diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-18 08:52:04 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-18 08:52:04 +0000 |
commit | 7e2d89989a48ecd55d3f118d7bf8c3a00e1038cb (patch) | |
tree | 11f24f04e0f11b451c84a224e0d1f07cfed25928 /spec/policies | |
parent | a12a8608e6160bef7f2edca1e20192b69a83ff54 (diff) | |
download | gitlab-ce-7e2d89989a48ecd55d3f118d7bf8c3a00e1038cb.tar.gz |
Add latest changes from gitlab-org/gitlab@13-2-stable-ee
Diffstat (limited to 'spec/policies')
-rw-r--r-- | spec/policies/group_policy_spec.rb | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb index 733cc9bd9cb..9bd692b45c3 100644 --- a/spec/policies/group_policy_spec.rb +++ b/spec/policies/group_policy_spec.rb @@ -63,6 +63,24 @@ RSpec.describe GroupPolicy do end end + shared_examples 'deploy token does not get confused with user' do + before do + deploy_token.update!(id: user_id) + end + + let(:deploy_token) { create(:deploy_token) } + let(:current_user) { deploy_token } + + it do + expect_disallowed(*read_group_permissions) + expect_disallowed(*guest_permissions) + expect_disallowed(*reporter_permissions) + expect_disallowed(*developer_permissions) + expect_disallowed(*maintainer_permissions) + expect_disallowed(*owner_permissions) + end + end + context 'guests' do let(:current_user) { guest } @@ -74,6 +92,10 @@ RSpec.describe GroupPolicy do expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end + + it_behaves_like 'deploy token does not get confused with user' do + let(:user_id) { guest.id } + end end context 'reporter' do @@ -87,6 +109,10 @@ RSpec.describe GroupPolicy do expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end + + it_behaves_like 'deploy token does not get confused with user' do + let(:user_id) { reporter.id } + end end context 'developer' do @@ -100,6 +126,10 @@ RSpec.describe GroupPolicy do expect_disallowed(*maintainer_permissions) expect_disallowed(*owner_permissions) end + + it_behaves_like 'deploy token does not get confused with user' do + let(:user_id) { developer.id } + end end context 'maintainer' do @@ -136,6 +166,10 @@ RSpec.describe GroupPolicy do expect_disallowed(*owner_permissions) end end + + it_behaves_like 'deploy token does not get confused with user' do + let(:user_id) { maintainer.id } + end end context 'owner' do @@ -149,6 +183,10 @@ RSpec.describe GroupPolicy do expect_allowed(*maintainer_permissions) expect_allowed(*owner_permissions) end + + it_behaves_like 'deploy token does not get confused with user' do + let(:user_id) { owner.id } + end end context 'admin' do @@ -166,6 +204,14 @@ RSpec.describe GroupPolicy do context 'with admin mode', :enable_admin_mode do specify { expect_allowed(*admin_permissions) } end + + it_behaves_like 'deploy token does not get confused with user' do + let(:user_id) { admin.id } + + context 'with admin mode', :enable_admin_mode do + it { expect_disallowed(*admin_permissions) } + end + end end describe 'private nested group use the highest access level from the group and inherited permissions' do |