Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2020-07-29 15:09:39 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2020-07-29 15:09:39 +0000
commit: 58320d8e039f4edc8e8000d98f077017b6c78b61 (patch)
tree: ce94f463703981b7103e762b60105aff59ee27e9 /spec/policies
parent: 6f9f4f0580bf5a78af4c5da067d4acf43094dc98 (diff)
download: gitlab-ce-58320d8e039f4edc8e8000d98f077017b6c78b61.tar.gz
1 files changed, 31 insertions, 0 deletions
diff --git a/spec/policies/personal_access_token_policy_spec.rb b/spec/policies/personal_access_token_policy_spec.rb
new file mode 100644
index 00000000000..2236af81763
--- /dev/null
+++ b/spec/policies/personal_access_token_policy_spec.rb
@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe PersonalAccessTokenPolicy do
+  include AdminModeHelper
+
+  using RSpec::Parameterized::TableSyntax
+
+  where(:user_type, :owned_by_same_user, :expected_permitted?) do
+    :user  | true  | true
+    :user  | false | false
+    :admin | false | true
+  end
+
+  with_them do
+    context 'determine if a token is readable by a user' do
+      let(:user) { build_stubbed(user_type) }
+      let(:token_owner) { owned_by_same_user ? user : build(:user) }
+      let(:token) { build(:personal_access_token, user: token_owner) }
+
+      subject { described_class.new(user, token) }
+
+      before do
+        enable_admin_mode!(user) if user.admin?
+      end
+
+      it { is_expected.to(expected_permitted? ? be_allowed(:read_token) : be_disallowed(:read_token)) }
+    end
+  end
+end
author	GitLab Bot <gitlab-bot@gitlab.com>	2020-07-29 15:09:39 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2020-07-29 15:09:39 +0000
commit	58320d8e039f4edc8e8000d98f077017b6c78b61 (patch)
tree	ce94f463703981b7103e762b60105aff59ee27e9 /spec/policies
parent	6f9f4f0580bf5a78af4c5da067d4acf43094dc98 (diff)
download	gitlab-ce-58320d8e039f4edc8e8000d98f077017b6c78b61.tar.gz