summaryrefslogtreecommitdiff
path: root/spec/support
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-08-18 08:52:04 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2020-08-18 08:52:04 +0000
commit7e2d89989a48ecd55d3f118d7bf8c3a00e1038cb (patch)
tree11f24f04e0f11b451c84a224e0d1f07cfed25928 /spec/support
parenta12a8608e6160bef7f2edca1e20192b69a83ff54 (diff)
downloadgitlab-ce-7e2d89989a48ecd55d3f118d7bf8c3a00e1038cb.tar.gz
Add latest changes from gitlab-org/gitlab@13-2-stable-ee
Diffstat (limited to 'spec/support')
-rw-r--r--spec/support/shared_examples/policies/project_policy_shared_examples.rb83
1 files changed, 81 insertions, 2 deletions
diff --git a/spec/support/shared_examples/policies/project_policy_shared_examples.rb b/spec/support/shared_examples/policies/project_policy_shared_examples.rb
index f8526ec68dc..df8e4bc96dd 100644
--- a/spec/support/shared_examples/policies/project_policy_shared_examples.rb
+++ b/spec/support/shared_examples/policies/project_policy_shared_examples.rb
@@ -97,6 +97,28 @@ RSpec.shared_examples 'project policies as anonymous' do
end
end
+RSpec.shared_examples 'deploy token does not get confused with user' do
+ before do
+ deploy_token.update!(id: user_id)
+
+ # Project with public builds are available to all
+ project.update!(public_builds: false)
+ end
+
+ let(:deploy_token) { create(:deploy_token) }
+
+ subject { described_class.new(deploy_token, project) }
+
+ it do
+ expect_disallowed(*guest_permissions)
+ expect_disallowed(*reporter_permissions)
+ expect_disallowed(*team_member_reporter_permissions)
+ expect_disallowed(*developer_permissions)
+ expect_disallowed(*maintainer_permissions)
+ expect_disallowed(*owner_permissions)
+ end
+end
+
RSpec.shared_examples 'project policies as guest' do
subject { described_class.new(guest, project) }
@@ -115,6 +137,10 @@ RSpec.shared_examples 'project policies as guest' do
expect_disallowed(*owner_permissions)
end
+ it_behaves_like 'deploy token does not get confused with user' do
+ let(:user_id) { guest.id }
+ end
+
it_behaves_like 'archived project policies' do
let(:regular_abilities) { guest_permissions }
end
@@ -128,7 +154,7 @@ RSpec.shared_examples 'project policies as guest' do
context 'when public builds disabled' do
before do
- project.update(public_builds: false)
+ project.update!(public_builds: false)
end
it do
@@ -139,7 +165,7 @@ RSpec.shared_examples 'project policies as guest' do
context 'when builds are disabled' do
before do
- project.project_feature.update(builds_access_level: ProjectFeature::DISABLED)
+ project.project_feature.update!(builds_access_level: ProjectFeature::DISABLED)
end
it do
@@ -165,6 +191,10 @@ RSpec.shared_examples 'project policies as reporter' do
expect_disallowed(*owner_permissions)
end
+ it_behaves_like 'deploy token does not get confused with user' do
+ let(:user_id) { reporter.id }
+ end
+
it_behaves_like 'archived project policies' do
let(:regular_abilities) { reporter_permissions }
end
@@ -186,6 +216,10 @@ RSpec.shared_examples 'project policies as developer' do
expect_disallowed(*owner_permissions)
end
+ it_behaves_like 'deploy token does not get confused with user' do
+ let(:user_id) { developer.id }
+ end
+
it_behaves_like 'archived project policies' do
let(:regular_abilities) { developer_permissions }
end
@@ -207,6 +241,10 @@ RSpec.shared_examples 'project policies as maintainer' do
expect_disallowed(*owner_permissions)
end
+ it_behaves_like 'deploy token does not get confused with user' do
+ let(:user_id) { maintainer.id }
+ end
+
it_behaves_like 'archived project policies' do
let(:regular_abilities) { maintainer_permissions }
end
@@ -228,6 +266,10 @@ RSpec.shared_examples 'project policies as owner' do
expect_allowed(*owner_permissions)
end
+ it_behaves_like 'deploy token does not get confused with user' do
+ let(:user_id) { owner.id }
+ end
+
it_behaves_like 'archived project policies' do
let(:regular_abilities) { owner_permissions }
end
@@ -249,6 +291,28 @@ RSpec.shared_examples 'project policies as admin with admin mode' do
expect_allowed(*owner_permissions)
end
+ context 'deploy token does not get confused with user' do
+ before do
+ allow(deploy_token).to receive(:id).and_return(admin.id)
+
+ # Project with public builds are available to all
+ project.update!(public_builds: false)
+ end
+
+ let(:deploy_token) { create(:deploy_token) }
+
+ subject { described_class.new(deploy_token, project) }
+
+ it do
+ expect_disallowed(*guest_permissions)
+ expect_disallowed(*reporter_permissions)
+ expect_disallowed(*team_member_reporter_permissions)
+ expect_disallowed(*developer_permissions)
+ expect_disallowed(*maintainer_permissions)
+ expect_disallowed(*owner_permissions)
+ end
+ end
+
it_behaves_like 'archived project policies' do
let(:regular_abilities) { owner_permissions }
end
@@ -268,5 +332,20 @@ RSpec.shared_examples 'project policies as admin without admin mode' do
subject { described_class.new(admin, project) }
it { is_expected.to be_banned }
+
+ context 'deploy token does not get confused with user' do
+ before do
+ allow(deploy_token).to receive(:id).and_return(admin.id)
+
+ # Project with public builds are available to all
+ project.update!(public_builds: false)
+ end
+
+ let(:deploy_token) { create(:deploy_token) }
+
+ subject { described_class.new(deploy_token, project) }
+
+ it { is_expected.to be_banned }
+ end
end
end