summaryrefslogtreecommitdiff
path: root/spec/policies
diff options
context:
space:
mode:
authorJarka Kadlecova <jarka@gitlab.com>2017-05-01 15:14:35 +0200
committerJarka Kadlecova <jarka@gitlab.com>2017-05-02 15:22:24 +0200
commit43ff7386411af0f538710f3627622f71e5e34472 (patch)
tree3bb4d32c1389504d70395f36e8e223899fcbccd5 /spec/policies
parent6277bda61c511696f9d12fae4238b5214a722571 (diff)
downloadgitlab-ce-43ff7386411af0f538710f3627622f71e5e34472.tar.gz
Support uploaders for personal snippets comments12910-uploader-pers-snippet
Diffstat (limited to 'spec/policies')
-rw-r--r--spec/policies/personal_snippet_policy_spec.rb141
1 files changed, 141 insertions, 0 deletions
diff --git a/spec/policies/personal_snippet_policy_spec.rb b/spec/policies/personal_snippet_policy_spec.rb
new file mode 100644
index 00000000000..58aa1145c9e
--- /dev/null
+++ b/spec/policies/personal_snippet_policy_spec.rb
@@ -0,0 +1,141 @@
+require 'spec_helper'
+
+describe PersonalSnippetPolicy, models: true do
+ let(:regular_user) { create(:user) }
+ let(:external_user) { create(:user, :external) }
+ let(:admin_user) { create(:user, :admin) }
+
+ let(:author_permissions) do
+ [
+ :update_personal_snippet,
+ :admin_personal_snippet,
+ :destroy_personal_snippet
+ ]
+ end
+
+ def permissions(user)
+ described_class.abilities(user, snippet).to_set
+ end
+
+ context 'public snippet' do
+ let(:snippet) { create(:personal_snippet, :public) }
+
+ context 'no user' do
+ subject { permissions(nil) }
+
+ it do
+ is_expected.to include(:read_personal_snippet)
+ is_expected.not_to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'regular user' do
+ subject { permissions(regular_user) }
+
+ it do
+ is_expected.to include(:read_personal_snippet)
+ is_expected.to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'author' do
+ subject { permissions(snippet.author) }
+
+ it do
+ is_expected.to include(:read_personal_snippet)
+ is_expected.to include(:comment_personal_snippet)
+ is_expected.to include(*author_permissions)
+ end
+ end
+ end
+
+ context 'internal snippet' do
+ let(:snippet) { create(:personal_snippet, :internal) }
+
+ context 'no user' do
+ subject { permissions(nil) }
+
+ it do
+ is_expected.not_to include(:read_personal_snippet)
+ is_expected.not_to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'regular user' do
+ subject { permissions(regular_user) }
+
+ it do
+ is_expected.to include(:read_personal_snippet)
+ is_expected.to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'external user' do
+ subject { permissions(external_user) }
+
+ it do
+ is_expected.not_to include(:read_personal_snippet)
+ is_expected.not_to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'snippet author' do
+ subject { permissions(snippet.author) }
+
+ it do
+ is_expected.to include(:read_personal_snippet)
+ is_expected.to include(:comment_personal_snippet)
+ is_expected.to include(*author_permissions)
+ end
+ end
+ end
+
+ context 'private snippet' do
+ let(:snippet) { create(:project_snippet, :private) }
+
+ context 'no user' do
+ subject { permissions(nil) }
+
+ it do
+ is_expected.not_to include(:read_personal_snippet)
+ is_expected.not_to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'regular user' do
+ subject { permissions(regular_user) }
+
+ it do
+ is_expected.not_to include(:read_personal_snippet)
+ is_expected.not_to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'external user' do
+ subject { permissions(external_user) }
+
+ it do
+ is_expected.not_to include(:read_personal_snippet)
+ is_expected.not_to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'snippet author' do
+ subject { permissions(snippet.author) }
+
+ it do
+ is_expected.to include(:read_personal_snippet)
+ is_expected.to include(:comment_personal_snippet)
+ is_expected.to include(*author_permissions)
+ end
+ end
+ end
+end