diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-20 08:43:02 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-20 08:43:02 +0000 |
commit | d9ab72d6080f594d0b3cae15f14b3ef2c6c638cb (patch) | |
tree | 2341ef426af70ad1e289c38036737e04b0aa5007 /spec/policies/clusters | |
parent | d6e514dd13db8947884cd58fe2a9c2a063400a9b (diff) | |
download | gitlab-ce-d9ab72d6080f594d0b3cae15f14b3ef2c6c638cb.tar.gz |
Add latest changes from gitlab-org/gitlab@14-4-stable-eev14.4.0-rc42
Diffstat (limited to 'spec/policies/clusters')
-rw-r--r-- | spec/policies/clusters/agent_policy_spec.rb | 28 | ||||
-rw-r--r-- | spec/policies/clusters/agent_token_policy_spec.rb | 31 |
2 files changed, 59 insertions, 0 deletions
diff --git a/spec/policies/clusters/agent_policy_spec.rb b/spec/policies/clusters/agent_policy_spec.rb new file mode 100644 index 00000000000..307d751b78b --- /dev/null +++ b/spec/policies/clusters/agent_policy_spec.rb @@ -0,0 +1,28 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Clusters::AgentPolicy do + let(:cluster_agent) { create(:cluster_agent, name: 'agent' )} + let(:user) { create(:admin) } + let(:policy) { described_class.new(user, cluster_agent) } + let(:project) { cluster_agent.project } + + describe 'rules' do + context 'when developer' do + before do + project.add_developer(user) + end + + it { expect(policy).to be_disallowed :admin_cluster } + end + + context 'when maintainer' do + before do + project.add_maintainer(user) + end + + it { expect(policy).to be_allowed :admin_cluster } + end + end +end diff --git a/spec/policies/clusters/agent_token_policy_spec.rb b/spec/policies/clusters/agent_token_policy_spec.rb new file mode 100644 index 00000000000..9ae99e66f59 --- /dev/null +++ b/spec/policies/clusters/agent_token_policy_spec.rb @@ -0,0 +1,31 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Clusters::AgentTokenPolicy do + let_it_be(:token) { create(:cluster_agent_token) } + + let(:user) { create(:user) } + let(:policy) { described_class.new(user, token) } + let(:project) { token.agent.project } + + describe 'rules' do + context 'when developer' do + before do + project.add_developer(user) + end + + it { expect(policy).to be_disallowed :admin_cluster } + it { expect(policy).to be_disallowed :read_cluster } + end + + context 'when maintainer' do + before do + project.add_maintainer(user) + end + + it { expect(policy).to be_allowed :admin_cluster } + it { expect(policy).to be_allowed :read_cluster } + end + end +end |