diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-23 09:14:52 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-23 09:14:52 +0000 |
commit | 347bf09d6ecf4871da234c06ca8ee541e27b5105 (patch) | |
tree | 2ad6943e0c681c22acc8850d1debc6a983b0e006 /spec/policies/project_policy_spec.rb | |
parent | 0a51be0866d33273070f535257626a9eb2e10700 (diff) | |
download | gitlab-ce-13.10.0-rc20210223090520.tar.gz |
Add latest changes from gitlab-org/gitlab@13-10-stable-eev13.10.0-rc20210223090520
Diffstat (limited to 'spec/policies/project_policy_spec.rb')
-rw-r--r-- | spec/policies/project_policy_spec.rb | 86 |
1 files changed, 86 insertions, 0 deletions
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb index 6ba3ab6aace..cf5a606bd8e 100644 --- a/spec/policies/project_policy_spec.rb +++ b/spec/policies/project_policy_spec.rb @@ -1263,4 +1263,90 @@ RSpec.describe ProjectPolicy do end end end + + describe 'access_security_and_compliance' do + context 'when the "Security & Compliance" is enabled' do + before do + project.project_feature.update!(security_and_compliance_access_level: Featurable::PRIVATE) + end + + %w[owner maintainer developer].each do |role| + context "when the role is #{role}" do + let(:current_user) { public_send(role) } + + it { is_expected.to be_allowed(:access_security_and_compliance) } + end + end + + context 'with admin' do + let(:current_user) { admin } + + context 'when admin mode enabled', :enable_admin_mode do + it { is_expected.to be_allowed(:access_security_and_compliance) } + end + + context 'when admin mode disabled' do + it { is_expected.to be_disallowed(:access_security_and_compliance) } + end + end + + %w[reporter guest].each do |role| + context "when the role is #{role}" do + let(:current_user) { public_send(role) } + + it { is_expected.to be_disallowed(:access_security_and_compliance) } + end + end + + context 'with non member' do + let(:current_user) { non_member } + + it { is_expected.to be_disallowed(:access_security_and_compliance) } + end + + context 'with anonymous' do + let(:current_user) { anonymous } + + it { is_expected.to be_disallowed(:access_security_and_compliance) } + end + end + + context 'when the "Security & Compliance" is not enabled' do + before do + project.project_feature.update!(security_and_compliance_access_level: Featurable::DISABLED) + end + + %w[owner maintainer developer reporter guest].each do |role| + context "when the role is #{role}" do + let(:current_user) { public_send(role) } + + it { is_expected.to be_disallowed(:access_security_and_compliance) } + end + end + + context 'with admin' do + let(:current_user) { admin } + + context 'when admin mode enabled', :enable_admin_mode do + it { is_expected.to be_disallowed(:access_security_and_compliance) } + end + + context 'when admin mode disabled' do + it { is_expected.to be_disallowed(:access_security_and_compliance) } + end + end + + context 'with non member' do + let(:current_user) { non_member } + + it { is_expected.to be_disallowed(:access_security_and_compliance) } + end + + context 'with anonymous' do + let(:current_user) { anonymous } + + it { is_expected.to be_disallowed(:access_security_and_compliance) } + end + end + end end |