diff options
| author | Tomasz Maczukin <tomasz@maczukin.pl> | 2017-11-23 15:47:15 +0100 |
|---|---|---|
| committer | Tomasz Maczukin <tomasz@maczukin.pl> | 2017-11-23 17:44:05 +0100 |
| commit | 97f966c445c0c2191a8017aa981a34737b9adf56 (patch) | |
| tree | 297294c7ae4b22267da7c88aac70a13263346542 /spec/requests/api/namespaces_spec.rb | |
| parent | dfbfd3c7d7d4677ac99a7f8147a673911e8d4e98 (diff) | |
| download | gitlab-ce-97f966c445c0c2191a8017aa981a34737b9adf56.tar.gz | |
Introduce :read_namespace access policy for namespace and group
Diffstat (limited to 'spec/requests/api/namespaces_spec.rb')
| -rw-r--r-- | spec/requests/api/namespaces_spec.rb | 58 |
1 files changed, 48 insertions, 10 deletions
diff --git a/spec/requests/api/namespaces_spec.rb b/spec/requests/api/namespaces_spec.rb index 900d7e059b8..98102fcd6a7 100644 --- a/spec/requests/api/namespaces_spec.rb +++ b/spec/requests/api/namespaces_spec.rb @@ -94,6 +94,7 @@ describe API::Namespaces do describe 'GET /namespaces/:id' do let(:owned_group) { group1 } + let(:user2) { create(:user) } shared_examples 'can access namespace' do it 'returns namespace details' do @@ -116,15 +117,33 @@ describe API::Namespaces do context 'when namespace exists' do context 'when requested by ID' do - let(:namespace_id) { owned_group.id } + context 'when requesting group' do + let(:namespace_id) { owned_group.id } - it_behaves_like 'can access namespace' + it_behaves_like 'can access namespace' + end + + context 'when requesting personal namespace' do + let(:namespace_id) { request_actor.namespace.id } + let(:requested_namespace) { request_actor.namespace } + + it_behaves_like 'can access namespace' + end end context 'when requested by path' do - let(:namespace_id) { owned_group.path } + context 'when requesting group' do + let(:namespace_id) { owned_group.path } - it_behaves_like 'can access namespace' + it_behaves_like 'can access namespace' + end + + context 'when requesting personal namespace' do + let(:namespace_id) { request_actor.namespace.path } + let(:requested_namespace) { request_actor.namespace } + + it_behaves_like 'can access namespace' + end end end @@ -149,10 +168,20 @@ describe API::Namespaces do let(:request_actor) { user } context 'when requested namespace is not owned by user' do - it 'returns not-found' do - get api("/namespaces/#{group2.id}", request_actor) + context 'when requesting group' do + it 'returns not-found' do + get api("/namespaces/#{group2.id}", request_actor) - expect(response).to have_gitlab_http_status(404) + expect(response).to have_gitlab_http_status(404) + end + end + + context 'when requesting personal namespace' do + it 'returns not-found' do + get api("/namespaces/#{user2.namespace.id}", request_actor) + + expect(response).to have_gitlab_http_status(404) + end end end @@ -165,10 +194,19 @@ describe API::Namespaces do let(:request_actor) { admin } context 'when requested namespace is not owned by user' do - let(:namespace_id) { group2.id } - let(:requested_namespace) { group2 } + context 'when requesting group' do + let(:namespace_id) { group2.id } + let(:requested_namespace) { group2 } + + it_behaves_like 'can access namespace' + end + + context 'when requesting personal namespace' do + let(:namespace_id) { user2.namespace.id } + let(:requested_namespace) { user2.namespace } - it_behaves_like 'can access namespace' + it_behaves_like 'can access namespace' + end end context 'when requested namespace is owned by user' do |