diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-12-16 15:07:39 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-12-16 15:07:39 +0000 |
commit | 862d225ca0d8eb452e56b8fe5a0109aac796e872 (patch) | |
tree | ebf0a5d43bd271fadd9004245fb7c7cf0543dcc1 /spec | |
parent | d10a462fedbd7794a83abdba9b4526600f71de5b (diff) | |
download | gitlab-ce-862d225ca0d8eb452e56b8fe5a0109aac796e872.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec')
-rw-r--r-- | spec/policies/project_snippet_policy_spec.rb | 113 |
1 files changed, 88 insertions, 25 deletions
diff --git a/spec/policies/project_snippet_policy_spec.rb b/spec/policies/project_snippet_policy_spec.rb index 3c68d33b1f3..374636874ee 100644 --- a/spec/policies/project_snippet_policy_spec.rb +++ b/spec/policies/project_snippet_policy_spec.rb @@ -4,10 +4,12 @@ require 'spec_helper' # Snippet visibility scenarios are included in more details in spec/support/snippet_visibility.rb describe ProjectSnippetPolicy do - let(:regular_user) { create(:user) } - let(:external_user) { create(:user, :external) } - let(:project) { create(:project, :public) } - let(:snippet) { create(:project_snippet, snippet_visibility, project: project) } + let_it_be(:regular_user) { create(:user) } + let_it_be(:other_user) { create(:user) } + let_it_be(:external_user) { create(:user, :external) } + let_it_be(:project) { create(:project, :public) } + let(:snippet) { create(:project_snippet, snippet_visibility, project: project, author: author) } + let(:author) { other_user } let(:author_permissions) do [ :update_project_snippet, @@ -17,6 +19,65 @@ describe ProjectSnippetPolicy do subject { described_class.new(current_user, snippet) } + shared_examples 'regular user access rights' do + context 'project team member (non guest)' do + before do + project.add_developer(current_user) + end + + it do + expect_allowed(:read_project_snippet, :create_note) + expect_disallowed(*author_permissions) + end + end + + context 'project team member (guest)' do + before do + project.add_guest(current_user) + end + + context 'not snippet author' do + it do + expect_allowed(:read_project_snippet, :create_note) + expect_disallowed(:admin_project_snippet) + end + end + end + + context 'snippet author' do + let(:author) { current_user } + + context 'project member (non guest)' do + before do + project.add_developer(current_user) + end + + it do + expect_allowed(:read_project_snippet, :create_note) + expect_allowed(*author_permissions) + end + end + + context 'project member (guest)' do + before do + project.add_guest(current_user) + end + + it do + expect_allowed(:read_project_snippet, :create_note) + expect_disallowed(:admin_project_snippet) + end + end + + context 'not a project member' do + it do + expect_allowed(:read_project_snippet, :create_note) + expect_disallowed(:admin_project_snippet) + end + end + end + end + context 'public snippet' do let(:snippet_visibility) { :public } @@ -36,6 +97,8 @@ describe ProjectSnippetPolicy do expect_allowed(:read_project_snippet, :create_note) expect_disallowed(*author_permissions) end + + it_behaves_like 'regular user access rights' end context 'external user' do @@ -45,6 +108,17 @@ describe ProjectSnippetPolicy do expect_allowed(:read_project_snippet, :create_note) expect_disallowed(*author_permissions) end + + context 'project team member' do + before do + project.add_developer(external_user) + end + + it do + expect_allowed(:read_project_snippet, :create_note) + expect_disallowed(*author_permissions) + end + end end end @@ -67,6 +141,8 @@ describe ProjectSnippetPolicy do expect_allowed(:read_project_snippet, :create_note) expect_disallowed(*author_permissions) end + + it_behaves_like 'regular user access rights' end context 'external user' do @@ -110,33 +186,20 @@ describe ProjectSnippetPolicy do expect_disallowed(*author_permissions) end - context 'snippet author' do - let(:snippet) { create(:project_snippet, :private, author: regular_user, project: project) } - - it do - expect_allowed(:read_project_snippet, :create_note) - expect_allowed(*author_permissions) - end - end + it_behaves_like 'regular user access rights' + end - context 'project team member normal user' do - before do - project.add_developer(regular_user) - end + context 'external user' do + let(:current_user) { external_user } - it do - expect_allowed(:read_project_snippet, :create_note) - expect_disallowed(*author_permissions) - end + it do + expect_disallowed(:read_project_snippet, :create_note) + expect_disallowed(*author_permissions) end - end - context 'external user' do context 'project team member' do - let(:current_user) { external_user } - before do - project.add_developer(external_user) + project.add_developer(current_user) end it do |