diff options
author | Lin Jen-Shin <godfat@godfat.org> | 2017-07-04 05:01:05 +0800 |
---|---|---|
committer | Lin Jen-Shin <godfat@godfat.org> | 2017-07-04 05:01:05 +0800 |
commit | 23bfd8c13c803f4efdb9eaf8e6e3c1ffd17640e8 (patch) | |
tree | 03db93cdd953b49d28fbe62da4655dcb0c23af04 /spec/policies/ci/pipeline_policy_spec.rb | |
parent | 24a1f0d833941a30b91813f36d184d3e7c3f7425 (diff) | |
download | gitlab-ce-23bfd8c13c803f4efdb9eaf8e6e3c1ffd17640e8.tar.gz |
Consistently check permission for creating pipelines,
updating builds and updating pipelines. We check against
being able to merge or push if the ref is protected.
Diffstat (limited to 'spec/policies/ci/pipeline_policy_spec.rb')
-rw-r--r-- | spec/policies/ci/pipeline_policy_spec.rb | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/spec/policies/ci/pipeline_policy_spec.rb b/spec/policies/ci/pipeline_policy_spec.rb new file mode 100644 index 00000000000..4ecf07a1bf2 --- /dev/null +++ b/spec/policies/ci/pipeline_policy_spec.rb @@ -0,0 +1,47 @@ +require 'spec_helper' + +describe Ci::PipelinePolicy, :models do + let(:user) { create(:user) } + let(:pipeline) { create(:ci_empty_pipeline, project: project) } + + let(:policies) do + described_class.abilities(user, pipeline).to_set + end + + describe 'rules' do + describe 'rules for protected branch' do + let(:project) { create(:project) } + + before do + project.add_developer(user) + + create(:protected_branch, branch_policy, + name: pipeline.ref, project: project) + end + + context 'when no one can push or merge to the branch' do + let(:branch_policy) { :no_one_can_push } + + it 'does not include ability to update pipeline' do + expect(policies).not_to include :update_pipeline + end + end + + context 'when developers can push to the branch' do + let(:branch_policy) { :developers_can_push } + + it 'includes ability to update pipeline' do + expect(policies).to include :update_pipeline + end + end + + context 'when developers can push to the branch' do + let(:branch_policy) { :developers_can_merge } + + it 'includes ability to update pipeline' do + expect(policies).to include :update_pipeline + end + end + end + end +end |