do
 
   describe 'when I want to reset my incoming email token' do
     let(:project1) { create(:project, namespace: @user.namespace) }
+    let(:issue) { create(:issue, project: project1) }
 
     before do
       allow(Gitlab.config.incoming_email).to receive(:enabled).and_return(true)
       project1.team << [@user, :master]
+      project1.issues << issue
       visit namespace_project_issues_path(@user.namespace, project1)
     end
 
@@ -576,7 +578,10 @@ describe 'Issues', feature: true do
 
   describe 'new issue by email' do
     shared_examples 'show the email in the modal' do
+      let(:issue) { create(:issue, project: project) }
+
       before do
+        project.issues << issue
         stub_incoming_email_setting(enabled: true, address: "p+%{key}@gl.ab")
 
         visit namespace_project_issues_path(project.namespace, project)
diff --git a/spec/features/merge_requests/check_if_mergeable_with_unresolved_discussions.rb b/spec/features/merge_requests/check_if_mergeable_with_unresolved_discussions_spec.rb
index 7f11db3c417..7f11db3c417 100644
--- a/spec/features/merge_requests/check_if_mergeable_with_unresolved_discussions.rb
+++ b/spec/features/merge_requests/check_if_mergeable_with_unresolved_discussions_spec.rb
diff --git a/spec/features/merge_requests/closes_issues_spec.rb b/spec/features/merge_requests/closes_issues_spec.rb
new file mode 100644
index 00000000000..dc32c8f7373
--- /dev/null
+++ b/spec/features/merge_requests/closes_issues_spec.rb
@@ -0,0 +1,55 @@
+require 'spec_helper'
+
+feature 'Merge Request closing issues message', feature: true do
+  let(:user) { create(:user) }
+  let(:project) { create(:project, :public) }
+  let(:issue_1) { create(:issue, project: project)}
+  let(:issue_2) { create(:issue, project: project)}
+  let(:merge_request) do
+    create(
+      :merge_request,
+      :simple,
+      source_project: project,
+      description: merge_request_description
+    )
+  end
+  let(:merge_request_description) { 'Merge Request Description' }
+
+  before do
+    project.team << [user, :master]
+
+    login_as user
+
+    visit namespace_project_merge_request_path(project.namespace, project, merge_request)
+  end
+
+  context 'not closing or mentioning any issue' do
+    it 'does not display closing issue message' do
+      expect(page).not_to have_css('.mr-widget-footer')
+    end
+  end
+
+  context 'closing issues but not mentioning any other issue' do
+    let(:merge_request_description) { "Description\n\nclosing #{issue_1.to_reference}, #{issue_2.to_reference}" }
+
+    it 'does not display closing issue message' do
+      expect(page).to have_content("Accepting this merge request will close issues #{issue_1.to_reference} and #{issue_2.to_reference}")
+    end
+  end
+
+  context 'mentioning issues but not closing them' do
+    let(:merge_request_description) { "Description\n\nRefers to #{issue_1.to_reference} and #{issue_2.to_reference}" }
+
+    it 'does not display closing issue message' do
+      expect(page).to have_content("Issues #{issue_1.to_reference} and #{issue_2.to_reference} are mentioned but will not closed.")
+    end
+  end
+
+  context 'closing some issues and mentioning, but not closing, others' do
+    let(:merge_request_description) { "Description\n\ncloses #{issue_1.to_reference}\n\n refers to #{issue_2.to_reference}" }
+
+    it 'does not display closing issue message' do
+      expect(page).to have_content("Accepting this merge request will close issue #{issue_1.to_reference}. Issue #{issue_2.to_reference} is mentioned but will not closed.")
+    end
+  end
+end
diff --git a/spec/features/merge_requests/conflicts_spec.rb b/spec/features/merge_requests/conflicts_spec.rb
index d258ff52bbb..5bc4ab2dfe5 100644
--- a/spec/features/merge_requests/conflicts_spec.rb
+++ b/spec/features/merge_requests/conflicts_spec.rb
@@ -20,7 +20,7 @@ feature 'Merge request conflict resolution', js: true, feature: true do
 
       within find('.files-wrapper .diff-file', text: 'files/ruby/regex.rb') do
         all('button', text: 'Use ours').each do |button|
-          button.click
+          button.trigger('click')
         end
       end
 
diff --git a/spec/features/merge_requests/create_new_mr_spec.rb b/spec/features/merge_requests/create_new_mr_spec.rb
index c68e1ea4af9..f1b68a39343 100644
--- a/spec/features/merge_requests/create_new_mr_spec.rb
+++ b/spec/features/merge_requests/create_new_mr_spec.rb
@@ -40,7 +40,7 @@ feature 'Create New Merge Request', feature: true, js: true do
 
       visit new_namespace_project_merge_request_path(project.namespace, project, merge_request: { target_project_id: private_project.id })
 
-      expect(page).not_to have_content private_project.to_reference
+      expect(page).not_to have_content private_project.path_with_namespace
     end
   end
 
@@ -67,4 +67,21 @@ feature 'Create New Merge Request', feature: true, js: true do
     expect(page).to have_content('Source branch "non-exist-source" does not exist')
     expect(page).to have_content('Target branch "non-exist-target" does not exist')
   end
+
+  context 'when a branch contains commits that both delete and add the same image' do
+    it 'renders the diff successfully' do
+      visit new_namespace_project_merge_request_path(project.namespace, project, merge_request: { target_branch: 'master', source_branch: 'deleted-image-test' })
+
+      click_link "Changes"
+
+      expect(page).to have_content "6049019_460s.jpg"
+    end
+  end
+
+  # Isolates a regression (see #24627)
+  it 'does not show error messages on initial form' do
+    visit new_namespace_project_merge_request_path(project.namespace, project)
+    expect(page).not_to have_selector('#error_explanation')
+    expect(page).not_to have_content('The form contains the following error')
+  end
 end
diff --git a/spec/features/merge_requests/deleted_source_branch_spec.rb b/spec/features/merge_requests/deleted_source_branch_spec.rb
new file mode 100644
index 00000000000..d5c9ed8a3b7
--- /dev/null
+++ b/spec/features/merge_requests/deleted_source_branch_spec.rb
@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+# This test serves as a regression test for a bug that caused an error
+# message to be shown by JavaScript when the source branch was deleted.
+# Please do not remove "js: true".
+describe 'Deleted source branch', feature: true, js: true do
+  let(:user) { create(:user) }
+  let(:merge_request) { create(:merge_request) }
+
+  before do
+    login_as user
+    merge_request.project.team << [user, :master]
+    merge_request.update!(source_branch: 'this-branch-does-not-exist')
+    visit namespace_project_merge_request_path(
+      merge_request.project.namespace,
+      merge_request.project, merge_request
+    )
+  end
+
+  it 'shows a message about missing source branch' do
+    expect(page).to have_content(
+      'Source branch this-branch-does-not-exist does not exist'
+    )
+  end
+
+  it 'hides Discussion, Commits and Changes tabs' do
+    within '.merge-request-details' do
+      expect(page).to have_no_content('Discussion')
+      expect(page).to have_no_content('Commits')
+      expect(page).to have_no_content('Changes')
+    end
+  end
+end
diff --git a/spec/features/merge_requests/diff_notes_resolve_spec.rb b/spec/features/merge_requests/diff_notes_resolve_spec.rb
index 5e6d8467217..d5e3d8e7eff 100644
--- a/spec/features/merge_requests/diff_notes_resolve_spec.rb
+++ b/spec/features/merge_requests/diff_notes_resolve_spec.rb
@@ -69,8 +69,6 @@ feature 'Diff notes resolve', feature: true, js: true do
 
         page.within '.diff-content .note' do
           expect(page).to have_selector('.line-resolve-btn.is-active')
-
-          expect(find('.line-resolve-btn')['data-original-title']).to eq("Resolved by #{user.name}")
         end
 
         page.within '.line-resolve-all-container' do
diff --git a/spec/features/merge_requests/merge_commit_message_toggle_spec.rb b/spec/features/merge_requests/merge_commit_message_toggle_spec.rb
new file mode 100644
index 00000000000..3dbe26cddb0
--- /dev/null
+++ b/spec/features/merge_requests/merge_commit_message_toggle_spec.rb
@@ -0,0 +1,74 @@
+require 'spec_helper'
+
+feature 'Clicking toggle commit message link', feature: true, js: true do
+  let(:user) { create(:user) }
+  let(:project) { create(:project, :public) }
+  let(:issue_1) { create(:issue, project: project)}
+  let(:issue_2) { create(:issue, project: project)}
+  let(:merge_request) do
+    create(
+      :merge_request,
+      :simple,
+      source_project: project,
+      description: "Description\n\nclosing #{issue_1.to_reference}, #{issue_2.to_reference}"
+    )
+  end
+  let(:textbox) { page.find(:css, '.js-commit-message', visible: false) }
+  let(:include_link) { page.find(:css, '.js-with-description-link', visible: false) }
+  let(:do_not_include_link) { page.find(:css, '.js-without-description-link', visible: false) }
+  let(:default_message) do
+    [
+      "Merge branch 'feature' into 'master'",
+      merge_request.title,
+      "Closes #{issue_1.to_reference} and #{issue_2.to_reference}",
+      "See merge request #{merge_request.to_reference}"
+    ].join("\n\n")
+  end
+  let(:message_with_description) do
+    [
+      "Merge branch 'feature' into 'master'",
+      merge_request.title,
+      merge_request.description,
+      "See merge request #{merge_request.to_reference}"
+    ].join("\n\n")
+  end
+
+  before do
+    project.team << [user, :master]
+
+    login_as user
+
+    visit namespace_project_merge_request_path(project.namespace, project, merge_request)
+
+    expect(textbox).not_to be_visible
+    click_link "Modify commit message"
+    expect(textbox).to be_visible
+  end
+
+  it "toggles commit message between message with description and without description " do
+    expect(textbox.value).to eq(default_message)
+
+    click_link "Include description in commit message"
+
+    expect(textbox.value).to eq(message_with_description)
+
+    click_link "Don't include description in commit message"
+
+    expect(textbox.value).to eq(default_message)
+  end
+
+  it "toggles link between 'Include description' and 'Don't include description'" do
+    expect(include_link).to be_visible
+    expect(do_not_include_link).not_to be_visible
+
+    click_link "Include description in commit message"
+
+    expect(include_link).not_to be_visible
+    expect(do_not_include_link).to be_visible
+
+    click_link "Don't include description in commit message"
+
+    expect(include_link).to be_visible
+    expect(do_not_include_link).not_to be_visible
+  end
+end
diff --git a/spec/features/merge_requests/merge_request_versions_spec.rb b/spec/features/merge_requests/merge_request_versions_spec.rb
index 23cee891bac..09451f41de4 100644
--- a/spec/features/merge_requests/merge_request_versions_spec.rb
+++ b/spec/features/merge_requests/merge_request_versions_spec.rb
@@ -3,11 +3,12 @@ require 'spec_helper'
 feature 'Merge Request versions', js: true, feature: true do
   let(:merge_request) { create(:merge_request, importing: true) }
   let(:project) { merge_request.source_project }
+  let!(:merge_request_diff1) { merge_request.merge_request_diffs.create(head_commit_sha: '6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9') }
+  let!(:merge_request_diff2) { merge_request.merge_request_diffs.create(head_commit_sha: nil) }
+  let!(:merge_request_diff3) { merge_request.merge_request_diffs.create(head_commit_sha: '5937ac0a7beb003549fc5fd26fc247adbce4a52e') }
 
   before do
     login_as :admin
-    merge_request.merge_request_diffs.create(head_commit_sha: '6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9')
-    merge_request.merge_request_diffs.create(head_commit_sha: '5937ac0a7beb003549fc5fd26fc247adbce4a52e')
     visit diffs_namespace_project_merge_request_path(project.namespace, project, merge_request)
   end
 
@@ -53,7 +54,7 @@ feature 'Merge Request versions', js: true, feature: true do
         project.namespace,
         project,
         merge_request.iid,
-        diff_id: 2,
+        diff_id: merge_request_diff3.id,
         start_sha: '6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9'
       )
     end
diff --git a/spec/features/merge_requests/merge_when_build_succeeds_spec.rb b/spec/features/merge_requests/merge_when_pipeline_succeeds_spec.rb
index c3c3ab33872..aa24a905001 100644
--- a/spec/features/merge_requests/merge_when_build_succeeds_spec.rb
+++ b/spec/features/merge_requests/merge_when_pipeline_succeeds_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-feature 'Merge When Build Succeeds', feature: true, js: true do
+feature 'Merge When Pipeline Succeeds', :feature, :js do
   let(:user) { create(:user) }
   let(:project) { create(:project, :public) }
 
@@ -18,7 +18,7 @@ feature 'Merge When Build Succeeds', feature: true, js: true do
 
   before { project.team << [user, :master] }
 
-  context 'when there is active build for merge request' do
+  context 'when there is active pipeline for merge request' do
     background do
       create(:ci_build, pipeline: pipeline)
     end
@@ -28,28 +28,28 @@ feature 'Merge When Build Succeeds', feature: true, js: true do
       visit_merge_request(merge_request)
     end
 
-    it 'displays the Merge When Build Succeeds button' do
-      expect(page).to have_button "Merge When Build Succeeds"
+    it 'displays the Merge When Pipeline Succeeds button' do
+      expect(page).to have_button "Merge When Pipeline Succeeds"
     end
 
-    context "Merge When Build succeeds enabled" do
+    context "Merge When Pipeline Succeeds enabled" do
       before do
-        click_button "Merge When Build Succeeds"
+        click_button "Merge When Pipeline Succeeds"
       end
 
-      it 'activates Merge When Build Succeeds feature' do
+      it 'activates Merge When Pipeline Succeeds feature' do
         expect(page).to have_link "Cancel Automatic Merge"
 
-        expect(page).to have_content "Set by #{user.name} to be merged automatically when the build succeeds."
+        expect(page).to have_content "Set by #{user.name} to be merged automatically when the pipeline succeeds."
         expect(page).to have_content "The source branch will not be removed."
 
         visit_merge_request(merge_request) # Needed to refresh the page
-        expect(page).to have_content /Enabled an automatic merge when the build for [0-9a-f]{8} succeeds/i
+        expect(page).to have_content /enabled an automatic merge when the pipeline for \h{8} succeeds/i
       end
     end
   end
 
-  context 'when merge when build succeeds is enabled' do
+  context 'when merge when pipeline succeeds is enabled' do
     let(:merge_request) do
       create(:merge_request_with_diffs, :simple,  source_project: project,
                                                   author: user,
@@ -70,10 +70,10 @@ feature 'Merge When Build Succeeds', feature: true, js: true do
     it 'allows to cancel the automatic merge' do
       click_link "Cancel Automatic Merge"
 
-      expect(page).to have_button "Merge When Build Succeeds"
+      expect(page).to have_button "Merge When Pipeline Succeeds"
 
       visit_merge_request(merge_request) # refresh the page
-      expect(page).to have_content "Canceled the automatic merge"
+      expect(page).to have_content "canceled the automatic merge"
     end
 
     it "allows the user to remove the source branch" do
@@ -83,7 +83,7 @@ feature 'Merge When Build Succeeds', feature: true, js: true do
       expect(page).to have_content "The source branch will be removed"
     end
 
-    context 'when build succeeds' do
+    context 'when pipeline succeeds' do
       background { build.success }
 
       it 'merges merge request' do
@@ -95,13 +95,14 @@ feature 'Merge When Build Succeeds', feature: true, js: true do
     end
   end
 
-  context 'when build is not active' do
-    it "does not allow to enable merge when build succeeds" do
+  context 'when pipeline is not active' do
+    it "does not allow to enable merge when pipeline succeeds" do
       visit_merge_request(merge_request)
-      expect(page).not_to have_link "Merge When Build Succeeds"
+
+      expect(page).not_to have_link 'Merge When Pipeline Succeeds'
     end
   end
-  
+
   def visit_merge_request(merge_request)
     visit namespace_project_merge_request_path(merge_request.project.namespace, merge_request.project, merge_request)
   end
diff --git a/spec/features/merge_requests/only_allow_merge_if_build_succeeds.rb b/spec/features/merge_requests/only_allow_merge_if_build_succeeds_spec.rb
index 80e8b8fc642..7e2907cd26f 100644
--- a/spec/features/merge_requests/only_allow_merge_if_build_succeeds.rb
+++ b/spec/features/merge_requests/only_allow_merge_if_build_succeeds_spec.rb
@@ -1,8 +1,8 @@
 require 'spec_helper'
 
 feature 'Only allow merge requests to be merged if the build succeeds', feature: true do
-  let(:project)       { create(:project, :public) }
-  let(:merge_request) { create(:merge_request_with_diffs, source_project: project) }
+  let(:merge_request) { create(:merge_request_with_diffs) }
+  let(:project)       { merge_request.target_project }
 
   before do
     login_as merge_request.author
@@ -19,7 +19,13 @@ feature 'Only allow merge requests to be merged if the build succeeds', feature:
   end
 
   context 'when project has CI enabled' do
-    let(:pipeline) { create(:ci_empty_pipeline, project: project, sha: merge_request.diff_head_sha, ref: merge_request.source_branch) }
+    given!(:pipeline) do
+      create(:ci_empty_pipeline,
+      project: project,
+      sha: merge_request.diff_head_sha,
+      ref: merge_request.source_branch,
+      status: status)
+    end
 
     context 'when merge requests can only be merged if the build succeeds' do
       before do
@@ -27,18 +33,29 @@ feature 'Only allow merge requests to be merged if the build succeeds', feature:
       end
 
       context 'when CI is running' do
-        before { pipeline.update_column(:status, :running) }
+        given(:status) { :running }
 
         it 'does not allow to merge immediately' do
           visit_merge_request(merge_request)
 
-          expect(page).to have_button 'Merge When Build Succeeds'
+          expect(page).to have_button 'Merge When Pipeline Succeeds'
           expect(page).not_to have_button 'Select Merge Moment'
         end
       end
 
       context 'when CI failed' do
-        before { pipeline.update_column(:status, :failed) }
+        given(:status) { :failed }
+
+        it 'does not allow MR to be merged' do
+          visit_merge_request(merge_request)
+
+          expect(page).not_to have_button 'Accept Merge Request'
+          expect(page).to have_content('Please retry the build or push a new commit to fix the failure.')
+        end
+      end
+
+      context 'when CI canceled' do
+        given(:status) { :canceled }
 
         it 'does not allow MR to be merged' do
           visit_merge_request(merge_request)
@@ -49,7 +66,17 @@ feature 'Only allow merge requests to be merged if the build succeeds', feature:
       end
 
       context 'when CI succeeded' do
-        before { pipeline.update_column(:status, :success) }
+        given(:status) { :success }
+
+        it 'allows MR to be merged' do
+          visit_merge_request(merge_request)
+
+          expect(page).to have_button 'Accept Merge Request'
+        end
+      end
+
+      context 'when CI skipped' do
+        given(:status) { :skipped }
 
         it 'allows MR to be merged' do
           visit_merge_request(merge_request)
@@ -65,12 +92,12 @@ feature 'Only allow merge requests to be merged if the build succeeds', feature:
       end
 
       context 'when CI is running' do
-        before { pipeline.update_column(:status, :running) }
+        given(:status) { :running }
 
         it 'allows MR to be merged immediately', js: true do
           visit_merge_request(merge_request)
 
-          expect(page).to have_button 'Merge When Build Succeeds'
+          expect(page).to have_button 'Merge When Pipeline Succeeds'
 
           click_button 'Select Merge Moment'
           expect(page).to have_content 'Merge Immediately'
@@ -78,7 +105,7 @@ feature 'Only allow merge requests to be merged if the build succeeds', feature:
       end
 
       context 'when CI failed' do
-        before { pipeline.update_column(:status, :failed) }
+        given(:status) { :failed }
 
         it 'allows MR to be merged' do
           visit_merge_request(merge_request)
@@ -88,7 +115,7 @@ feature 'Only allow merge requests to be merged if the build succeeds', feature:
       end
 
       context 'when CI succeeded' do
-        before { pipeline.update_column(:status, :success) }
+        given(:status) { :success }
 
         it 'allows MR to be merged' do
           visit_merge_request(merge_request)
diff --git a/spec/features/merge_requests/target_branch_spec.rb b/spec/features/merge_requests/target_branch_spec.rb
new file mode 100644
index 00000000000..b6134540273
--- /dev/null
+++ b/spec/features/merge_requests/target_branch_spec.rb
@@ -0,0 +1,41 @@
+require 'spec_helper'
+
+describe 'Target branch', feature: true do
+  let(:user) { create(:user) }
+  let(:merge_request) { create(:merge_request) }
+  let(:project) { merge_request.project }
+
+  def path_to_merge_request
+    namespace_project_merge_request_path(
+      project.namespace,
+      project, merge_request
+    )
+  end
+
+  before do
+    login_as user
+    project.team << [user, :master]
+  end
+
+  it 'shows link to target branch' do
+    visit path_to_merge_request
+    expect(page).to have_link('feature', href: namespace_project_commits_path(project.namespace, project, merge_request.target_branch))
+  end
+
+  context 'when branch was deleted' do
+    before do
+      DeleteBranchService.new(project, user).execute('feature')
+      visit path_to_merge_request
+    end
+
+    it 'shows a message about missing target branch' do
+      expect(page).to have_content(
+        'Target branch feature does not exist'
+      )
+    end
+
+    it 'does not show link to target branch' do
+      expect(page).not_to have_link('feature')
+    end
+  end
+end
diff --git a/spec/features/merge_requests/toggle_whitespace_changes.rb b/spec/features/merge_requests/toggle_whitespace_changes_spec.rb
index 0f98737b700..0f98737b700 100644
--- a/spec/features/merge_requests/toggle_whitespace_changes.rb
+++ b/spec/features/merge_requests/toggle_whitespace_changes_spec.rb
diff --git a/spec/features/milestone_spec.rb b/spec/features/milestone_spec.rb
index b8c838bf7ab..a2e40546588 100644
--- a/spec/features/milestone_spec.rb
+++ b/spec/features/milestone_spec.rb
@@ -14,12 +14,17 @@ feature 'Milestone', feature: true do
   feature 'Create a milestone' do
     scenario 'shows an informative message for a new milestone' do
       visit new_namespace_project_milestone_path(project.namespace, project)
+
       page.within '.milestone-form' do
         fill_in "milestone_title", with: '8.7'
+        fill_in "milestone_start_date", with: '2016-11-16'
+        fill_in "milestone_due_date", with: '2016-12-16'
       end
+
       find('input[name="commit"]').click
 
       expect(find('.alert-success')).to have_content('Assign some issues to this milestone.')
+      expect(page).to have_content('Nov 16, 2016 - Dec 16, 2016')
     end
   end
 
diff --git a/spec/features/notes_on_merge_requests_spec.rb b/spec/features/notes_on_merge_requests_spec.rb
index 5d7247e2a62..9fffbb43e87 100644
--- a/spec/features/notes_on_merge_requests_spec.rb
+++ b/spec/features/notes_on_merge_requests_spec.rb
@@ -141,7 +141,7 @@ describe 'Comments', feature: true do
     let(:project2) { create(:project, :private) }
     let(:issue) { create(:issue, project: project2) }
     let(:merge_request) { create(:merge_request, source_project: project, source_branch: 'markdown') }
-    let!(:note) { create(:note_on_merge_request, :system, noteable: merge_request, project: project, note: "Mentioned in #{issue.to_reference(project)}") }
+    let!(:note) { create(:note_on_merge_request, :system, noteable: merge_request, project: project, note: "mentioned in #{issue.to_reference(project)}") }
 
     it 'shows the system note' do
       login_as :admin
diff --git a/spec/features/participants_autocomplete_spec.rb b/spec/features/participants_autocomplete_spec.rb
index a78a1c9c890..c2545b0c259 100644
--- a/spec/features/participants_autocomplete_spec.rb
+++ b/spec/features/participants_autocomplete_spec.rb
@@ -1,6 +1,8 @@
 require 'spec_helper'
 
 feature 'Member autocomplete', feature: true do
+  include WaitForAjax
+
   let(:project) { create(:project, :public) }
   let(:user) { create(:user) }
   let(:participant) { create(:user) }
@@ -79,11 +81,10 @@ feature 'Member autocomplete', feature: true do
   end
 
   def open_member_suggestions
-    sleep 1
     page.within('.new-note') do
-      sleep 1
-      find('#note_note').native.send_keys('@')
+      find('#note_note').send_keys('@')
     end
+    wait_for_ajax
   end
 
   def visit_issue(project, issue)
diff --git a/spec/features/profiles/chat_names_spec.rb b/spec/features/profiles/chat_names_spec.rb
new file mode 100644
index 00000000000..6f6f7029c0b
--- /dev/null
+++ b/spec/features/profiles/chat_names_spec.rb
@@ -0,0 +1,77 @@
+require 'rails_helper'
+
+feature 'Profile > Chat', feature: true do
+  given(:user) { create(:user) }
+  given(:service) { create(:service) }
+
+  before do
+    login_as(user)
+  end
+
+  describe 'uses authorization link' do
+    given(:params) do
+      { team_id: 'T00', team_domain: 'my_chat_team', user_id: 'U01', user_name: 'my_chat_user' }
+    end
+    given!(:authorize_url) { ChatNames::AuthorizeUserService.new(service, params).execute }
+    given(:authorize_path) { URI.parse(authorize_url).request_uri }
+
+    before do
+      visit authorize_path
+    end
+
+    context 'clicks authorize' do
+      before do
+        click_button 'Authorize'
+      end
+
+      scenario 'goes to list of chat names and see chat account' do
+        expect(page.current_path).to eq(profile_chat_names_path)
+        expect(page).to have_content('my_chat_team')
+        expect(page).to have_content('my_chat_user')
+      end
+
+      scenario 'second use of link is denied' do
+        visit authorize_path
+
+        expect(page).to have_http_status(:not_found)
+      end
+    end
+
+    context 'clicks deny' do
+      before do
+        click_button 'Deny'
+      end
+
+      scenario 'goes to list of chat names and do not see chat account' do
+        expect(page.current_path).to eq(profile_chat_names_path)
+        expect(page).not_to have_content('my_chat_team')
+        expect(page).not_to have_content('my_chat_user')
+      end
+
+      scenario 'second use of link is denied' do
+        visit authorize_path
+
+        expect(page).to have_http_status(:not_found)
+      end
+    end
+  end
+
+  describe 'visits chat accounts' do
+    given!(:chat_name) { create(:chat_name, user: user, service: service) }
+
+    before do
+      visit profile_chat_names_path
+    end
+
+    scenario 'sees chat user' do
+      expect(page).to have_content(chat_name.team_domain)
+      expect(page).to have_content(chat_name.chat_name)
+    end
+
+    scenario 'removes chat account' do
+      click_link 'Remove'
+
+      expect(page).to have_content("You don't have any active chat names.")
+    end
+  end
+end
diff --git a/spec/features/profiles/personal_access_tokens_spec.rb b/spec/features/profiles/personal_access_tokens_spec.rb
index a85930c7543..55a01057c83 100644
--- a/spec/features/profiles/personal_access_tokens_spec.rb
+++ b/spec/features/profiles/personal_access_tokens_spec.rb
@@ -27,28 +27,25 @@ describe 'Profile > Personal Access Tokens', feature: true, js: true do
 
   describe "token creation" do
     it "allows creation of a token" do
-      visit profile_personal_access_tokens_path
-      fill_in "Name", with: FFaker::Product.brand
-
-      expect {click_on "Create Personal Access Token"}.to change { PersonalAccessToken.count }.by(1)
-      expect(created_personal_access_token).to eq(PersonalAccessToken.last.token)
-      expect(active_personal_access_tokens).to have_text(PersonalAccessToken.last.name)
-      expect(active_personal_access_tokens).to have_text("Never")
-    end
+      name = FFaker::Product.brand
 
-    it "allows creation of a token with an expiry date" do
       visit profile_personal_access_tokens_path
-      fill_in "Name", with: FFaker::Product.brand
+      fill_in "Name", with: name
 
       # Set date to 1st of next month
       find_field("Expires at").trigger('focus')
       find("a[title='Next']").click
       click_on "1"
 
-      expect {click_on "Create Personal Access Token"}.to change { PersonalAccessToken.count }.by(1)
-      expect(created_personal_access_token).to eq(PersonalAccessToken.last.token)
-      expect(active_personal_access_tokens).to have_text(PersonalAccessToken.last.name)
+      # Scopes
+      check "api"
+      check "read_user"
+
+      click_on "Create Personal Access Token"
+      expect(active_personal_access_tokens).to have_text(name)
       expect(active_personal_access_tokens).to have_text(Date.today.next_month.at_beginning_of_month.to_s(:medium))
+      expect(active_personal_access_tokens).to have_text('api')
+      expect(active_personal_access_tokens).to have_text('read_user')
     end
 
     context "when creation fails" do
@@ -85,7 +82,7 @@ describe 'Profile > Personal Access Tokens', feature: true, js: true do
         disallow_personal_access_token_saves!
         visit profile_personal_access_tokens_path
 
-        expect { click_on "Revoke" }.not_to change { PersonalAccessToken.inactive.count }
+        click_on "Revoke"
         expect(active_personal_access_tokens).to have_text(personal_access_token.name)
         expect(page).to have_content("Could not revoke")
       end
diff --git a/spec/features/profiles/preferences_spec.rb b/spec/features/profiles/preferences_spec.rb
index d14a1158b67..a6b841c0210 100644
--- a/spec/features/profiles/preferences_spec.rb
+++ b/spec/features/profiles/preferences_spec.rb
@@ -73,7 +73,7 @@ describe 'Profile > Preferences', feature: true do
         expect(page.current_path).to eq starred_dashboard_projects_path
       end
 
-      click_link 'Your Projects'
+      click_link 'Your projects'
 
       expect(page).not_to have_content("You don't have starred projects yet")
       expect(page.current_path).to eq dashboard_projects_path
diff --git a/spec/features/projects/blobs/edit_spec.rb b/spec/features/projects/blobs/edit_spec.rb
new file mode 100644
index 00000000000..a820d07ab3b
--- /dev/null
+++ b/spec/features/projects/blobs/edit_spec.rb
@@ -0,0 +1,45 @@
+require 'spec_helper'
+
+feature 'Editing file blob', feature: true, js: true do
+  include WaitForAjax
+
+  given(:user) { create(:user) }
+  given(:role) { :developer }
+  given(:merge_request) { create(:merge_request, source_branch: 'feature', target_branch: 'master') }
+  given(:project) { merge_request.target_project }
+
+  background do
+    login_as(user)
+    project.team << [user, role]
+  end
+
+  def edit_and_commit
+    wait_for_ajax
+    first('.file-actions').click_link 'Edit'
+    execute_script('ace.edit("editor").setValue("class NextFeature\nend\n")')
+    click_button 'Commit Changes'
+  end
+
+  context 'from MR diff' do
+    before do
+      visit diffs_namespace_project_merge_request_path(project.namespace, project, merge_request)
+      edit_and_commit
+    end
+
+    scenario 'returns me to the mr' do
+      expect(page).to have_content(merge_request.title)
+    end
+  end
+
+  context 'from blob file path' do
+    before do
+      visit namespace_project_blob_path(project.namespace, project, '/feature/files/ruby/feature.rb')
+      edit_and_commit
+    end
+
+    scenario 'updates content' do
+      expect(page).to have_content 'successfully committed'
+      expect(page).to have_content 'NextFeature'
+    end
+  end
+end
diff --git a/spec/features/projects/builds_spec.rb b/spec/features/projects/builds_spec.rb
index a8022a5361f..8c4d4320dc5 100644
--- a/spec/features/projects/builds_spec.rb
+++ b/spec/features/projects/builds_spec.rb
@@ -1,52 +1,59 @@
 require 'spec_helper'
 require 'tempfile'
 
-describe "Builds" do
-  let(:artifacts_file) { fixture_file_upload(Rails.root + 'spec/fixtures/banana_sample.gif', 'image/gif') }
+feature 'Builds', :feature do
+  let(:user) { create(:user) }
+  let(:project) { create(:project) }
+  let(:pipeline) { create(:ci_pipeline, project: project) }
+
+  let(:build) { create(:ci_build, :trace, pipeline: pipeline) }
+  let(:build2) { create(:ci_build) }
+
+  let(:artifacts_file) do
+    fixture_file_upload(Rails.root + 'spec/fixtures/banana_sample.gif', 'image/gif')
+  end
 
   before do
-    login_as(:user)
-    @commit = FactoryGirl.create :ci_pipeline
-    @build = FactoryGirl.create :ci_build, :trace, pipeline: @commit
-    @build2 = FactoryGirl.create :ci_build
-    @project = @commit.project
-    @project.team << [@user, :developer]
+    project.team << [user, :developer]
+    login_as(user)
   end
 
   describe "GET /:project/builds" do
+    let!(:build) { create(:ci_build,  pipeline: pipeline) }
+
     context "Pending scope" do
       before do
-        visit namespace_project_builds_path(@project.namespace, @project, scope: :pending)
+        visit namespace_project_builds_path(project.namespace, project, scope: :pending)
       end
 
       it "shows Pending tab builds" do
         expect(page).to have_link 'Cancel running'
         expect(page).to have_selector('.nav-links li.active', text: 'Pending')
-        expect(page).to have_content @build.short_sha
-        expect(page).to have_content @build.ref
-        expect(page).to have_content @build.name
+        expect(page).to have_content build.short_sha
+        expect(page).to have_content build.ref
+        expect(page).to have_content build.name
       end
     end
 
     context "Running scope" do
       before do
-        @build.run!
-        visit namespace_project_builds_path(@project.namespace, @project, scope: :running)
+        build.run!
+        visit namespace_project_builds_path(project.namespace, project, scope: :running)
       end
 
       it "shows Running tab builds" do
         expect(page).to have_selector('.nav-links li.active', text: 'Running')
         expect(page).to have_link 'Cancel running'
-        expect(page).to have_content @build.short_sha
-        expect(page).to have_content @build.ref
-        expect(page).to have_content @build.name
+        expect(page).to have_content build.short_sha
+        expect(page).to have_content build.ref
+        expect(page).to have_content build.name
       end
     end
 
     context "Finished scope" do
       before do
-        @build.run!
-        visit namespace_project_builds_path(@project.namespace, @project, scope: :finished)
+        build.run!
+        visit namespace_project_builds_path(project.namespace, project, scope: :finished)
       end
 
       it "shows Finished tab builds" do
@@ -58,15 +65,15 @@ describe "Builds" do
 
     context "All builds" do
       before do
-        @project.builds.running_or_pending.each(&:success)
-        visit namespace_project_builds_path(@project.namespace, @project)
+        project.builds.running_or_pending.each(&:success)
+        visit namespace_project_builds_path(project.namespace, project)
       end
 
       it "shows All tab builds" do
         expect(page).to have_selector('.nav-links li.active', text: 'All')
-        expect(page).to have_content @build.short_sha
-        expect(page).to have_content @build.ref
-        expect(page).to have_content @build.name
+        expect(page).to have_content build.short_sha
+        expect(page).to have_content build.ref
+        expect(page).to have_content build.name
         expect(page).not_to have_link 'Cancel running'
       end
     end
@@ -74,17 +81,17 @@ describe "Builds" do
 
   describe "POST /:project/builds/:id/cancel_all" do
     before do
-      @build.run!
-      visit namespace_project_builds_path(@project.namespace, @project)
+      build.run!
+      visit namespace_project_builds_path(project.namespace, project)
       click_link "Cancel running"
     end
 
     it 'shows all necessary content' do
       expect(page).to have_selector('.nav-links li.active', text: 'All')
       expect(page).to have_content 'canceled'
-      expect(page).to have_content @build.short_sha
-      expect(page).to have_content @build.ref
-      expect(page).to have_content @build.name
+      expect(page).to have_content build.short_sha
+      expect(page).to have_content build.ref
+      expect(page).to have_content build.name
       expect(page).not_to have_link 'Cancel running'
     end
   end
@@ -92,20 +99,20 @@ describe "Builds" do
   describe "GET /:project/builds/:id" do
     context "Build from project" do
       before do
-        visit namespace_project_build_path(@project.namespace, @project, @build)
+        visit namespace_project_build_path(project.namespace, project, build)
       end
 
       it 'shows commit`s data' do
         expect(page.status_code).to eq(200)
-        expect(page).to have_content @commit.sha[0..7]
-        expect(page).to have_content @commit.git_commit_message
-        expect(page).to have_content @commit.git_author_name
+        expect(page).to have_content pipeline.sha[0..7]
+        expect(page).to have_content pipeline.git_commit_message
+        expect(page).to have_content pipeline.git_author_name
       end
     end
 
     context "Build from other project" do
       before do
-        visit namespace_project_build_path(@project.namespace, @project, @build2)
+        visit namespace_project_build_path(project.namespace, project, build2)
       end
 
       it { expect(page.status_code).to eq(404) }
@@ -113,8 +120,8 @@ describe "Builds" do
 
     context "Download artifacts" do
       before do
-        @build.update_attributes(artifacts_file: artifacts_file)
-        visit namespace_project_build_path(@project.namespace, @project, @build)
+        build.update_attributes(artifacts_file: artifacts_file)
+        visit namespace_project_build_path(project.namespace, project, build)
       end
 
       it 'has button to download artifacts' do
@@ -124,8 +131,8 @@ describe "Builds" do
 
     context 'Artifacts expire date' do
       before do
-        @build.update_attributes(artifacts_file: artifacts_file, artifacts_expire_at: expire_at)
-        visit namespace_project_build_path(@project.namespace, @project, @build)
+        build.update_attributes(artifacts_file: artifacts_file, artifacts_expire_at: expire_at)
+        visit namespace_project_build_path(project.namespace, project, build)
       end
 
       context 'no expire date defined' do
@@ -158,10 +165,10 @@ describe "Builds" do
       end
     end
 
-    context 'Build raw trace' do
+    feature 'Raw trace' do
       before do
-        @build.run!
-        visit namespace_project_build_path(@project.namespace, @project, @build)
+        build.run!
+        visit namespace_project_build_path(project.namespace, project, build)
       end
 
       it do
@@ -169,11 +176,43 @@ describe "Builds" do
       end
     end
 
-    describe 'Variables' do
+    feature 'HTML trace', :js do
       before do
-        @trigger_request = create :ci_trigger_request_with_variables
-        @build = create :ci_build, pipeline: @commit, trigger_request: @trigger_request
-        visit namespace_project_build_path(@project.namespace, @project, @build)
+        build.run!
+
+        visit namespace_project_build_path(project.namespace, project, build)
+      end
+
+      context 'when build has an initial trace' do
+        it 'loads build trace' do
+          expect(page).to have_content 'BUILD TRACE'
+
+          build.append_trace(' and more trace', 11)
+
+          expect(page).to have_content 'BUILD TRACE and more trace'
+        end
+      end
+
+      context 'when build does not have an initial trace' do
+        let(:build) { create(:ci_build, pipeline: pipeline) }
+
+        it 'loads new trace' do
+          build.append_trace('build trace', 0)
+
+          expect(page).to have_content 'build trace'
+        end
+      end
+    end
+
+    feature 'Variables' do
+      let(:trigger_request) { create(:ci_trigger_request_with_variables) }
+
+      let(:build) do
+        create :ci_build, pipeline: pipeline, trigger_request: trigger_request
+      end
+
+      before do
+        visit namespace_project_build_path(project.namespace, project, build)
       end
 
       it 'shows variable key and value after click', js: true do
@@ -188,13 +227,50 @@ describe "Builds" do
         expect(page).to have_selector('.js-build-value', text: 'TRIGGER_VALUE_1')
       end
     end
+
+    context 'when build starts environment' do
+      let(:environment) { create(:environment, project: project) }
+      let(:pipeline) { create(:ci_pipeline, project: project) }
+
+      context 'build is successfull and has deployment' do
+        let(:deployment) { create(:deployment) }
+        let(:build) { create(:ci_build, :success, environment: environment.name, deployments: [deployment], pipeline: pipeline) }
+
+        it 'shows a link for the build' do
+          visit namespace_project_build_path(project.namespace, project, build)
+
+          expect(page).to have_link environment.name
+        end
+      end
+
+      context 'build is complete and not successfull' do
+        let(:build) { create(:ci_build, :failed, environment: environment.name, pipeline: pipeline) }
+
+        it 'shows a link for the build' do
+          visit namespace_project_build_path(project.namespace, project, build)
+
+          expect(page).to have_link environment.name
+        end
+      end
+
+      context 'build creates a new deployment' do
+        let!(:deployment) { create(:deployment, environment: environment, sha: project.commit.id) }
+        let(:build) { create(:ci_build, :success, environment: environment.name, pipeline: pipeline) }
+
+        it 'shows a link to lastest deployment' do
+          visit namespace_project_build_path(project.namespace, project, build)
+
+          expect(page).to have_link('latest deployment')
+        end
+      end
+    end
   end
 
   describe "POST /:project/builds/:id/cancel" do
     context "Build from project" do
       before do
-        @build.run!
-        visit namespace_project_build_path(@project.namespace, @project, @build)
+        build.run!
+        visit namespace_project_build_path(project.namespace, project, build)
         click_link "Cancel"
       end
 
@@ -207,9 +283,9 @@ describe "Builds" do
 
     context "Build from other project" do
       before do
-        @build.run!
-        visit namespace_project_build_path(@project.namespace, @project, @build)
-        page.driver.post(cancel_namespace_project_build_path(@project.namespace, @project, @build2))
+        build.run!
+        visit namespace_project_build_path(project.namespace, project, build)
+        page.driver.post(cancel_namespace_project_build_path(project.namespace, project, build2))
       end
 
       it { expect(page.status_code).to eq(404) }
@@ -219,8 +295,8 @@ describe "Builds" do
   describe "POST /:project/builds/:id/retry" do
     context "Build from project" do
       before do
-        @build.run!
-        visit namespace_project_build_path(@project.namespace, @project, @build)
+        build.run!
+        visit namespace_project_build_path(project.namespace, project, build)
         click_link 'Cancel'
         page.within('.build-header') do
           click_link 'Retry build'
@@ -238,10 +314,10 @@ describe "Builds" do
 
     context "Build from other project" do
       before do
-        @build.run!
-        visit namespace_project_build_path(@project.namespace, @project, @build)
+        build.run!
+        visit namespace_project_build_path(project.namespace, project, build)
         click_link 'Cancel'
-        page.driver.post(retry_namespace_project_build_path(@project.namespace, @project, @build2))
+        page.driver.post(retry_namespace_project_build_path(project.namespace, project, build2))
       end
 
       it { expect(page).to have_http_status(404) }
@@ -249,13 +325,13 @@ describe "Builds" do
 
     context "Build that current user is not allowed to retry" do
       before do
-        @build.run!
-        @build.cancel!
-        @project.update(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
+        build.run!
+        build.cancel!
+        project.update(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
 
         logout_direct
         login_with(create(:user))
-        visit namespace_project_build_path(@project.namespace, @project, @build)
+        visit namespace_project_build_path(project.namespace, project, build)
       end
 
       it 'does not show the Retry button' do
@@ -268,15 +344,15 @@ describe "Builds" do
 
   describe "GET /:project/builds/:id/download" do
     before do
-      @build.update_attributes(artifacts_file: artifacts_file)
-      visit namespace_project_build_path(@project.namespace, @project, @build)
+      build.update_attributes(artifacts_file: artifacts_file)
+      visit namespace_project_build_path(project.namespace, project, build)
       click_link 'Download'
     end
 
     context "Build from other project" do
       before do
-        @build2.update_attributes(artifacts_file: artifacts_file)
-        visit download_namespace_project_build_artifacts_path(@project.namespace, @project, @build2)
+        build2.update_attributes(artifacts_file: artifacts_file)
+        visit download_namespace_project_build_artifacts_path(project.namespace, project, build2)
       end
 
       it { expect(page.status_code).to eq(404) }
@@ -288,23 +364,23 @@ describe "Builds" do
       context 'build from project' do
         before do
           Capybara.current_session.driver.header('X-Sendfile-Type', 'X-Sendfile')
-          @build.run!
-          visit namespace_project_build_path(@project.namespace, @project, @build)
+          build.run!
+          visit namespace_project_build_path(project.namespace, project, build)
           page.within('.js-build-sidebar') { click_link 'Raw' }
         end
 
         it 'sends the right headers' do
           expect(page.status_code).to eq(200)
           expect(page.response_headers['Content-Type']).to eq('text/plain; charset=utf-8')
-          expect(page.response_headers['X-Sendfile']).to eq(@build.path_to_trace)
+          expect(page.response_headers['X-Sendfile']).to eq(build.path_to_trace)
         end
       end
 
       context 'build from other project' do
         before do
           Capybara.current_session.driver.header('X-Sendfile-Type', 'X-Sendfile')
-          @build2.run!
-          visit raw_namespace_project_build_path(@project.namespace, @project, @build2)
+          build2.run!
+          visit raw_namespace_project_build_path(project.namespace, project, build2)
         end
 
         it 'sends the right headers' do
@@ -325,8 +401,8 @@ describe "Builds" do
       context 'when build has trace in file' do
         before do
           Capybara.current_session.driver.header('X-Sendfile-Type', 'X-Sendfile')
-          @build.run!
-          visit namespace_project_build_path(@project.namespace, @project, @build)
+          build.run!
+          visit namespace_project_build_path(project.namespace, project, build)
 
           allow_any_instance_of(Project).to receive(:ci_id).and_return(nil)
           allow_any_instance_of(Ci::Build).to receive(:path_to_trace).and_return(existing_file)
@@ -345,8 +421,8 @@ describe "Builds" do
       context 'when build has trace in old file' do
         before do
           Capybara.current_session.driver.header('X-Sendfile-Type', 'X-Sendfile')
-          @build.run!
-          visit namespace_project_build_path(@project.namespace, @project, @build)
+          build.run!
+          visit namespace_project_build_path(project.namespace, project, build)
 
           allow_any_instance_of(Project).to receive(:ci_id).and_return(999)
           allow_any_instance_of(Ci::Build).to receive(:path_to_trace).and_return(non_existing_file)
@@ -365,8 +441,8 @@ describe "Builds" do
       context 'when build has trace in DB' do
         before do
           Capybara.current_session.driver.header('X-Sendfile-Type', 'X-Sendfile')
-          @build.run!
-          visit namespace_project_build_path(@project.namespace, @project, @build)
+          build.run!
+          visit namespace_project_build_path(project.namespace, project, build)
 
           allow_any_instance_of(Project).to receive(:ci_id).and_return(nil)
           allow_any_instance_of(Ci::Build).to receive(:path_to_trace).and_return(non_existing_file)
@@ -385,7 +461,7 @@ describe "Builds" do
   describe "GET /:project/builds/:id/trace.json" do
     context "Build from project" do
       before do
-        visit trace_namespace_project_build_path(@project.namespace, @project, @build, format: :json)
+        visit trace_namespace_project_build_path(project.namespace, project, build, format: :json)
       end
 
       it { expect(page.status_code).to eq(200) }
@@ -393,7 +469,7 @@ describe "Builds" do
 
     context "Build from other project" do
       before do
-        visit trace_namespace_project_build_path(@project.namespace, @project, @build2, format: :json)
+        visit trace_namespace_project_build_path(project.namespace, project, build2, format: :json)
       end
 
       it { expect(page.status_code).to eq(404) }
@@ -403,7 +479,7 @@ describe "Builds" do
   describe "GET /:project/builds/:id/status" do
     context "Build from project" do
       before do
-        visit status_namespace_project_build_path(@project.namespace, @project, @build)
+        visit status_namespace_project_build_path(project.namespace, project, build)
       end
 
       it { expect(page.status_code).to eq(200) }
@@ -411,7 +487,7 @@ describe "Builds" do
 
     context "Build from other project" do
       before do
-        visit status_namespace_project_build_path(@project.namespace, @project, @build2)
+        visit status_namespace_project_build_path(project.namespace, project, build2)
       end
 
       it { expect(page.status_code).to eq(404) }
diff --git a/spec/features/projects/commits/cherry_pick_spec.rb b/spec/features/projects/commits/cherry_pick_spec.rb
index e45e3a36d01..d46d9e9399e 100644
--- a/spec/features/projects/commits/cherry_pick_spec.rb
+++ b/spec/features/projects/commits/cherry_pick_spec.rb
@@ -64,7 +64,7 @@ describe 'Cherry-pick Commits' do
 
   context "I cherry-pick a commit from a different branch", js: true do
     it do
-      find('.commit-action-buttons a.dropdown-toggle').click
+      find('.header-action-buttons a.dropdown-toggle').click
       find(:css, "a[href='#modal-cherry-pick-commit']").click
 
       page.within('#modal-cherry-pick-commit') do
diff --git a/spec/features/projects/features_visibility_spec.rb b/spec/features/projects/features_visibility_spec.rb
index 09aa6758b5c..3bb33394be7 100644
--- a/spec/features/projects/features_visibility_spec.rb
+++ b/spec/features/projects/features_visibility_spec.rb
@@ -182,6 +182,44 @@ describe 'Edit Project Settings', feature: true do
         expect(page).not_to have_content("Comments")
       end
     end
+
+    # Regression spec for https://gitlab.com/gitlab-org/gitlab-ce/issues/25272
+    it "hides comments activity tab only on disabled issues, merge requests and repository" do
+      select "Disabled", from: "project_project_feature_attributes_issues_access_level"
+
+      save_changes_and_check_activity_tab do
+        expect(page).to have_content("Comments")
+      end
+
+      visit edit_namespace_project_path(project.namespace, project)
+
+      select "Disabled", from: "project_project_feature_attributes_merge_requests_access_level"
+
+      save_changes_and_check_activity_tab do
+        expect(page).to have_content("Comments")
+      end
+
+      visit edit_namespace_project_path(project.namespace, project)
+
+      select "Disabled", from: "project_project_feature_attributes_repository_access_level"
+
+      save_changes_and_check_activity_tab do
+        expect(page).not_to have_content("Comments")
+      end
+
+      visit edit_namespace_project_path(project.namespace, project)
+    end
+
+    def save_changes_and_check_activity_tab
+      click_button "Save changes"
+      wait_for_ajax
+
+      visit activity_namespace_project_path(project.namespace, project)
+
+      page.within(".event-filter") do
+        yield
+      end
+    end
   end
 
   # Regression spec for https://gitlab.com/gitlab-org/gitlab-ce/issues/24056
diff --git a/spec/features/projects/files/creating_a_file_spec.rb b/spec/features/projects/files/creating_a_file_spec.rb
new file mode 100644
index 00000000000..ae448706130
--- /dev/null
+++ b/spec/features/projects/files/creating_a_file_spec.rb
@@ -0,0 +1,44 @@
+require 'spec_helper'
+
+feature 'User wants to create a file', feature: true do
+  include WaitForAjax
+
+  let(:project) { create(:project) }
+  let(:user) { create(:user) }
+
+  background do
+    project.team << [user, :master]
+    login_as user
+    visit namespace_project_new_blob_path(project.namespace, project, project.default_branch)
+  end
+
+  def submit_new_file(options)
+    file_name = find('#file_name')
+    file_name.set options[:file_name] || 'README.md'
+
+    file_content = find('#file-content')
+    file_content.set options[:file_content] || 'Some content'
+
+    click_button 'Commit Changes'
+  end
+
+  scenario 'file name contains Chinese characters' do
+    submit_new_file(file_name: '测试.md')
+    expect(page).to have_content 'The file has been successfully created.'
+  end
+
+  scenario 'directory name contains Chinese characters' do
+    submit_new_file(file_name: '中文/测试.md')
+    expect(page).to have_content 'The file has been successfully created.'
+  end
+
+  scenario 'file name contains invalid characters' do
+    submit_new_file(file_name: '\\')
+    expect(page).to have_content 'Your changes could not be committed, because the file name can contain only'
+  end
+
+  scenario 'file name contains directory traversal' do
+    submit_new_file(file_name: '../README.md')
+    expect(page).to have_content 'Your changes could not be committed, because the file name cannot include directory traversal.'
+  end
+end
diff --git a/spec/features/projects/gfm_autocomplete_load_spec.rb b/spec/features/projects/gfm_autocomplete_load_spec.rb
index 1921ea6d8ae..dd9622f16a0 100644
--- a/spec/features/projects/gfm_autocomplete_load_spec.rb
+++ b/spec/features/projects/gfm_autocomplete_load_spec.rb
@@ -10,12 +10,12 @@ describe 'GFM autocomplete loading', feature: true, js: true do
   end
 
   it 'does not load on project#show' do
-    expect(evaluate_script('GitLab.GfmAutoComplete.dataSource')).to eq('')
+    expect(evaluate_script('gl.GfmAutoComplete.dataSources')).to eq({})
   end
 
   it 'loads on new issue page' do
     visit new_namespace_project_issue_path(project.namespace, project)
 
-    expect(evaluate_script('GitLab.GfmAutoComplete.dataSource')).not_to eq('')
+    expect(evaluate_script('gl.GfmAutoComplete.dataSources')).not_to eq({})
   end
 end
diff --git a/spec/features/projects/guest_navigation_menu_spec.rb b/spec/features/projects/guest_navigation_menu_spec.rb
index c22441f8929..8120a51c515 100644
--- a/spec/features/projects/guest_navigation_menu_spec.rb
+++ b/spec/features/projects/guest_navigation_menu_spec.rb
@@ -1,8 +1,8 @@
 require 'spec_helper'
 
 describe "Guest navigation menu" do
-  let(:project) { create :empty_project, :private }
-  let(:guest) { create :user }
+  let(:project) { create(:empty_project, :private, public_builds: false) }
+  let(:guest) { create(:user) }
 
   before do
     project.team << [guest, :guest]
diff --git a/spec/features/projects/import_export/test_project_export.tar.gz b/spec/features/projects/import_export/test_project_export.tar.gz
index bfe59bdb90e..d3165d07d7b 100644
--- a/spec/features/projects/import_export/test_project_export.tar.gz
+++ b/spec/features/projects/import_export/test_project_export.tar.gz
diff --git a/spec/features/projects/labels/subscription_spec.rb b/spec/features/projects/labels/subscription_spec.rb
new file mode 100644
index 00000000000..3130d87fba5
--- /dev/null
+++ b/spec/features/projects/labels/subscription_spec.rb
@@ -0,0 +1,74 @@
+require 'spec_helper'
+
+feature 'Labels subscription', feature: true do
+  let(:user)     { create(:user) }
+  let(:group)    { create(:group) }
+  let(:project)  { create(:empty_project, :public, namespace: group) }
+  let!(:bug)     { create(:label, project: project, title: 'bug') }
+  let!(:feature) { create(:group_label, group: group, title: 'feature') }
+
+  context 'when signed in' do
+    before do
+      project.team << [user, :developer]
+      login_as user
+    end
+
+    scenario 'users can subscribe/unsubscribe to labels', js: true do
+      visit namespace_project_labels_path(project.namespace, project)
+
+      expect(page).to have_content('bug')
+      expect(page).to have_content('feature')
+
+      within "#project_label_#{bug.id}" do
+        expect(page).not_to have_button 'Unsubscribe'
+
+        click_button 'Subscribe'
+
+        expect(page).not_to have_button 'Subscribe'
+        expect(page).to have_button 'Unsubscribe'
+
+        click_button 'Unsubscribe'
+
+        expect(page).to have_button 'Subscribe'
+        expect(page).not_to have_button 'Unsubscribe'
+      end
+
+      within "#group_label_#{feature.id}" do
+        expect(page).not_to have_button 'Unsubscribe'
+
+        click_link_on_dropdown('Group level')
+
+        expect(page).not_to have_selector('.dropdown-group-label')
+        expect(page).to have_button 'Unsubscribe'
+
+        click_button 'Unsubscribe'
+
+        expect(page).to have_selector('.dropdown-group-label')
+
+        click_link_on_dropdown('Project level')
+
+        expect(page).not_to have_selector('.dropdown-group-label')
+        expect(page).to have_button 'Unsubscribe'
+      end
+    end
+  end
+
+  context 'when not signed in' do
+    it 'users can not subscribe/unsubscribe to labels' do
+      visit namespace_project_labels_path(project.namespace, project)
+
+      expect(page).to have_content 'bug'
+      expect(page).to have_content 'feature'
+      expect(page).not_to have_button('Subscribe')
+      expect(page).not_to have_selector('.dropdown-group-label')
+    end
+  end
+
+  def click_link_on_dropdown(text)
+    find('.dropdown-group-label').click
+
+    page.within('.dropdown-group-label') do
+      find('a.js-subscribe-button', text: text).click
+    end
+  end
+end
diff --git a/spec/features/projects/members/group_links_spec.rb b/spec/features/projects/members/group_links_spec.rb
index cc2f695211c..94995f7cf95 100644
--- a/spec/features/projects/members/group_links_spec.rb
+++ b/spec/features/projects/members/group_links_spec.rb
@@ -16,12 +16,17 @@ feature 'Projects > Members > Anonymous user sees members', feature: true, js: t
   end
 
   it 'updates group access level' do
-    select 'Guest', from: "member_access_level_#{group.id}"
+    click_button @group_link.human_access
+
+    page.within '.dropdown-menu' do
+      click_link 'Guest'
+    end
+
     wait_for_ajax
 
     visit namespace_project_project_members_path(project.namespace, project)
 
-    expect(page).to have_select("member_access_level_#{group.id}", selected: 'Guest')
+    expect(first('.group_member')).to have_content('Guest')
   end
 
   it 'updates expiry date' do
diff --git a/spec/features/projects/members/group_member_cannot_leave_group_project_spec.rb b/spec/features/projects/members/group_member_cannot_leave_group_project_spec.rb
index 728c0e16361..b483ba4c54c 100644
--- a/spec/features/projects/members/group_member_cannot_leave_group_project_spec.rb
+++ b/spec/features/projects/members/group_member_cannot_leave_group_project_spec.rb
@@ -12,6 +12,6 @@ feature 'Projects > Members > Group member cannot leave group project', feature:
   end
 
   scenario 'user does not see a "Leave project" link' do
-    expect(page).not_to have_content 'Leave Project'
+    expect(page).not_to have_content 'Leave project'
   end
 end
diff --git a/spec/features/projects/members/group_members_spec.rb b/spec/features/projects/members/group_members_spec.rb
new file mode 100644
index 00000000000..7d0065ee2c4
--- /dev/null
+++ b/spec/features/projects/members/group_members_spec.rb
@@ -0,0 +1,90 @@
+require 'spec_helper'
+
+feature 'Projects members', feature: true do
+  let(:user) { create(:user) }
+  let(:developer) { create(:user) }
+  let(:group) { create(:group, :public, :access_requestable) }
+  let(:project) { create(:empty_project, :public, :access_requestable, creator: user, group: group) }
+  let(:project_invitee) { create(:project_member, project: project, invite_token: '123', invite_email: 'test1@abc.com', user: nil) }
+  let(:group_invitee) { create(:group_member, group: group, invite_token: '123', invite_email: 'test2@abc.com', user: nil) }
+  let(:project_requester) { create(:user) }
+  let(:group_requester) { create(:user) }
+
+  background do
+    project.team << [developer, :developer]
+    group.add_owner(user)
+    login_as(user)
+  end
+
+  context 'with a group invitee' do
+    before do
+      group_invitee
+      visit namespace_project_project_members_path(project.namespace, project)
+    end
+
+    scenario 'does not appear in the project members page' do
+      page.within first('.content-list') do
+        expect(page).not_to have_content('test2@abc.com')
+      end
+    end
+  end
+
+  context 'with a group and a project invitee' do
+    before do
+      group_invitee
+      project_invitee
+      visit namespace_project_project_members_path(project.namespace, project)
+    end
+
+    scenario 'shows the project invitee, the project developer, and the group owner' do
+      page.within first('.content-list') do
+        expect(page).to have_content('test1@abc.com')
+        expect(page).not_to have_content('test2@abc.com')
+
+        # Project developer
+        expect(page).to have_content(developer.name)
+
+        # Group owner
+        expect(page).to have_content(user.name)
+        expect(page).to have_content(group.name)
+      end
+    end
+  end
+
+  context 'with a group requester' do
+    before do
+      group.request_access(group_requester)
+      visit namespace_project_project_members_path(project.namespace, project)
+    end
+
+    scenario 'does not appear in the project members page' do
+      page.within first('.content-list') do
+        expect(page).not_to have_content(group_requester.name)
+      end
+    end
+  end
+
+  context 'with a group and a project requesters' do
+    before do
+      group.request_access(group_requester)
+      project.request_access(project_requester)
+      visit namespace_project_project_members_path(project.namespace, project)
+    end
+
+    scenario 'shows the project requester, the project developer, and the group owner' do
+      page.within first('.content-list') do
+        expect(page).to have_content(project_requester.name)
+        expect(page).not_to have_content(group_requester.name)
+      end
+
+      page.within all('.content-list').last do
+        # Project developer
+        expect(page).to have_content(developer.name)
+
+        # Group owner
+        expect(page).to have_content(user.name)
+        expect(page).to have_content(group.name)
+      end
+    end
+  end
+end
diff --git a/spec/features/projects/members/group_requester_cannot_request_access_to_project_spec.rb b/spec/features/projects/members/group_requester_cannot_request_access_to_project_spec.rb
index c4ed92d2780..bdeeef57273 100644
--- a/spec/features/projects/members/group_requester_cannot_request_access_to_project_spec.rb
+++ b/spec/features/projects/members/group_requester_cannot_request_access_to_project_spec.rb
@@ -1,10 +1,10 @@
 require 'spec_helper'
 
-feature 'Projects > Members > Group requester cannot request access to project', feature: true do
+feature 'Projects > Members > Group requester cannot request access to project', feature: true, js: true do
   let(:user) { create(:user) }
   let(:owner) { create(:user) }
-  let(:group) { create(:group, :public) }
-  let(:project) { create(:project, :public, namespace: group) }
+  let(:group) { create(:group, :public, :access_requestable) }
+  let(:project) { create(:project, :public, :access_requestable, namespace: group) }
 
   background do
     group.add_owner(owner)
diff --git a/spec/features/projects/members/master_manages_access_requests_spec.rb b/spec/features/projects/members/master_manages_access_requests_spec.rb
index d15376931c3..143390b71cd 100644
--- a/spec/features/projects/members/master_manages_access_requests_spec.rb
+++ b/spec/features/projects/members/master_manages_access_requests_spec.rb
@@ -3,7 +3,7 @@ require 'spec_helper'
 feature 'Projects > Members > Master manages access requests', feature: true do
   let(:user) { create(:user) }
   let(:master) { create(:user) }
-  let(:project) { create(:project, :public) }
+  let(:project) { create(:empty_project, :public, :access_requestable) }
 
   background do
     project.request_access(user)
diff --git a/spec/features/projects/members/member_leaves_project_spec.rb b/spec/features/projects/members/member_leaves_project_spec.rb
index 79dec442818..5daa932e4e6 100644
--- a/spec/features/projects/members/member_leaves_project_spec.rb
+++ b/spec/features/projects/members/member_leaves_project_spec.rb
@@ -11,7 +11,7 @@ feature 'Projects > Members > Member leaves project', feature: true do
   end
 
   scenario 'user leaves project' do
-    click_link 'Leave Project'
+    click_link 'Leave project'
 
     expect(current_path).to eq(dashboard_projects_path)
     expect(project.users.exists?(user.id)).to be_falsey
diff --git a/spec/features/projects/members/owner_cannot_leave_project_spec.rb b/spec/features/projects/members/owner_cannot_leave_project_spec.rb
index 6e948b7a616..b26d55c5d5d 100644
--- a/spec/features/projects/members/owner_cannot_leave_project_spec.rb
+++ b/spec/features/projects/members/owner_cannot_leave_project_spec.rb
@@ -8,7 +8,7 @@ feature 'Projects > Members > Owner cannot leave project', feature: true do
     visit namespace_project_path(project.namespace, project)
   end
 
-  scenario 'user does not see a "Leave Project" link' do
-    expect(page).not_to have_content 'Leave Project'
+  scenario 'user does not see a "Leave project" link' do
+    expect(page).not_to have_content 'Leave project'
   end
 end
diff --git a/spec/features/projects/members/sorting_spec.rb b/spec/features/projects/members/sorting_spec.rb
new file mode 100644
index 00000000000..d6ebb523f95
--- /dev/null
+++ b/spec/features/projects/members/sorting_spec.rb
@@ -0,0 +1,98 @@
+require 'spec_helper'
+
+feature 'Projects > Members > Sorting', feature: true do
+  let(:master)    { create(:user, name: 'John Doe') }
+  let(:developer) { create(:user, name: 'Mary Jane', last_sign_in_at: 5.days.ago) }
+  let(:project)   { create(:empty_project) }
+
+  background do
+    create(:project_member, :master, user: master, project: project, created_at: 5.days.ago)
+    create(:project_member, :developer, user: developer, project: project, created_at: 3.days.ago)
+
+    login_as(master)
+  end
+
+  scenario 'sorts alphabetically by default' do
+    visit_members_list(sort: nil)
+
+    expect(first_member).to include(master.name)
+    expect(second_member).to include(developer.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Name, ascending')
+  end
+
+  scenario 'sorts by access level ascending' do
+    visit_members_list(sort: :access_level_asc)
+
+    expect(first_member).to include(developer.name)
+    expect(second_member).to include(master.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Access level, ascending')
+  end
+
+  scenario 'sorts by access level descending' do
+    visit_members_list(sort: :access_level_desc)
+
+    expect(first_member).to include(master.name)
+    expect(second_member).to include(developer.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Access level, descending')
+  end
+
+  scenario 'sorts by last joined' do
+    visit_members_list(sort: :last_joined)
+
+    expect(first_member).to include(developer.name)
+    expect(second_member).to include(master.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Last joined')
+  end
+
+  scenario 'sorts by oldest joined' do
+    visit_members_list(sort: :oldest_joined)
+
+    expect(first_member).to include(master.name)
+    expect(second_member).to include(developer.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Oldest joined')
+  end
+
+  scenario 'sorts by name ascending' do
+    visit_members_list(sort: :name_asc)
+
+    expect(first_member).to include(master.name)
+    expect(second_member).to include(developer.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Name, ascending')
+  end
+
+  scenario 'sorts by name descending' do
+    visit_members_list(sort: :name_desc)
+
+    expect(first_member).to include(developer.name)
+    expect(second_member).to include(master.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Name, descending')
+  end
+
+  scenario 'sorts by recent sign in' do
+    visit_members_list(sort: :recent_sign_in)
+
+    expect(first_member).to include(master.name)
+    expect(second_member).to include(developer.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Recent sign in')
+  end
+
+  scenario 'sorts by oldest sign in' do
+    visit_members_list(sort: :oldest_sign_in)
+
+    expect(first_member).to include(developer.name)
+    expect(second_member).to include(master.name)
+    expect(page).to have_css('.member-sort-dropdown .dropdown-toggle-text', text: 'Oldest sign in')
+  end
+
+  def visit_members_list(sort:)
+    visit namespace_project_project_members_path(project.namespace.to_param, project.to_param, sort: sort)
+  end
+
+  def first_member
+    page.all('ul.content-list > li').first.text
+  end
+
+  def second_member
+    page.all('ul.content-list > li').last.text
+  end
+end
diff --git a/spec/features/projects/members/user_requests_access_spec.rb b/spec/features/projects/members/user_requests_access_spec.rb
index 56ede8eb5be..97c42bd7f01 100644
--- a/spec/features/projects/members/user_requests_access_spec.rb
+++ b/spec/features/projects/members/user_requests_access_spec.rb
@@ -3,7 +3,7 @@ require 'spec_helper'
 feature 'Projects > Members > User requests access', feature: true do
   let(:user) { create(:user) }
   let(:master) { create(:user) }
-  let(:project) { create(:project, :public) }
+  let(:project) { create(:project, :public, :access_requestable) }
 
   background do
     project.team << [master, :master]
diff --git a/spec/features/projects/new_project_spec.rb b/spec/features/projects/new_project_spec.rb
new file mode 100644
index 00000000000..abfc46601fb
--- /dev/null
+++ b/spec/features/projects/new_project_spec.rb
@@ -0,0 +1,19 @@
+require "spec_helper"
+
+feature "New project", feature: true do
+  context "Visibility level selector" do
+    let(:user) { create(:admin) }
+
+    before { login_as(user) }
+
+    Gitlab::VisibilityLevel.options.each do |key, level|
+      it "sets selector to #{key}" do
+        stub_application_setting(default_project_visibility: level)
+
+        visit new_project_path
+
+        expect(find_field("project_visibility_level_#{level}")).to be_checked
+      end
+    end
+  end
+end
diff --git a/spec/features/projects/pipelines/pipeline_spec.rb b/spec/features/projects/pipelines/pipeline_spec.rb
new file mode 100644
index 00000000000..0a77eaa123c
--- /dev/null
+++ b/spec/features/projects/pipelines/pipeline_spec.rb
@@ -0,0 +1,239 @@
+require 'spec_helper'
+
+describe "Pipelines", feature: true, js: true do
+  include GitlabRoutingHelper
+
+  let(:project) { create(:empty_project) }
+  let(:user) { create(:user) }
+
+  before do
+    login_as(user)
+    project.team << [user, :developer]
+  end
+
+  describe 'GET /:project/pipelines/:id' do
+    let(:project) { create(:project) }
+    let(:pipeline) { create(:ci_pipeline, project: project, ref: 'master', sha: project.commit.id) }
+
+    before do
+      @success = create(:ci_build, :success, pipeline: pipeline, stage: 'build', name: 'build')
+      @failed = create(:ci_build, :failed, pipeline: pipeline, stage: 'test', name: 'test', commands: 'test')
+      @running = create(:ci_build, :running, pipeline: pipeline, stage: 'deploy', name: 'deploy')
+      @manual = create(:ci_build, :manual, pipeline: pipeline, stage: 'deploy', name: 'manual build')
+      @external = create(:generic_commit_status, status: 'success', pipeline: pipeline, name: 'jenkins', stage: 'external')
+    end
+
+    before { visit namespace_project_pipeline_path(project.namespace, project, pipeline) }
+
+    it 'shows the pipeline graph' do
+      expect(page).to have_selector('.pipeline-visualization')
+      expect(page).to have_content('Build')
+      expect(page).to have_content('Test')
+      expect(page).to have_content('Deploy')
+      expect(page).to have_content('Retry failed')
+      expect(page).to have_content('Cancel running')
+    end
+
+    it 'shows Pipeline tab pane as active' do
+      expect(page).to have_css('#js-tab-pipeline.active')
+    end
+
+    describe 'pipeline graph' do
+      context 'when pipeline has running builds' do
+        it 'shows a running icon and a cancel action for the running build' do
+          page.within('a[data-title="deploy - running"]') do
+            expect(page).to have_selector('.ci-status-icon-running')
+            expect(page).to have_content('deploy')
+          end
+
+          page.within('a[data-title="deploy - running"] + .ci-action-icon-container') do
+            expect(page).to have_selector('.ci-action-icon-container .fa-ban')
+          end
+        end
+
+        it 'should be possible to cancel the running build' do
+          find('a[data-title="deploy - running"] + .ci-action-icon-container').trigger('click')
+
+          expect(page).not_to have_content('Cancel running')
+        end
+      end
+
+      context 'when pipeline has successful builds' do
+        it 'shows the success icon and a retry action for the successfull build' do
+          page.within('a[data-title="build - passed"]') do
+            expect(page).to have_selector('.ci-status-icon-success')
+            expect(page).to have_content('build')
+          end
+
+          page.within('a[data-title="build - passed"] + .ci-action-icon-container') do
+            expect(page).to have_selector('.ci-action-icon-container .fa-refresh')
+          end
+        end
+
+        it 'should be possible to retry the success build' do
+          find('a[data-title="build - passed"] + .ci-action-icon-container').trigger('click')
+
+          expect(page).not_to have_content('Retry build')
+        end
+      end
+
+      context 'when pipeline has failed builds' do
+        it 'shows the failed icon and a retry action for the failed build' do
+          page.within('a[data-title="test - failed"]') do
+            expect(page).to have_selector('.ci-status-icon-failed')
+            expect(page).to have_content('test')
+          end
+
+          page.within('a[data-title="test - failed"] + .ci-action-icon-container') do
+            expect(page).to have_selector('.ci-action-icon-container .fa-refresh')
+          end
+        end
+
+        it 'should be possible to retry the failed build' do
+          find('a[data-title="test - failed"] + .ci-action-icon-container').trigger('click')
+
+          expect(page).not_to have_content('Retry build')
+        end
+      end
+
+      context 'when pipeline has manual builds' do
+        it 'shows the skipped icon and a play action for the manual build' do
+          page.within('a[data-title="manual build - manual play action"]') do
+            expect(page).to have_selector('.ci-status-icon-skipped')
+            expect(page).to have_content('manual')
+          end
+
+          page.within('a[data-title="manual build - manual play action"] + .ci-action-icon-container') do
+            expect(page).to have_selector('.ci-action-icon-container .fa-play')
+          end
+        end
+
+        it 'should be possible to play the manual build' do
+          find('a[data-title="manual build - manual play action"] + .ci-action-icon-container').trigger('click')
+
+          expect(page).not_to have_content('Play build')
+        end
+      end
+
+      context 'when pipeline has external build' do
+        it 'shows the success icon and the generic comit status build' do
+          expect(page).to have_selector('.ci-status-icon-success')
+          expect(page).to have_content('jenkins')
+        end
+      end
+    end
+
+    context 'page tabs' do
+      it 'shows Pipeline and Builds tabs with link' do
+        expect(page).to have_link('Pipeline')
+        expect(page).to have_link('Builds')
+      end
+
+      it 'shows counter in Builds tab' do
+        expect(page.find('.js-builds-counter').text).to eq(pipeline.statuses.count.to_s)
+      end
+
+      it 'shows Pipeline tab as active' do
+        expect(page).to have_css('.js-pipeline-tab-link.active')
+      end
+    end
+
+    context 'retrying builds' do
+      it { expect(page).not_to have_content('retried') }
+
+      context 'when retrying' do
+        before { click_on 'Retry failed' }
+
+        it { expect(page).not_to have_content('Retry failed') }
+      end
+    end
+
+    context 'canceling builds' do
+      it { expect(page).not_to have_selector('.ci-canceled') }
+
+      context 'when canceling' do
+        before { click_on 'Cancel running' }
+
+        it { expect(page).not_to have_content('Cancel running') }
+      end
+    end
+  end
+
+  describe 'GET /:project/pipelines/:id/builds' do
+    let(:project) { create(:project) }
+    let(:pipeline) { create(:ci_pipeline, project: project, ref: 'master', sha: project.commit.id) }
+
+    before do
+      @success = create(:ci_build, :success, pipeline: pipeline, stage: 'build', name: 'build')
+      @failed = create(:ci_build, :failed, pipeline: pipeline, stage: 'test', name: 'test', commands: 'test')
+      @running = create(:ci_build, :running, pipeline: pipeline, stage: 'deploy', name: 'deploy')
+      @manual = create(:ci_build, :manual, pipeline: pipeline, stage: 'deploy', name: 'manual build')
+      @external = create(:generic_commit_status, status: 'success', pipeline: pipeline, name: 'jenkins', stage: 'external')
+    end
+
+    before { visit builds_namespace_project_pipeline_path(project.namespace, project, pipeline)}
+
+    it 'shows a list of builds' do
+      expect(page).to have_content('Test')
+      expect(page).to have_content(@success.id)
+      expect(page).to have_content('Deploy')
+      expect(page).to have_content(@failed.id)
+      expect(page).to have_content(@running.id)
+      expect(page).to have_content(@external.id)
+      expect(page).to have_content('Retry failed')
+      expect(page).to have_content('Cancel running')
+      expect(page).to have_link('Play')
+    end
+
+    it 'shows Builds tab pane as active' do
+      expect(page).to have_css('#js-tab-builds.active')
+    end
+
+    context 'page tabs' do
+      it 'shows Pipeline and Builds tabs with link' do
+        expect(page).to have_link('Pipeline')
+        expect(page).to have_link('Builds')
+      end
+
+      it 'shows counter in Builds tab' do
+        expect(page.find('.js-builds-counter').text).to eq(pipeline.statuses.count.to_s)
+      end
+
+      it 'shows Builds tab as active' do
+        expect(page).to have_css('li.js-builds-tab-link.active')
+      end
+    end
+
+    context 'retrying builds' do
+      it { expect(page).not_to have_content('retried') }
+
+      context 'when retrying' do
+        before { click_on 'Retry failed' }
+
+        it { expect(page).not_to have_content('Retry failed') }
+        it { expect(page).to have_selector('.retried') }
+      end
+    end
+
+    context 'canceling builds' do
+      it { expect(page).not_to have_selector('.ci-canceled') }
+
+      context 'when canceling' do
+        before { click_on 'Cancel running' }
+
+        it { expect(page).not_to have_content('Cancel running') }
+        it { expect(page).to have_selector('.ci-canceled') }
+      end
+    end
+
+    context 'playing manual build' do
+      before do
+        within '.pipeline-holder' do
+          click_link('Play')
+        end
+      end
+
+      it { expect(@manual.reload).to be_pending }
+    end
+  end
+end
diff --git a/spec/features/projects/pipelines_spec.rb b/spec/features/projects/pipelines/pipelines_spec.rb
index db56a50e058..f3731698a18 100644
--- a/spec/features/projects/pipelines_spec.rb
+++ b/spec/features/projects/pipelines/pipelines_spec.rb
@@ -90,13 +90,20 @@ describe "Pipelines" do
           visit namespace_project_pipelines_path(project.namespace, project)
         end
 
-        it 'is not cancelable' do
-          expect(page).not_to have_link('Cancel')
+        it 'is cancelable' do
+          expect(page).to have_link('Cancel')
         end
 
         it 'has pipeline running' do
           expect(page).to have_selector('.ci-running')
         end
+
+        context 'when canceling' do
+          before { click_link('Cancel') }
+
+          it { expect(page).not_to have_link('Cancel') }
+          it { expect(page).to have_selector('.ci-canceled') }
+        end
       end
 
       context 'when failed' do
@@ -145,64 +152,6 @@ describe "Pipelines" do
     end
   end
 
-  describe 'GET /:project/pipelines/:id' do
-    let(:pipeline) { create(:ci_pipeline, project: project, ref: 'master') }
-
-    before do
-      @success = create(:ci_build, :success, pipeline: pipeline, stage: 'build', name: 'build')
-      @failed = create(:ci_build, :failed, pipeline: pipeline, stage: 'test', name: 'test', commands: 'test')
-      @running = create(:ci_build, :running, pipeline: pipeline, stage: 'deploy', name: 'deploy')
-      @manual = create(:ci_build, :manual, pipeline: pipeline, stage: 'deploy', name: 'manual build')
-      @external = create(:generic_commit_status, status: 'success', pipeline: pipeline, name: 'jenkins', stage: 'external')
-    end
-
-    before { visit namespace_project_pipeline_path(project.namespace, project, pipeline) }
-
-    it 'shows a list of builds' do
-      expect(page).to have_content('Test')
-      expect(page).to have_content(@success.id)
-      expect(page).to have_content('Deploy')
-      expect(page).to have_content(@failed.id)
-      expect(page).to have_content(@running.id)
-      expect(page).to have_content(@external.id)
-      expect(page).to have_content('Retry failed')
-      expect(page).to have_content('Cancel running')
-      expect(page).to have_link('Play')
-    end
-
-    context 'retrying builds' do
-      it { expect(page).not_to have_content('retried') }
-
-      context 'when retrying' do
-        before { click_on 'Retry failed' }
-
-        it { expect(page).not_to have_content('Retry failed') }
-        it { expect(page).to have_selector('.retried') }
-      end
-    end
-
-    context 'canceling builds' do
-      it { expect(page).not_to have_selector('.ci-canceled') }
-
-      context 'when canceling' do
-        before { click_on 'Cancel running' }
-
-        it { expect(page).not_to have_content('Cancel running') }
-        it { expect(page).to have_selector('.ci-canceled') }
-      end
-    end
-
-    context 'playing manual build' do
-      before do
-        within '.pipeline-holder' do
-          click_link('Play')
-        end
-      end
-
-      it { expect(@manual.reload).to be_pending }
-    end
-  end
-
   describe 'POST /:project/pipelines' do
     let(:project) { create(:project) }
 
diff --git a/spec/features/projects/project_settings_spec.rb b/spec/features/projects/project_settings_spec.rb
index 3de25d7af7d..bf60cca4ea4 100644
--- a/spec/features/projects/project_settings_spec.rb
+++ b/spec/features/projects/project_settings_spec.rb
@@ -18,7 +18,7 @@ describe 'Edit Project Settings', feature: true do
       click_button 'Save changes'
 
       expect(page).to have_field 'project_name_edit', with: 'foo&bar'
-      expect(page).to have_content "Name can contain only letters, digits, '_', '.', dash and space. It must start with letter, digit or '_'."
+      expect(page).to have_content "Name can contain only letters, digits, emojis, '_', '.', dash, space. It must start with letter, digit, emoji or '_'."
       expect(page).to have_button 'Save changes'
     end
   end
@@ -34,8 +34,21 @@ describe 'Edit Project Settings', feature: true do
 
       expect(page).to have_field 'Project name', with: 'foo&bar'
       expect(page).to have_field 'Path', with: 'foo&bar'
-      expect(page).to have_content "Name can contain only letters, digits, '_', '.', dash and space. It must start with letter, digit or '_'."
+      expect(page).to have_content "Name can contain only letters, digits, emojis, '_', '.', dash, space. It must start with letter, digit, emoji or '_'."
       expect(page).to have_content "Path can contain only letters, digits, '_', '-' and '.'. Cannot start with '-', end in '.git' or end in '.atom'"
     end
   end
+
+  describe 'Rename repository name with emojis' do
+    it 'shows error for invalid project name' do
+      visit edit_namespace_project_path(project.namespace, project)
+
+      fill_in 'Project name', with: '🚀 foo bar ☁️'
+
+      click_button 'Rename project'
+
+      expect(page).to have_field 'Project name', with: '🚀 foo bar ☁️'
+      expect(page).not_to have_content "Name can contain only letters, digits, emojis '_', '.', dash and space. It must start with letter, digit, emoji or '_'."
+    end
+  end
 end
diff --git a/spec/features/projects/services/mattermost_slash_command_spec.rb b/spec/features/projects/services/mattermost_slash_command_spec.rb
new file mode 100644
index 00000000000..f474e7e891b
--- /dev/null
+++ b/spec/features/projects/services/mattermost_slash_command_spec.rb
@@ -0,0 +1,48 @@
+require 'spec_helper'
+
+feature 'Setup Mattermost slash commands', feature: true do
+  include WaitForAjax
+
+  let(:user) { create(:user) }
+  let(:project) { create(:project) }
+  let(:service) { project.create_mattermost_slash_commands_service }
+
+  before do
+    project.team << [user, :master]
+    login_as(user)
+  end
+
+  describe 'user visites the mattermost slash command config page', js: true do
+    it 'shows a help message' do
+      visit edit_namespace_project_service_path(project.namespace, project, service)
+
+      wait_for_ajax
+
+      expect(page).to have_content("This service allows GitLab users to perform common")
+    end
+  end
+
+  describe 'saving a token' do
+    let(:token) { ('a'..'z').to_a.join }
+
+    it 'shows the token after saving' do
+      visit edit_namespace_project_service_path(project.namespace, project, service)
+
+      fill_in 'service_token', with: token
+      click_on 'Save'
+
+      value = find_field('service_token').value
+
+      expect(value).to eq(token)
+    end
+  end
+
+  describe 'the trigger url' do
+    it 'shows the correct url' do
+      visit edit_namespace_project_service_path(project.namespace, project, service)
+
+      value = find_field('request_url').value
+      expect(value).to match("api/v3/projects/#{project.id}/services/mattermost_slash_commands/trigger")
+    end
+  end
+end
diff --git a/spec/features/projects/slack_service/slack_service_spec.rb b/spec/features/projects/services/slack_service_spec.rb
index 16541f51d98..320ed13a01d 100644
--- a/spec/features/projects/slack_service/slack_service_spec.rb
+++ b/spec/features/projects/services/slack_service_spec.rb
@@ -2,8 +2,8 @@ require 'spec_helper'
 
 feature 'Projects > Slack service > Setup events', feature: true do
   let(:user) { create(:user) }
-  let(:service) { SlackService.new }
-  let(:project) { create(:project, slack_service: service) }
+  let(:service) { SlackNotificationService.new }
+  let(:project) { create(:project, slack_notification_service: service) }
 
   background do
     service.fields
diff --git a/spec/features/projects/settings/merge_requests_settings_spec.rb b/spec/features/projects/settings/merge_requests_settings_spec.rb
new file mode 100644
index 00000000000..4bfaa499272
--- /dev/null
+++ b/spec/features/projects/settings/merge_requests_settings_spec.rb
@@ -0,0 +1,70 @@
+require 'spec_helper'
+
+feature 'Project settings > Merge Requests', feature: true, js: true do
+  include GitlabRoutingHelper
+
+  let(:project) { create(:empty_project, :public) }
+  let(:user) { create(:user) }
+
+  background do
+    project.team << [user, :master]
+    login_as(user)
+  end
+
+  context 'when Merge Request and Builds are initially enabled' do
+    before do
+      project.project_feature.update_attribute('merge_requests_access_level', ProjectFeature::ENABLED)
+    end
+
+    context 'when Builds are initially enabled' do
+      before do
+        project.project_feature.update_attribute('builds_access_level', ProjectFeature::ENABLED)
+        visit edit_project_path(project)
+      end
+
+      scenario 'shows the Merge Requests settings' do
+        expect(page).to have_content('Only allow merge requests to be merged if the build succeeds')
+        expect(page).to have_content('Only allow merge requests to be merged if all discussions are resolved')
+
+        select 'Disabled', from: "project_project_feature_attributes_merge_requests_access_level"
+
+        expect(page).not_to have_content('Only allow merge requests to be merged if the build succeeds')
+        expect(page).not_to have_content('Only allow merge requests to be merged if all discussions are resolved')
+      end
+    end
+
+    context 'when Builds are initially disabled' do
+      before do
+        project.project_feature.update_attribute('builds_access_level', ProjectFeature::DISABLED)
+        visit edit_project_path(project)
+      end
+
+      scenario 'shows the Merge Requests settings that do not depend on Builds feature' do
+        expect(page).not_to have_content('Only allow merge requests to be merged if the build succeeds')
+        expect(page).to have_content('Only allow merge requests to be merged if all discussions are resolved')
+
+        select 'Everyone with access', from: "project_project_feature_attributes_builds_access_level"
+
+        expect(page).to have_content('Only allow merge requests to be merged if the build succeeds')
+        expect(page).to have_content('Only allow merge requests to be merged if all discussions are resolved')
+      end
+    end
+  end
+
+  context 'when Merge Request are initially disabled' do
+    before do
+      project.project_feature.update_attribute('merge_requests_access_level', ProjectFeature::DISABLED)
+      visit edit_project_path(project)
+    end
+
+    scenario 'does not show the Merge Requests settings' do
+      expect(page).not_to have_content('Only allow merge requests to be merged if the build succeeds')
+      expect(page).not_to have_content('Only allow merge requests to be merged if all discussions are resolved')
+
+      select 'Everyone with access', from: "project_project_feature_attributes_merge_requests_access_level"
+
+      expect(page).to have_content('Only allow merge requests to be merged if the build succeeds')
+      expect(page).to have_content('Only allow merge requests to be merged if all discussions are resolved')
+    end
+  end
+end
diff --git a/spec/features/projects/wiki/user_creates_wiki_page_spec.rb b/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
index 7afd83b7250..fff8b9f3447 100644
--- a/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
+++ b/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
@@ -20,7 +20,7 @@ feature 'Projects > Wiki > User creates wiki page', feature: true do
         click_button 'Create page'
 
         expect(page).to have_content('Home')
-        expect(page).to have_content("last edited by #{user.name}")
+        expect(page).to have_content("Last edited by #{user.name}")
         expect(page).to have_content('My awesome wiki!')
       end
     end
@@ -41,7 +41,7 @@ feature 'Projects > Wiki > User creates wiki page', feature: true do
           click_button 'Create page'
 
           expect(page).to have_content('Foo')
-          expect(page).to have_content("last edited by #{user.name}")
+          expect(page).to have_content("Last edited by #{user.name}")
           expect(page).to have_content('My awesome wiki!')
         end
 
@@ -55,7 +55,7 @@ feature 'Projects > Wiki > User creates wiki page', feature: true do
           click_button 'Create page'
 
           expect(page).to have_content('Spaces in the name')
-          expect(page).to have_content("last edited by #{user.name}")
+          expect(page).to have_content("Last edited by #{user.name}")
           expect(page).to have_content('My awesome wiki!')
         end
 
@@ -69,7 +69,7 @@ feature 'Projects > Wiki > User creates wiki page', feature: true do
           click_button 'Create page'
 
           expect(page).to have_content('Hyphens in the name')
-          expect(page).to have_content("last edited by #{user.name}")
+          expect(page).to have_content("Last edited by #{user.name}")
           expect(page).to have_content('My awesome wiki!')
         end
       end
@@ -85,7 +85,7 @@ feature 'Projects > Wiki > User creates wiki page', feature: true do
         click_button 'Create page'
 
         expect(page).to have_content('Home')
-        expect(page).to have_content("last edited by #{user.name}")
+        expect(page).to have_content("Last edited by #{user.name}")
         expect(page).to have_content('My awesome wiki!')
       end
     end
@@ -105,7 +105,7 @@ feature 'Projects > Wiki > User creates wiki page', feature: true do
         click_button 'Create page'
 
         expect(page).to have_content('Foo')
-        expect(page).to have_content("last edited by #{user.name}")
+        expect(page).to have_content("Last edited by #{user.name}")
         expect(page).to have_content('My awesome wiki!')
       end
     end
diff --git a/spec/features/projects/wiki/user_updates_wiki_page_spec.rb b/spec/features/projects/wiki/user_updates_wiki_page_spec.rb
index ef82d2375dd..f842d14fa96 100644
--- a/spec/features/projects/wiki/user_updates_wiki_page_spec.rb
+++ b/spec/features/projects/wiki/user_updates_wiki_page_spec.rb
@@ -22,7 +22,7 @@ feature 'Projects > Wiki > User updates wiki page', feature: true do
       click_button 'Save changes'
 
       expect(page).to have_content('Home')
-      expect(page).to have_content("last edited by #{user.name}")
+      expect(page).to have_content("Last edited by #{user.name}")
       expect(page).to have_content('My awesome wiki!')
     end
   end
@@ -37,7 +37,7 @@ feature 'Projects > Wiki > User updates wiki page', feature: true do
       click_button 'Save changes'
 
       expect(page).to have_content('Home')
-      expect(page).to have_content("last edited by #{user.name}")
+      expect(page).to have_content("Last edited by #{user.name}")
       expect(page).to have_content('My awesome wiki!')
     end
   end
diff --git a/spec/features/search_spec.rb b/spec/features/search_spec.rb
index 1806200c82c..caecd027aaa 100644
--- a/spec/features/search_spec.rb
+++ b/spec/features/search_spec.rb
@@ -100,6 +100,32 @@ describe "Search", feature: true  do
 
       expect(page).to have_link(snippet.title)
     end
+
+    it 'finds a commit' do
+      visit namespace_project_path(project.namespace, project)
+
+      page.within '.search' do
+        fill_in 'search', with: 'add'
+        click_button 'Go'
+      end
+
+      click_link "Commits"
+
+      expect(page).to have_selector('.commit-row-description')
+    end
+
+    it 'finds a code' do
+      visit namespace_project_path(project.namespace, project)
+
+      page.within '.search' do
+        fill_in 'search', with: 'def'
+        click_button 'Go'
+      end
+
+      click_link "Code"
+
+      expect(page).to have_selector('.file-content .code')
+    end
   end
 
   describe 'Right header search field', feature: true do
diff --git a/spec/features/security/admin_access_spec.rb b/spec/features/security/admin_access_spec.rb
index fe8cd7b7602..e180ca53eb5 100644
--- a/spec/features/security/admin_access_spec.rb
+++ b/spec/features/security/admin_access_spec.rb
@@ -4,7 +4,7 @@ describe "Admin::Projects", feature: true  do
   include AccessMatchers
 
   describe "GET /admin/projects" do
-    subject { admin_namespaces_projects_path }
+    subject { admin_projects_path }
 
     it { is_expected.to be_allowed_for :admin }
     it { is_expected.to be_denied_for :user }
diff --git a/spec/features/security/group/internal_access_spec.rb b/spec/features/security/group/internal_access_spec.rb
index 35fcef7a712..87cce32d6c6 100644
--- a/spec/features/security/group/internal_access_spec.rb
+++ b/spec/features/security/group/internal_access_spec.rb
@@ -3,25 +3,12 @@ require 'rails_helper'
 describe 'Internal Group access', feature: true do
   include AccessMatchers
 
-  let(:group) { create(:group, :internal) }
+  let(:group)   { create(:group, :internal) }
   let(:project) { create(:project, :internal, group: group) }
-
-  let(:owner)     { create(:user) }
-  let(:master)    { create(:user) }
-  let(:developer) { create(:user) }
-  let(:reporter)  { create(:user) }
-  let(:guest)     { create(:user) }
-
-  let(:project_guest) { create(:user) }
-
-  before do
-    group.add_owner(owner)
-    group.add_master(master)
-    group.add_developer(developer)
-    group.add_reporter(reporter)
-    group.add_guest(guest)
-
-    project.team << [project_guest, :guest]
+  let(:project_guest) do
+    create(:user) do |user|
+      project.add_guest(user)
+    end
   end
 
   describe "Group should be internal" do
@@ -34,75 +21,75 @@ describe 'Internal Group access', feature: true do
   describe 'GET /groups/:path' do
     subject { group_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for project_guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_allowed_for(:master).of(group) }
+    it { is_expected.to be_allowed_for(:developer).of(group) }
+    it { is_expected.to be_allowed_for(:reporter).of(group) }
+    it { is_expected.to be_allowed_for(:guest).of(group) }
+    it { is_expected.to be_allowed_for(project_guest) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe 'GET /groups/:path/issues' do
     subject { issues_group_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for project_guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_allowed_for(:master).of(group) }
+    it { is_expected.to be_allowed_for(:developer).of(group) }
+    it { is_expected.to be_allowed_for(:reporter).of(group) }
+    it { is_expected.to be_allowed_for(:guest).of(group) }
+    it { is_expected.to be_allowed_for(project_guest) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe 'GET /groups/:path/merge_requests' do
     subject { merge_requests_group_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for project_guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_allowed_for(:master).of(group) }
+    it { is_expected.to be_allowed_for(:developer).of(group) }
+    it { is_expected.to be_allowed_for(:reporter).of(group) }
+    it { is_expected.to be_allowed_for(:guest).of(group) }
+    it { is_expected.to be_allowed_for(project_guest) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe 'GET /groups/:path/group_members' do
     subject { group_group_members_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for project_guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_allowed_for(:master).of(group) }
+    it { is_expected.to be_allowed_for(:developer).of(group) }
+    it { is_expected.to be_allowed_for(:reporter).of(group) }
+    it { is_expected.to be_allowed_for(:guest).of(group) }
+    it { is_expected.to be_allowed_for(project_guest) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe 'GET /groups/:path/edit' do
     subject { edit_group_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_denied_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for project_guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :visitor }
-    it { is_expected.to be_denied_for :external }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_denied_for(:master).of(group) }
+    it { is_expected.to be_denied_for(:developer).of(group) }
+    it { is_expected.to be_denied_for(:reporter).of(group) }
+    it { is_expected.to be_denied_for(:guest).of(group) }
+    it { is_expected.to be_denied_for(project_guest) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:visitor) }
+    it { is_expected.to be_denied_for(:external) }
   end
 end
diff --git a/spec/features/security/group/private_access_spec.rb b/spec/features/security/group/private_access_spec.rb
index 75a93342628..1d6b3e77c22 100644
--- a/spec/features/security/group/private_access_spec.rb
+++ b/spec/features/security/group/private_access_spec.rb
@@ -3,25 +3,12 @@ require 'rails_helper'
 describe 'Private Group access', feature: true do
   include AccessMatchers
 
-  let(:group) { create(:group, :private) }
+  let(:group)   { create(:group, :private) }
   let(:project) { create(:project, :private, group: group) }
-
-  let(:owner)     { create(:user) }
-  let(:master)    { create(:user) }
-  let(:developer) { create(:user) }
-  let(:reporter)  { create(:user) }
-  let(:guest)     { create(:user) }
-
-  let(:project_guest) { create(:user) }
-
-  before do
-    group.add_owner(owner)
-    group.add_master(master)
-    group.add_developer(developer)
-    group.add_reporter(reporter)
-    group.add_guest(guest)
-
-    project.team << [project_guest, :guest]
+  let(:project_guest) do
+    create(:user) do |user|
+      project.add_guest(user)
+    end
   end
 
   describe "Group should be private" do
@@ -34,75 +21,75 @@ describe 'Private Group access', feature: true do
   describe 'GET /groups/:path' do
     subject { group_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for project_guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_allowed_for(:master).of(group) }
+    it { is_expected.to be_allowed_for(:developer).of(group) }
+    it { is_expected.to be_allowed_for(:reporter).of(group) }
+    it { is_expected.to be_allowed_for(:guest).of(group) }
+    it { is_expected.to be_allowed_for(project_guest) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe 'GET /groups/:path/issues' do
     subject { issues_group_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for project_guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_allowed_for(:master).of(group) }
+    it { is_expected.to be_allowed_for(:developer).of(group) }
+    it { is_expected.to be_allowed_for(:reporter).of(group) }
+    it { is_expected.to be_allowed_for(:guest).of(group) }
+    it { is_expected.to be_allowed_for(project_guest) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe 'GET /groups/:path/merge_requests' do
     subject { merge_requests_group_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for project_guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_allowed_for(:master).of(group) }
+    it { is_expected.to be_allowed_for(:developer).of(group) }
+    it { is_expected.to be_allowed_for(:reporter).of(group) }
+    it { is_expected.to be_allowed_for(:guest).of(group) }
+    it { is_expected.to be_allowed_for(project_guest) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe 'GET /groups/:path/group_members' do
     subject { group_group_members_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for project_guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_allowed_for(:master).of(group) }
+    it { is_expected.to be_allowed_for(:developer).of(group) }
+    it { is_expected.to be_allowed_for(:reporter).of(group) }
+    it { is_expected.to be_allowed_for(:guest).of(group) }
+    it { is_expected.to be_allowed_for(project_guest) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe 'GET /groups/:path/edit' do
     subject { edit_group_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_denied_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for project_guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :visitor }
-    it { is_expected.to be_denied_for :external }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_denied_for(:master).of(group) }
+    it { is_expected.to be_denied_for(:developer).of(group) }
+    it { is_expected.to be_denied_for(:reporter).of(group) }
+    it { is_expected.to be_denied_for(:guest).of(group) }
+    it { is_expected.to be_denied_for(project_guest) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:visitor) }
+    it { is_expected.to be_denied_for(:external) }
   end
 end
diff --git a/spec/features/security/group/public_access_spec.rb b/spec/features/security/group/public_access_spec.rb
index 6c5ee93970b..d7d76177269 100644
--- a/spec/features/security/group/public_access_spec.rb
+++ b/spec/features/security/group/public_access_spec.rb
@@ -3,25 +3,12 @@ require 'rails_helper'
 describe 'Public Group access', feature: true do
   include AccessMatchers
 
-  let(:group) { create(:group, :public) }
+  let(:group)   { create(:group, :public) }
   let(:project) { create(:project, :public, group: group) }
-
-  let(:owner)     { create(:user) }
-  let(:master)    { create(:user) }
-  let(:developer) { create(:user) }
-  let(:reporter)  { create(:user) }
-  let(:guest)     { create(:user) }
-
-  let(:project_guest) { create(:user) }
-
-  before do
-    group.add_owner(owner)
-    group.add_master(master)
-    group.add_developer(developer)
-    group.add_reporter(reporter)
-    group.add_guest(guest)
-    
-    project.team << [project_guest, :guest]
+  let(:project_guest) do
+    create(:user) do |user|
+      project.add_guest(user)
+    end
   end
 
   describe "Group should be public" do
@@ -34,75 +21,75 @@ describe 'Public Group access', feature: true do
   describe 'GET /groups/:path' do
     subject { group_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for project_guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_allowed_for(:master).of(group) }
+    it { is_expected.to be_allowed_for(:developer).of(group) }
+    it { is_expected.to be_allowed_for(:reporter).of(group) }
+    it { is_expected.to be_allowed_for(:guest).of(group) }
+    it { is_expected.to be_allowed_for(project_guest) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe 'GET /groups/:path/issues' do
     subject { issues_group_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for project_guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_allowed_for(:master).of(group) }
+    it { is_expected.to be_allowed_for(:developer).of(group) }
+    it { is_expected.to be_allowed_for(:reporter).of(group) }
+    it { is_expected.to be_allowed_for(:guest).of(group) }
+    it { is_expected.to be_allowed_for(project_guest) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe 'GET /groups/:path/merge_requests' do
     subject { merge_requests_group_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for project_guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_allowed_for(:master).of(group) }
+    it { is_expected.to be_allowed_for(:developer).of(group) }
+    it { is_expected.to be_allowed_for(:reporter).of(group) }
+    it { is_expected.to be_allowed_for(:guest).of(group) }
+    it { is_expected.to be_allowed_for(project_guest) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe 'GET /groups/:path/group_members' do
     subject { group_group_members_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for project_guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_allowed_for(:master).of(group) }
+    it { is_expected.to be_allowed_for(:developer).of(group) }
+    it { is_expected.to be_allowed_for(:reporter).of(group) }
+    it { is_expected.to be_allowed_for(:guest).of(group) }
+    it { is_expected.to be_allowed_for(project_guest) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe 'GET /groups/:path/edit' do
     subject { edit_group_path(group) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_denied_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for project_guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :visitor }
-    it { is_expected.to be_denied_for :external }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(group) }
+    it { is_expected.to be_denied_for(:master).of(group) }
+    it { is_expected.to be_denied_for(:developer).of(group) }
+    it { is_expected.to be_denied_for(:reporter).of(group) }
+    it { is_expected.to be_denied_for(:guest).of(group) }
+    it { is_expected.to be_denied_for(project_guest) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:visitor) }
+    it { is_expected.to be_denied_for(:external) }
   end
 end
diff --git a/spec/features/security/project/internal_access_spec.rb b/spec/features/security/project/internal_access_spec.rb
index b6acc509342..1897c8119d2 100644
--- a/spec/features/security/project/internal_access_spec.rb
+++ b/spec/features/security/project/internal_access_spec.rb
@@ -5,19 +5,6 @@ describe "Internal Project Access", feature: true  do
 
   let(:project) { create(:project, :internal) }
 
-  let(:owner)     { project.owner }
-  let(:master)    { create(:user) }
-  let(:developer) { create(:user) }
-  let(:reporter)  { create(:user) }
-  let(:guest)     { create(:user) }
-
-  before do
-    project.team << [master, :master]
-    project.team << [developer, :developer]
-    project.team << [reporter, :reporter]
-    project.team << [guest, :guest]
-  end
-
   describe "Project should be internal" do
     describe '#internal?' do
       subject { project.internal? }
@@ -28,213 +15,213 @@ describe "Internal Project Access", feature: true  do
   describe "GET /:project_path" do
     subject { namespace_project_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/tree/master" do
     subject { namespace_project_tree_path(project.namespace, project, project.repository.root_ref) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/commits/master" do
     subject { namespace_project_commits_path(project.namespace, project, project.repository.root_ref, limit: 1) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/commit/:sha" do
     subject { namespace_project_commit_path(project.namespace, project, project.repository.commit) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/compare" do
     subject { namespace_project_compare_index_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/project_members" do
     subject { namespace_project_project_members_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :visitor }
-    it { is_expected.to be_denied_for :external }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:visitor) }
+    it { is_expected.to be_denied_for(:external) }
   end
 
   describe "GET /:project_path/blob" do
     let(:commit) { project.repository.commit }
     subject { namespace_project_blob_path(project.namespace, project, File.join(commit.id, '.gitignore')) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/edit" do
     subject { edit_namespace_project_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_denied_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/deploy_keys" do
     subject { namespace_project_deploy_keys_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_denied_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/issues" do
     subject { namespace_project_issues_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/issues/:id/edit" do
     let(:issue) { create(:issue, project: project) }
     subject { edit_namespace_project_issue_path(project.namespace, project, issue) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/snippets" do
     subject { namespace_project_snippets_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/snippets/new" do
     subject { new_namespace_project_snippet_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/merge_requests" do
     subject { namespace_project_merge_requests_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/merge_requests/new" do
     subject { new_namespace_project_merge_request_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/branches" do
@@ -245,15 +232,15 @@ describe "Internal Project Access", feature: true  do
       allow_any_instance_of(Project).to receive(:branches).and_return([])
     end
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/tags" do
@@ -264,58 +251,58 @@ describe "Internal Project Access", feature: true  do
       allow_any_instance_of(Project).to receive(:tags).and_return([])
     end
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/hooks" do
     subject { namespace_project_hooks_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_denied_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/pipelines" do
     subject { namespace_project_pipelines_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/pipelines/:id" do
     let(:pipeline) { create(:ci_pipeline, project: project) }
     subject { namespace_project_pipeline_path(project.namespace, project, pipeline) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/builds" do
@@ -324,29 +311,29 @@ describe "Internal Project Access", feature: true  do
     context "when allowed for public and internal" do
       before { project.update(public_builds: true) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_allowed_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_allowed_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
 
     context "when disallowed for public and internal" do
       before { project.update(public_builds: false) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_denied_for guest }
-      it { is_expected.to be_denied_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_denied_for(:guest).of(project) }
+      it { is_expected.to be_denied_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
   end
 
@@ -358,73 +345,73 @@ describe "Internal Project Access", feature: true  do
     context "when allowed for public and internal" do
       before { project.update(public_builds: true) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_allowed_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_allowed_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
 
     context "when disallowed for public and internal" do
       before { project.update(public_builds: false) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_denied_for guest }
-      it { is_expected.to be_denied_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_denied_for(:guest).of(project) }
+      it { is_expected.to be_denied_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
   end
 
   describe "GET /:project_path/environments" do
     subject { namespace_project_environments_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/environments/:id" do
     let(:environment) { create(:environment, project: project) }
     subject { namespace_project_environment_path(project.namespace, project, environment) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/environments/new" do
     subject { new_namespace_project_environment_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/container_registry" do
@@ -435,14 +422,14 @@ describe "Internal Project Access", feature: true  do
 
     subject { namespace_project_container_registry_index_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 end
diff --git a/spec/features/security/project/private_access_spec.rb b/spec/features/security/project/private_access_spec.rb
index 79417c769a8..f52e23f9433 100644
--- a/spec/features/security/project/private_access_spec.rb
+++ b/spec/features/security/project/private_access_spec.rb
@@ -3,20 +3,7 @@ require 'spec_helper'
 describe "Private Project Access", feature: true  do
   include AccessMatchers
 
-  let(:project) { create(:project, :private) }
-
-  let(:owner)     { project.owner }
-  let(:master)    { create(:user) }
-  let(:developer) { create(:user) }
-  let(:reporter)  { create(:user) }
-  let(:guest)     { create(:user) }
-
-  before do
-    project.team << [master, :master]
-    project.team << [developer, :developer]
-    project.team << [reporter, :reporter]
-    project.team << [guest, :guest]
-  end
+  let(:project) { create(:project, :private, public_builds: false) }
 
   describe "Project should be private" do
     describe '#private?' do
@@ -28,185 +15,185 @@ describe "Private Project Access", feature: true  do
   describe "GET /:project_path" do
     subject { namespace_project_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/tree/master" do
     subject { namespace_project_tree_path(project.namespace, project, project.repository.root_ref) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/commits/master" do
     subject { namespace_project_commits_path(project.namespace, project, project.repository.root_ref, limit: 1) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/commit/:sha" do
     subject { namespace_project_commit_path(project.namespace, project, project.repository.commit) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/compare" do
     subject { namespace_project_compare_index_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/project_members" do
     subject { namespace_project_project_members_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/blob" do
     let(:commit) { project.repository.commit }
     subject { namespace_project_blob_path(project.namespace, project, File.join(commit.id, '.gitignore'))}
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/edit" do
     subject { edit_namespace_project_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_denied_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/deploy_keys" do
     subject { namespace_project_deploy_keys_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_denied_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/issues" do
     subject { namespace_project_issues_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/issues/:id/edit" do
     let(:issue) { create(:issue, project: project) }
     subject { edit_namespace_project_issue_path(project.namespace, project, issue) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/snippets" do
     subject { namespace_project_snippets_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/merge_requests" do
     subject { namespace_project_merge_requests_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for  guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/branches" do
@@ -217,15 +204,15 @@ describe "Private Project Access", feature: true  do
       allow_any_instance_of(Project).to receive(:branches).and_return([])
     end
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/tags" do
@@ -236,72 +223,108 @@ describe "Private Project Access", feature: true  do
       allow_any_instance_of(Project).to receive(:tags).and_return([])
     end
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/hooks" do
     subject { namespace_project_hooks_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_denied_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/pipelines" do
     subject { namespace_project_pipelines_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
+
+    context 'when public builds is enabled' do
+      before do
+        project.update(public_builds: true)
+      end
+
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+    end
+
+    context 'when public buils are disabled' do
+      it { is_expected.to be_denied_for(:guest).of(project) }
+    end
   end
 
   describe "GET /:project_path/pipelines/:id" do
     let(:pipeline) { create(:ci_pipeline, project: project) }
     subject { namespace_project_pipeline_path(project.namespace, project, pipeline) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
+
+    context 'when public builds is enabled' do
+      before do
+        project.update(public_builds: true)
+      end
+
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+    end
+
+    context 'when public buils are disabled' do
+      it { is_expected.to be_denied_for(:guest).of(project) }
+    end
   end
 
   describe "GET /:project_path/builds" do
     subject { namespace_project_builds_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
+
+    context 'when public builds is enabled' do
+      before do
+        project.update(public_builds: true)
+      end
+
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+    end
+
+    context 'when public buils are disabled' do
+      it { is_expected.to be_denied_for(:guest).of(project) }
+    end
   end
 
   describe "GET /:project_path/builds/:id" do
@@ -309,58 +332,75 @@ describe "Private Project Access", feature: true  do
     let(:build) { create(:ci_build, pipeline: pipeline) }
     subject { namespace_project_build_path(project.namespace, project, build.id) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
+
+    context 'when public builds is enabled' do
+      before do
+        project.update(public_builds: true)
+      end
+
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+    end
+
+    context 'when public buils are disabled' do
+      before do
+        project.public_builds = false
+        project.save
+      end
+
+      it { is_expected.to be_denied_for(:guest).of(project) }
+    end
   end
 
   describe "GET /:project_path/environments" do
     subject { namespace_project_environments_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/environments/:id" do
     let(:environment) { create(:environment, project: project) }
     subject { namespace_project_environment_path(project.namespace, project, environment) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/environments/new" do
     subject { new_namespace_project_environment_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/container_registry" do
@@ -371,14 +411,14 @@ describe "Private Project Access", feature: true  do
 
     subject { namespace_project_container_registry_index_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 end
diff --git a/spec/features/security/project/public_access_spec.rb b/spec/features/security/project/public_access_spec.rb
index 985663e7c98..bed9e92fcb6 100644
--- a/spec/features/security/project/public_access_spec.rb
+++ b/spec/features/security/project/public_access_spec.rb
@@ -5,19 +5,6 @@ describe "Public Project Access", feature: true  do
 
   let(:project) { create(:project, :public) }
 
-  let(:owner)     { project.owner }
-  let(:master)    { create(:user) }
-  let(:developer) { create(:user) }
-  let(:reporter)  { create(:user) }
-  let(:guest)     { create(:user) }
-
-  before do
-    project.team << [master, :master]
-    project.team << [developer, :developer]
-    project.team << [reporter, :reporter]
-    project.team << [guest, :guest]
-  end
-
   describe "Project should be public" do
     describe '#public?' do
       subject { project.public? }
@@ -28,114 +15,114 @@ describe "Public Project Access", feature: true  do
   describe "GET /:project_path" do
     subject { namespace_project_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/tree/master" do
     subject { namespace_project_tree_path(project.namespace, project, project.repository.root_ref) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/commits/master" do
     subject { namespace_project_commits_path(project.namespace, project, project.repository.root_ref, limit: 1) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/commit/:sha" do
     subject { namespace_project_commit_path(project.namespace, project, project.repository.commit) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/compare" do
     subject { namespace_project_compare_index_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/project_members" do
     subject { namespace_project_project_members_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :visitor }
-    it { is_expected.to be_allowed_for :external }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:visitor) }
+    it { is_expected.to be_allowed_for(:external) }
   end
 
   describe "GET /:project_path/pipelines" do
     subject { namespace_project_pipelines_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/pipelines/:id" do
     let(:pipeline) { create(:ci_pipeline, project: project) }
     subject { namespace_project_pipeline_path(project.namespace, project, pipeline) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/builds" do
@@ -144,29 +131,29 @@ describe "Public Project Access", feature: true  do
     context "when allowed for public" do
       before { project.update(public_builds: true) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_allowed_for :user }
-      it { is_expected.to be_allowed_for :external }
-      it { is_expected.to be_allowed_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_allowed_for(:user) }
+      it { is_expected.to be_allowed_for(:external) }
+      it { is_expected.to be_allowed_for(:visitor) }
     end
 
     context "when disallowed for public" do
       before { project.update(public_builds: false) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_denied_for guest }
-      it { is_expected.to be_denied_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_denied_for(:guest).of(project) }
+      it { is_expected.to be_denied_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
   end
 
@@ -178,73 +165,73 @@ describe "Public Project Access", feature: true  do
     context "when allowed for public" do
       before { project.update(public_builds: true) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_allowed_for :user }
-      it { is_expected.to be_allowed_for :external }
-      it { is_expected.to be_allowed_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_allowed_for(:user) }
+      it { is_expected.to be_allowed_for(:external) }
+      it { is_expected.to be_allowed_for(:visitor) }
     end
 
     context "when disallowed for public" do
       before { project.update(public_builds: false) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_denied_for guest }
-      it { is_expected.to be_denied_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_denied_for(:guest).of(project) }
+      it { is_expected.to be_denied_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
   end
 
   describe "GET /:project_path/environments" do
     subject { namespace_project_environments_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/environments/:id" do
     let(:environment) { create(:environment, project: project) }
     subject { namespace_project_environment_path(project.namespace, project, environment) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/environments/new" do
     subject { new_namespace_project_environment_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/blob" do
@@ -252,127 +239,127 @@ describe "Public Project Access", feature: true  do
 
     subject { namespace_project_blob_path(project.namespace, project, File.join(commit.id, '.gitignore')) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/edit" do
     subject { edit_namespace_project_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_denied_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/deploy_keys" do
     subject { namespace_project_deploy_keys_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_denied_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/issues" do
     subject { namespace_project_issues_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/issues/:id/edit" do
     let(:issue) { create(:issue, project: project) }
     subject { edit_namespace_project_issue_path(project.namespace, project, issue) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/snippets" do
     subject { namespace_project_snippets_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/snippets/new" do
     subject { new_namespace_project_snippet_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/merge_requests" do
     subject { namespace_project_merge_requests_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/merge_requests/new" do
     subject { new_namespace_project_merge_request_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/branches" do
@@ -383,15 +370,15 @@ describe "Public Project Access", feature: true  do
       allow_any_instance_of(Project).to receive(:branches).and_return([])
     end
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/tags" do
@@ -402,29 +389,29 @@ describe "Public Project Access", feature: true  do
       allow_any_instance_of(Project).to receive(:tags).and_return([])
     end
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/hooks" do
     subject { namespace_project_hooks_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_denied_for(:developer).of(project) }
+    it { is_expected.to be_denied_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/container_registry" do
@@ -435,14 +422,14 @@ describe "Public Project Access", feature: true  do
 
     subject { namespace_project_container_registry_index_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 end
diff --git a/spec/features/security/project/snippet/internal_access_spec.rb b/spec/features/security/project/snippet/internal_access_spec.rb
index 49deacc5c74..2659b3ee3ec 100644
--- a/spec/features/security/project/snippet/internal_access_spec.rb
+++ b/spec/features/security/project/snippet/internal_access_spec.rb
@@ -5,76 +5,64 @@ describe "Internal Project Snippets Access", feature: true  do
 
   let(:project) { create(:empty_project, :internal) }
 
-  let(:owner)     { project.owner }
-  let(:master)    { create(:user) }
-  let(:developer) { create(:user) }
-  let(:reporter)  { create(:user) }
-  let(:guest)     { create(:user) }
-  let(:internal_snippet) { create(:project_snippet, :internal, project: project, author: owner) }
-  let(:private_snippet)  { create(:project_snippet, :private, project: project, author: owner) }
-
-  before do
-    project.team << [master, :master]
-    project.team << [developer, :developer]
-    project.team << [reporter, :reporter]
-    project.team << [guest, :guest]
-  end
+  let(:internal_snippet) { create(:project_snippet, :internal, project: project, author: project.owner) }
+  let(:private_snippet)  { create(:project_snippet, :private,  project: project, author: project.owner) }
 
   describe "GET /:project_path/snippets" do
     subject { namespace_project_snippets_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/snippets/new" do
     subject { new_namespace_project_snippet_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/snippets/:id" do
     context "for an internal snippet" do
       subject { namespace_project_snippet_path(project.namespace, project, internal_snippet) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_allowed_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_allowed_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
 
     context "for a private snippet" do
       subject { namespace_project_snippet_path(project.namespace, project, private_snippet) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_denied_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_denied_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
   end
 
@@ -82,29 +70,29 @@ describe "Internal Project Snippets Access", feature: true  do
     context "for an internal snippet" do
       subject { raw_namespace_project_snippet_path(project.namespace, project, internal_snippet) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_allowed_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_allowed_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
 
     context "for a private snippet" do
       subject { raw_namespace_project_snippet_path(project.namespace, project, private_snippet) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_denied_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_denied_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
   end
 end
diff --git a/spec/features/security/project/snippet/private_access_spec.rb b/spec/features/security/project/snippet/private_access_spec.rb
index a1bfc076d99..6eb9f163bd5 100644
--- a/spec/features/security/project/snippet/private_access_spec.rb
+++ b/spec/features/security/project/snippet/private_access_spec.rb
@@ -5,73 +5,61 @@ describe "Private Project Snippets Access", feature: true  do
 
   let(:project) { create(:empty_project, :private) }
 
-  let(:owner)     { project.owner }
-  let(:master)    { create(:user) }
-  let(:developer) { create(:user) }
-  let(:reporter)  { create(:user) }
-  let(:guest)     { create(:user) }
-  let(:private_snippet)  { create(:project_snippet, :private, project: project, author: owner) }
-
-  before do
-    project.team << [master, :master]
-    project.team << [developer, :developer]
-    project.team << [reporter, :reporter]
-    project.team << [guest, :guest]
-  end
+  let(:private_snippet)  { create(:project_snippet, :private, project: project, author: project.owner) }
 
   describe "GET /:project_path/snippets" do
     subject { namespace_project_snippets_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/snippets/new" do
     subject { new_namespace_project_snippet_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/snippets/:id for a private snippet" do
     subject { namespace_project_snippet_path(project.namespace, project, private_snippet) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/snippets/:id/raw for a private snippet" do
     subject { raw_namespace_project_snippet_path(project.namespace, project, private_snippet) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 end
diff --git a/spec/features/security/project/snippet/public_access_spec.rb b/spec/features/security/project/snippet/public_access_spec.rb
index 30bcd87ef04..f3329d0bc96 100644
--- a/spec/features/security/project/snippet/public_access_spec.rb
+++ b/spec/features/security/project/snippet/public_access_spec.rb
@@ -5,91 +5,79 @@ describe "Public Project Snippets Access", feature: true  do
 
   let(:project) { create(:empty_project, :public) }
 
-  let(:owner)     { project.owner }
-  let(:master)    { create(:user) }
-  let(:developer) { create(:user) }
-  let(:reporter)  { create(:user) }
-  let(:guest)     { create(:user) }
-  let(:public_snippet)   { create(:project_snippet, :public, project: project, author: owner) }
-  let(:internal_snippet) { create(:project_snippet, :internal, project: project, author: owner) }
-  let(:private_snippet)  { create(:project_snippet, :private, project: project, author: owner) }
-
-  before do
-    project.team << [master, :master]
-    project.team << [developer, :developer]
-    project.team << [reporter, :reporter]
-    project.team << [guest, :guest]
-  end
+  let(:public_snippet)   { create(:project_snippet, :public,   project: project, author: project.owner) }
+  let(:internal_snippet) { create(:project_snippet, :internal, project: project, author: project.owner) }
+  let(:private_snippet)  { create(:project_snippet, :private,  project: project, author: project.owner) }
 
   describe "GET /:project_path/snippets" do
     subject { namespace_project_snippets_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_allowed_for guest }
-    it { is_expected.to be_allowed_for :user }
-    it { is_expected.to be_allowed_for :external }
-    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_allowed_for(:guest).of(project) }
+    it { is_expected.to be_allowed_for(:user) }
+    it { is_expected.to be_allowed_for(:external) }
+    it { is_expected.to be_allowed_for(:visitor) }
   end
 
   describe "GET /:project_path/snippets/new" do
     subject { new_namespace_project_snippet_path(project.namespace, project) }
 
-    it { is_expected.to be_allowed_for :admin }
-    it { is_expected.to be_allowed_for owner }
-    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_allowed_for developer }
-    it { is_expected.to be_allowed_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
   end
 
   describe "GET /:project_path/snippets/:id" do
     context "for a public snippet" do
       subject { namespace_project_snippet_path(project.namespace, project, public_snippet) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_allowed_for :user }
-      it { is_expected.to be_allowed_for :external }
-      it { is_expected.to be_allowed_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_allowed_for(:user) }
+      it { is_expected.to be_allowed_for(:external) }
+      it { is_expected.to be_allowed_for(:visitor) }
     end
 
     context "for an internal snippet" do
       subject { namespace_project_snippet_path(project.namespace, project, internal_snippet) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_allowed_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_allowed_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
 
     context "for a private snippet" do
       subject { namespace_project_snippet_path(project.namespace, project, private_snippet) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_denied_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_denied_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
   end
 
@@ -97,43 +85,43 @@ describe "Public Project Snippets Access", feature: true  do
     context "for a public snippet" do
       subject { raw_namespace_project_snippet_path(project.namespace, project, public_snippet) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_allowed_for :user }
-      it { is_expected.to be_allowed_for :external }
-      it { is_expected.to be_allowed_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_allowed_for(:user) }
+      it { is_expected.to be_allowed_for(:external) }
+      it { is_expected.to be_allowed_for(:visitor) }
     end
 
     context "for an internal snippet" do
       subject { raw_namespace_project_snippet_path(project.namespace, project, internal_snippet) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_allowed_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_allowed_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
 
     context "for a private snippet" do
       subject { raw_namespace_project_snippet_path(project.namespace, project, private_snippet) }
 
-      it { is_expected.to be_allowed_for :admin }
-      it { is_expected.to be_allowed_for owner }
-      it { is_expected.to be_allowed_for master }
-      it { is_expected.to be_allowed_for developer }
-      it { is_expected.to be_allowed_for reporter }
-      it { is_expected.to be_allowed_for guest }
-      it { is_expected.to be_denied_for :user }
-      it { is_expected.to be_denied_for :external }
-      it { is_expected.to be_denied_for :visitor }
+      it { is_expected.to be_allowed_for(:admin) }
+      it { is_expected.to be_allowed_for(:owner).of(project) }
+      it { is_expected.to be_allowed_for(:master).of(project) }
+      it { is_expected.to be_allowed_for(:developer).of(project) }
+      it { is_expected.to be_allowed_for(:reporter).of(project) }
+      it { is_expected.to be_allowed_for(:guest).of(project) }
+      it { is_expected.to be_denied_for(:user) }
+      it { is_expected.to be_denied_for(:external) }
+      it { is_expected.to be_denied_for(:visitor) }
     end
   end
 end
diff --git a/spec/features/snippets/create_snippet_spec.rb b/spec/features/snippets/create_snippet_spec.rb
new file mode 100644
index 00000000000..cb95e7828db
--- /dev/null
+++ b/spec/features/snippets/create_snippet_spec.rb
@@ -0,0 +1,20 @@
+require 'rails_helper'
+
+feature 'Create Snippet', feature: true do
+  before do
+    login_as :user
+    visit new_snippet_path
+  end
+
+  scenario 'Authenticated user creates a snippet' do
+    fill_in 'personal_snippet_title', with: 'My Snippet Title'
+    page.within('.file-editor') do
+      find(:xpath, "//input[@id='personal_snippet_content']").set 'Hello World!'
+    end
+
+    click_button 'Create snippet'
+
+    expect(page).to have_content('My Snippet Title')
+    expect(page).to have_content('Hello World!')
+  end
+end
diff --git a/spec/features/snippets/explore_spec.rb b/spec/features/snippets/explore_spec.rb
new file mode 100644
index 00000000000..10a4597e467
--- /dev/null
+++ b/spec/features/snippets/explore_spec.rb
@@ -0,0 +1,16 @@
+require 'rails_helper'
+
+feature 'Explore Snippets', feature: true do
+  scenario 'User should see snippets that are not private' do
+    public_snippet = create(:personal_snippet, :public)
+    internal_snippet = create(:personal_snippet, :internal)
+    private_snippet = create(:personal_snippet, :private)
+
+    login_as create(:user)
+    visit explore_snippets_path
+
+    expect(page).to have_content(public_snippet.title)
+    expect(page).to have_content(internal_snippet.title)
+    expect(page).not_to have_content(private_snippet.title)
+  end
+end
diff --git a/spec/features/snippets/search_snippets_spec.rb b/spec/features/snippets/search_snippets_spec.rb
new file mode 100644
index 00000000000..146cd3af848
--- /dev/null
+++ b/spec/features/snippets/search_snippets_spec.rb
@@ -0,0 +1,66 @@
+require 'rails_helper'
+
+feature 'Search Snippets', feature: true do
+  scenario 'User searches for snippets by title' do
+    public_snippet = create(:personal_snippet, :public, title: 'Beginning and Middle')
+    private_snippet = create(:personal_snippet, :private, title: 'Middle and End')
+
+    login_as private_snippet.author
+    visit dashboard_snippets_path
+
+    page.within '.search' do
+      fill_in 'search', with: 'Middle'
+      click_button 'Go'
+    end
+
+    click_link 'Titles and Filenames'
+
+    expect(page).to have_link(public_snippet.title)
+    expect(page).to have_link(private_snippet.title)
+  end
+
+  scenario 'User searches for snippet contents' do
+    create(:personal_snippet,
+           :public,
+           title: 'Many lined snippet',
+           content: <<-CONTENT.strip_heredoc
+             |line one
+             |line two
+             |line three
+             |line four
+             |line five
+             |line six
+             |line seven
+             |line eight
+             |line nine
+             |line ten
+             |line eleven
+             |line twelve
+             |line thirteen
+             |line fourteen
+           CONTENT
+          )
+
+    login_as create(:user)
+    visit dashboard_snippets_path
+
+    page.within '.search' do
+      fill_in 'search', with: 'line seven'
+      click_button 'Go'
+    end
+
+    expect(page).to have_content('line seven')
+
+    # 3 lines before the matched line should be visible
+    expect(page).to have_content('line six')
+    expect(page).to have_content('line five')
+    expect(page).to have_content('line four')
+    expect(page).not_to have_content('line three')
+
+    # 3 lines after the matched line should be visible
+    expect(page).to have_content('line eight')
+    expect(page).to have_content('line nine')
+    expect(page).to have_content('line ten')
+    expect(page).not_to have_content('line eleven')
+  end
+end
diff --git a/spec/features/todos/todos_spec.rb b/spec/features/todos/todos_spec.rb
index 3ae83ac082d..88eabea7e3a 100644
--- a/spec/features/todos/todos_spec.rb
+++ b/spec/features/todos/todos_spec.rb
@@ -44,7 +44,7 @@ describe 'Dashboard Todos', feature: true do
         end
 
         it 'shows "All done" message' do
-          expect(page).to have_content("Good job! Looks like you don't have any todos left.")
+          expect(page).to have_selector('.todos-all-done', count: 1)
         end
       end
 
@@ -64,7 +64,7 @@ describe 'Dashboard Todos', feature: true do
           end
 
           it 'shows "All done" message' do
-            expect(page).to have_content("Good job! Looks like you don't have any todos left.")
+            expect(page).to have_selector('.todos-all-done', count: 1)
           end
         end
       end
@@ -152,7 +152,7 @@ describe 'Dashboard Todos', feature: true do
         within('.todos-pending-count') { expect(page).to have_content '0' }
         expect(page).to have_content 'To do 0'
         expect(page).to have_content 'Done 0'
-        expect(page).to have_content "Good job! Looks like you don't have any todos left."
+        expect(page).to have_selector('.todos-all-done', count: 1)
       end
     end
   end
diff --git a/spec/features/u2f_spec.rb b/spec/features/u2f_spec.rb
index b750f27ea72..be21b403084 100644
--- a/spec/features/u2f_spec.rb
+++ b/spec/features/u2f_spec.rb
@@ -163,8 +163,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
         click_on "Sign in via U2F device"
         expect(page.body).to match('We heard back from your U2F device')
         click_on "Authenticate via U2F Device"
-
-        expect(page.body).to match('Signed in successfully')
+        expect(page.body).to match('href="/users/sign_out"')
       end
     end
 
@@ -178,7 +177,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
         expect(page.body).to match('We heard back from your U2F device')
         click_on "Authenticate via U2F Device"
 
-        expect(page.body).to match('Signed in successfully')
+        expect(page.body).to match('href="/users/sign_out"')
       end
     end
 
@@ -234,7 +233,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
           expect(page.body).to match('We heard back from your U2F device')
           click_on "Authenticate via U2F Device"
 
-          expect(page.body).to match('Signed in successfully')
+          expect(page.body).to match('href="/users/sign_out"')
         end
       end
     end
@@ -275,7 +274,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
           expect(page.body).to match('We heard back from your U2F device')
           click_on "Authenticate via U2F Device"
 
-          expect(page.body).to match('Signed in successfully')
+          expect(page.body).to match('href="/users/sign_out"')
 
           logout
         end
diff --git a/spec/features/unsubscribe_links_spec.rb b/spec/features/unsubscribe_links_spec.rb
index 33b52d1547e..e2d9cfdd0b0 100644
--- a/spec/features/unsubscribe_links_spec.rb
+++ b/spec/features/unsubscribe_links_spec.rb
@@ -26,11 +26,11 @@ describe 'Unsubscribe links', feature: true do
         expect(current_path).to eq unsubscribe_sent_notification_path(SentNotification.last)
         expect(page).to have_text(%(Unsubscribe from issue #{issue.title} (#{issue.to_reference})))
         expect(page).to have_text(%(Are you sure you want to unsubscribe from issue #{issue.title} (#{issue.to_reference})?))
-        expect(issue.subscribed?(recipient)).to be_truthy
+        expect(issue.subscribed?(recipient, project)).to be_truthy
 
         click_link 'Unsubscribe'
 
-        expect(issue.subscribed?(recipient)).to be_falsey
+        expect(issue.subscribed?(recipient, project)).to be_falsey
         expect(current_path).to eq new_user_session_path
       end
 
@@ -38,11 +38,11 @@ describe 'Unsubscribe links', feature: true do
         visit body_link
 
         expect(current_path).to eq unsubscribe_sent_notification_path(SentNotification.last)
-        expect(issue.subscribed?(recipient)).to be_truthy
+        expect(issue.subscribed?(recipient, project)).to be_truthy
 
         click_link 'Cancel'
 
-        expect(issue.subscribed?(recipient)).to be_truthy
+        expect(issue.subscribed?(recipient, project)).to be_truthy
         expect(current_path).to eq new_user_session_path
       end
     end
@@ -51,7 +51,7 @@ describe 'Unsubscribe links', feature: true do
       visit header_link
 
       expect(page).to have_text('unsubscribed')
-      expect(issue.subscribed?(recipient)).to be_falsey
+      expect(issue.subscribed?(recipient, project)).to be_falsey
     end
   end
 
@@ -62,14 +62,14 @@ describe 'Unsubscribe links', feature: true do
       visit body_link
 
       expect(page).to have_text('unsubscribed')
-      expect(issue.subscribed?(recipient)).to be_falsey
+      expect(issue.subscribed?(recipient, project)).to be_falsey
     end
 
     it 'unsubscribes from the issue when visiting the link from the header' do
       visit header_link
 
       expect(page).to have_text('unsubscribed')
-      expect(issue.subscribed?(recipient)).to be_falsey
+      expect(issue.subscribed?(recipient, project)).to be_falsey
     end
   end
 end
diff --git a/spec/features/users_spec.rb b/spec/features/users_spec.rb
index 111ca7f7a70..afa98f3f715 100644
--- a/spec/features/users_spec.rb
+++ b/spec/features/users_spec.rb
@@ -74,16 +74,29 @@ feature 'Users', feature: true, js: true do
       visit new_user_session_path
       click_link 'Register'
     end
+
+    scenario 'doesn\'t show an error border if the username is available' do
+      fill_in username_input, with: 'new-user'
+      wait_for_ajax
+      expect(find('.username')).not_to have_css '.gl-field-error-outline'
+    end
+
+    scenario 'does not show an error border if the username contains dots (.)' do
+      fill_in username_input, with: 'new.user.username'
+      wait_for_ajax
+      expect(find('.username')).not_to have_css '.gl-field-error-outline'
+    end
+
     scenario 'shows an error border if the username already exists' do
       fill_in username_input, with: user.username
       wait_for_ajax
       expect(find('.username')).to have_css '.gl-field-error-outline'
     end
 
-    scenario 'doesn\'t show an error border if the username is available' do
-      fill_in username_input, with: 'new-user'
+    scenario 'shows an  error border if the username contains special characters' do
+      fill_in username_input, with: 'new$user!username'
       wait_for_ajax
-      expect(find('#new_user_username')).not_to have_css '.gl-field-error-outline'
+      expect(find('.username')).to have_css '.gl-field-error-outline'
     end
   end
 
diff --git a/spec/features/variables_spec.rb b/spec/features/variables_spec.rb
index d7880d5778f..ff30ffd7820 100644
--- a/spec/features/variables_spec.rb
+++ b/spec/features/variables_spec.rb
@@ -29,6 +29,31 @@ describe 'Project variables', js: true do
     end
   end
 
+  it 'reveals and hides new variable' do
+    fill_in('variable_key', with: 'key')
+    fill_in('variable_value', with: 'key value')
+    click_button('Add new variable')
+
+    page.within('.variables-table') do
+      expect(page).to have_content('key')
+      expect(page).to have_content('******')
+    end
+
+    click_button('Reveal Values')
+
+    page.within('.variables-table') do
+      expect(page).to have_content('key')
+      expect(page).to have_content('key value')
+    end
+
+    click_button('Hide Values')
+
+    page.within('.variables-table') do
+      expect(page).to have_content('key')
+      expect(page).to have_content('******')
+    end
+  end
+
   it 'deletes variable' do
     page.within('.variables-table') do
       find('.btn-variable-delete').click