diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-19 15:44:42 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-19 15:44:42 +0000 |
commit | 4555e1b21c365ed8303ffb7a3325d773c9b8bf31 (patch) | |
tree | 5423a1c7516cffe36384133ade12572cf709398d /spec/policies | |
parent | e570267f2f6b326480d284e0164a6464ba4081bc (diff) | |
download | gitlab-ce-4555e1b21c365ed8303ffb7a3325d773c9b8bf31.tar.gz |
Add latest changes from gitlab-org/gitlab@13-12-stable-eev13.12.0-rc42
Diffstat (limited to 'spec/policies')
-rw-r--r-- | spec/policies/integration_policy_spec.rb (renamed from spec/policies/service_policy_spec.rb) | 2 | ||||
-rw-r--r-- | spec/policies/project_member_policy_spec.rb | 10 | ||||
-rw-r--r-- | spec/policies/project_policy_spec.rb | 40 |
3 files changed, 47 insertions, 5 deletions
diff --git a/spec/policies/service_policy_spec.rb b/spec/policies/integration_policy_spec.rb index 84c74ca7e31..d490045c1e1 100644 --- a/spec/policies/service_policy_spec.rb +++ b/spec/policies/integration_policy_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe ServicePolicy, :models do +RSpec.describe IntegrationPolicy, :models do let_it_be(:user) { create(:user) } let(:project) { integration.project } diff --git a/spec/policies/project_member_policy_spec.rb b/spec/policies/project_member_policy_spec.rb index ab8f8b83e7f..aebbe685bb3 100644 --- a/spec/policies/project_member_policy_spec.rb +++ b/spec/policies/project_member_policy_spec.rb @@ -16,12 +16,22 @@ RSpec.describe ProjectMemberPolicy do context 'with regular member' do let(:member_user) { create(:user) } + it { is_expected.to be_allowed(:read_project) } it { is_expected.to be_allowed(:update_project_member) } it { is_expected.to be_allowed(:destroy_project_member) } it { is_expected.not_to be_allowed(:destroy_project_bot_member) } end + context 'when user is project owner' do + let(:member_user) { project.owner } + let(:member) { project.members.find_by!(user: member_user) } + + it { is_expected.to be_allowed(:read_project) } + it { is_expected.to be_disallowed(:update_project_member) } + it { is_expected.to be_disallowed(:destroy_project_member) } + end + context 'with a bot member' do let(:member_user) { create(:user, :project_bot) } diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb index f2c941080b5..46da42a4787 100644 --- a/spec/policies/project_policy_spec.rb +++ b/spec/policies/project_policy_spec.rb @@ -60,7 +60,7 @@ RSpec.describe ProjectPolicy do end it 'does not include the issues permissions' do - expect_disallowed :read_issue, :read_issue_iid, :create_issue, :update_issue, :admin_issue + expect_disallowed :read_issue, :read_issue_iid, :create_issue, :update_issue, :admin_issue, :create_incident end it 'disables boards and lists permissions' do @@ -72,7 +72,7 @@ RSpec.describe ProjectPolicy do it 'does not include the issues permissions' do create(:jira_service, project: project) - expect_disallowed :read_issue, :read_issue_iid, :create_issue, :update_issue, :admin_issue + expect_disallowed :read_issue, :read_issue_iid, :create_issue, :update_issue, :admin_issue, :create_incident end end end @@ -393,6 +393,34 @@ RSpec.describe ProjectPolicy do end end + describe 'read_storage_disk_path' do + context 'when no user' do + let(:current_user) { anonymous } + + it { expect_disallowed(:read_storage_disk_path) } + end + + context 'admin' do + let(:current_user) { admin } + + context 'when admin mode is enabled', :enable_admin_mode do + it { expect_allowed(:read_storage_disk_path) } + end + + context 'when admin mode is disabled' do + it { expect_disallowed(:read_storage_disk_path) } + end + end + + %w(guest reporter developer maintainer owner).each do |role| + context role do + let(:current_user) { send(role) } + + it { expect_disallowed(:read_storage_disk_path) } + end + end + end + context 'alert bot' do let(:current_user) { User.alert_bot } @@ -892,6 +920,8 @@ RSpec.describe ProjectPolicy do end describe 'design permissions' do + include DesignManagementTestHelpers + let(:current_user) { guest } let(:design_permissions) do @@ -899,12 +929,14 @@ RSpec.describe ProjectPolicy do end context 'when design management is not available' do + before do + enable_design_management(false) + end + it { is_expected.not_to be_allowed(*design_permissions) } end context 'when design management is available' do - include DesignManagementTestHelpers - before do enable_design_management end |