diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-07-29 15:09:39 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-07-29 15:09:39 +0000 |
commit | 58320d8e039f4edc8e8000d98f077017b6c78b61 (patch) | |
tree | ce94f463703981b7103e762b60105aff59ee27e9 /spec/policies | |
parent | 6f9f4f0580bf5a78af4c5da067d4acf43094dc98 (diff) | |
download | gitlab-ce-58320d8e039f4edc8e8000d98f077017b6c78b61.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/policies')
-rw-r--r-- | spec/policies/personal_access_token_policy_spec.rb | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/spec/policies/personal_access_token_policy_spec.rb b/spec/policies/personal_access_token_policy_spec.rb new file mode 100644 index 00000000000..2236af81763 --- /dev/null +++ b/spec/policies/personal_access_token_policy_spec.rb @@ -0,0 +1,31 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe PersonalAccessTokenPolicy do + include AdminModeHelper + + using RSpec::Parameterized::TableSyntax + + where(:user_type, :owned_by_same_user, :expected_permitted?) do + :user | true | true + :user | false | false + :admin | false | true + end + + with_them do + context 'determine if a token is readable by a user' do + let(:user) { build_stubbed(user_type) } + let(:token_owner) { owned_by_same_user ? user : build(:user) } + let(:token) { build(:personal_access_token, user: token_owner) } + + subject { described_class.new(user, token) } + + before do + enable_admin_mode!(user) if user.admin? + end + + it { is_expected.to(expected_permitted? ? be_allowed(:read_token) : be_disallowed(:read_token)) } + end + end +end |