Add latest changes from gitlab-org/security/gitlab@13-12-stable-ee

1 files changed, 24 insertions, 0 deletions

diff --git a/spec/policies/global_policy_spec.rb b/spec/policies/global_policy_spec.rb
index e677f5558fd..bbbc5d08c07 100644
--- a/spec/policies/global_policy_spec.rb
+++ b/spec/policies/global_policy_spec.rb
@@ -239,6 +239,14 @@ RSpec.describe GlobalPolicy do
       it { is_expected.not_to be_allowed(:access_api) }
     end
 
+    context 'user with expired password' do
+      before do
+        current_user.update!(password_expires_at: 2.minutes.ago)
+      end
+
+      it { is_expected.not_to be_allowed(:access_api) }
+    end
+
     context 'when terms are enforced' do
       before do
         enforce_terms
@@ -418,6 +426,14 @@ RSpec.describe GlobalPolicy do
 
       it { is_expected.not_to be_allowed(:access_git) }
     end
+
+    context 'user with expired password' do
+      before do
+        current_user.update!(password_expires_at: 2.minutes.ago)
+      end
+
+      it { is_expected.not_to be_allowed(:access_git) }
+    end
   end
 
   describe 'read instance metadata' do
@@ -494,6 +510,14 @@ RSpec.describe GlobalPolicy do
 
       it { is_expected.not_to be_allowed(:use_slash_commands) }
     end
+
+    context 'user with expired password' do
+      before do
+        current_user.update!(password_expires_at: 2.minutes.ago)
+      end
+
+      it { is_expected.not_to be_allowed(:use_slash_commands) }
+    end
   end
 
   describe 'create_snippet' do