diff options
author | Pavel Shutsin <pshutsin@gitlab.com> | 2019-03-18 17:36:34 +0300 |
---|---|---|
committer | Pavel Shutsin <pshutsin@gitlab.com> | 2019-03-19 15:38:16 +0300 |
commit | 8ee1927db90d43205b4e6f8bd13f209c74b41bd1 (patch) | |
tree | 247e5f813947c1bdeb838e2776835208e6a7e2bc /spec/policies/identity_provider_policy_spec.rb | |
parent | a4b18040778d7272bd8fbbb3746e199699ffd893 (diff) | |
download | gitlab-ce-8ee1927db90d43205b4e6f8bd13f209c74b41bd1.tar.gz |
Move out link\unlink ability checks to a policy
We can extend the policy in EE for additional behavior
Diffstat (limited to 'spec/policies/identity_provider_policy_spec.rb')
-rw-r--r-- | spec/policies/identity_provider_policy_spec.rb | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/spec/policies/identity_provider_policy_spec.rb b/spec/policies/identity_provider_policy_spec.rb new file mode 100644 index 00000000000..2520469d4e7 --- /dev/null +++ b/spec/policies/identity_provider_policy_spec.rb @@ -0,0 +1,30 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe IdentityProviderPolicy do + subject(:policy) { described_class.new(user, provider) } + let(:user) { User.new } + let(:provider) { :a_provider } + + describe '#rules' do + it { is_expected.to be_allowed(:link) } + it { is_expected.to be_allowed(:unlink) } + + context 'when user is anonymous' do + let(:user) { nil } + + it { is_expected.not_to be_allowed(:link) } + it { is_expected.not_to be_allowed(:unlink) } + end + + %w[saml cas3].each do |provider_name| + context "when provider is #{provider_name}" do + let(:provider) { provider_name } + + it { is_expected.to be_allowed(:link) } + it { is_expected.not_to be_allowed(:unlink) } + end + end + end +end |