summaryrefslogtreecommitdiff
path: root/spec/policies/project_policy_spec.rb
diff options
context:
space:
mode:
authorAlex Kalderimis <alex.kalderimis@gmail.com>2019-07-18 13:41:18 -0400
committerAlex Kalderimis <alex.kalderimis@gmail.com>2019-07-23 16:09:25 -0400
commitc2047dfa3838db4943982257c67b1a64d7acefca (patch)
tree561e39ca9b8df3e1cc412f879a3f87d812b2a1af /spec/policies/project_policy_spec.rb
parentf7a174bf7b68191e05b5ff24a9b918bc89c9cede (diff)
downloadgitlab-ce-c2047dfa3838db4943982257c67b1a64d7acefca.tar.gz
Add tests to exercise all the read_wiki conditions
Diffstat (limited to 'spec/policies/project_policy_spec.rb')
-rw-r--r--spec/policies/project_policy_spec.rb57
1 files changed, 57 insertions, 0 deletions
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index fd82150c12a..2aa244c52e1 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -126,6 +126,63 @@ describe ProjectPolicy do
end
end
end
+
+ describe 'read_wiki' do
+ subject { described_class.new(user, project) }
+
+ user_roles = %i[anonymous non_member guest developer]
+
+ def member?(role)
+ %i[guest developer].include?(role)
+ end
+
+ Viz = Gitlab::VisibilityLevel
+ WikiAccess = ProjectFeature
+
+ must_be_member = [[Viz::PUBLIC, WikiAccess::PRIVATE],
+ [Viz::INTERNAL, WikiAccess::PRIVATE],
+ [Viz::PRIVATE, WikiAccess::ENABLED]]
+
+ where(:project_visibility, :wiki_access_level, :user_role, :allowed_access) do
+ # Situations where :read_wiki is always false:
+ disabled = Viz.options.values.flat_map do |pv|
+ user_roles.map { |role| [pv, WikiAccess::DISABLED, role, false] }
+ end
+
+ # Situations where :read_wiki is always true
+ public_and_enabled = user_roles.map do |role|
+ [Viz::PUBLIC, WikiAccess::ENABLED, role, true]
+ end
+
+ # Situations where :read_wiki requires project membership
+ membership_required = must_be_member.flat_map do |(pv, wa)|
+ user_roles.map { |role| [pv, wa, role, member?(role)] }
+ end
+
+ # Situations where :read_wiki prohibits anonymous access
+ internal_project = user_roles.flat_map do |role|
+ [WikiAccess::ENABLED, WikiAccess::PUBLIC].map do |wa|
+ [Viz::INTERNAL, wa, role, role != :anonymous]
+ end
+ end
+
+ disabled + public_and_enabled + membership_required + internal_project
+ end
+
+ with_them do
+ let(:user) { create(:user) unless user_role == :anonymous }
+
+ before do
+ project.visibility = project_visibility
+ project.project_feature.update_attribute(:wiki_access_level, wiki_access_level)
+ project.add_user(user, user_role) if user.present? && user_role != :non_member
+ end
+
+ it do
+ is_expected.send(allowed_access ? :to : :not_to, be_allowed(:read_wiki))
+ end
+ end
+ end
end
context 'issues feature' do
View Lorry Controller Status