summaryrefslogtreecommitdiff
path: root/spec/policies
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-03-26 18:08:03 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2020-03-26 18:08:03 +0000
commitdc003cd08b4cb72fecbb03aa978ea0c53c03aeb4 (patch)
tree5e77ce228c33619201ac6706b9789d4a2eed2a3b /spec/policies
parente80e0dd64fbb04f60394cb1bb08e17dbcb22b8ce (diff)
downloadgitlab-ce-dc003cd08b4cb72fecbb03aa978ea0c53c03aeb4.tar.gz
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/policies')
-rw-r--r--spec/policies/issue_policy_spec.rb12
1 files changed, 12 insertions, 0 deletions
diff --git a/spec/policies/issue_policy_spec.rb b/spec/policies/issue_policy_spec.rb
index 89fcf3c10df..242a002bc23 100644
--- a/spec/policies/issue_policy_spec.rb
+++ b/spec/policies/issue_policy_spec.rb
@@ -103,12 +103,24 @@ describe IssuePolicy do
expect(permissions(author, confidential_issue_no_assignee)).to be_disallowed(:read_issue, :read_issue_iid, :update_issue, :admin_issue)
end
+ it 'does not allow issue author to read or update confidential issue moved to an private project' do
+ confidential_issue.project = build(:project, :private)
+
+ expect(permissions(author, confidential_issue)).to be_disallowed(:read_issue, :read_issue_iid, :update_issue)
+ end
+
it 'allows issue assignees to read and update their confidential issues' do
expect(permissions(assignee, confidential_issue)).to be_allowed(:read_issue, :read_issue_iid, :update_issue)
expect(permissions(assignee, confidential_issue)).to be_disallowed(:admin_issue)
expect(permissions(assignee, confidential_issue_no_assignee)).to be_disallowed(:read_issue, :read_issue_iid, :update_issue, :admin_issue)
end
+
+ it 'does not allow issue assignees to read or update confidential issue moved to an private project' do
+ confidential_issue.project = build(:project, :private)
+
+ expect(permissions(assignee, confidential_issue)).to be_disallowed(:read_issue, :read_issue_iid, :update_issue)
+ end
end
end