diff options
author | Sean McGivern <sean@mcgivern.me.uk> | 2016-11-30 20:55:37 +0000 |
---|---|---|
committer | Sean McGivern <sean@mcgivern.me.uk> | 2016-11-30 20:55:37 +0000 |
commit | 24e5a1e8db943be346b4f7f4fb49326ad0e5eb9e (patch) | |
tree | f0c82b4d402f47c70ab4e5a5125b9465c22327c3 /spec | |
parent | 37655a853e7e8c6ee33aeb42f8207e1522ad8326 (diff) | |
parent | 28688b5456f40cd45bfbc78e20e9d1d975e4aa60 (diff) | |
download | gitlab-ce-24e5a1e8db943be346b4f7f4fb49326ad0e5eb9e.tar.gz |
Merge branch 'fix/git-access-wiki-when-repository-feature-disabled' into 'master'
Fixes access to the wiki code with git when repository feature disabled
## What does this MR do?
Allow access to the wiki repository with git when the repository feature is disabled.
## Why was this MR needed?
Without this fix, if you create a wiki only project you are not allowed to download the wiki code from this project.
## Does this MR meet the acceptance criteria?
- [X] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added
- [ ] ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~
- [ ] ~~API support added~~
- Tests
- [X] Added for this feature/bug
- [ ] All builds are passing
- [X] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [X] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [X] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
Fixes #24931
See merge request !7832
Diffstat (limited to 'spec')
-rw-r--r-- | spec/lib/gitlab/git_access_wiki_spec.rb | 25 | ||||
-rw-r--r-- | spec/policies/project_policy_spec.rb | 14 |
2 files changed, 37 insertions, 2 deletions
diff --git a/spec/lib/gitlab/git_access_wiki_spec.rb b/spec/lib/gitlab/git_access_wiki_spec.rb index 576aa5c366f..578db51631e 100644 --- a/spec/lib/gitlab/git_access_wiki_spec.rb +++ b/spec/lib/gitlab/git_access_wiki_spec.rb @@ -26,4 +26,29 @@ describe Gitlab::GitAccessWiki, lib: true do def changes ['6f6d7e7ed 570e7b2ab refs/heads/master'] end + + describe '#download_access_check' do + subject { access.check('git-upload-pack', '_any') } + + before do + project.team << [user, :developer] + end + + context 'when wiki feature is enabled' do + it 'give access to download wiki code' do + project.project_feature.update_attribute(:wiki_access_level, ProjectFeature::ENABLED) + + expect(subject.allowed?).to be_truthy + end + end + + context 'when wiki feature is disabled' do + it 'does not give access to download wiki code' do + project.project_feature.update_attribute(:wiki_access_level, ProjectFeature::DISABLED) + + expect(subject.allowed?).to be_falsey + expect(subject.message).to match(/You are not allowed to download code/) + end + end + end end diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb index 96249a7d8c3..b49e4f3a8bc 100644 --- a/spec/policies/project_policy_spec.rb +++ b/spec/policies/project_policy_spec.rb @@ -23,7 +23,7 @@ describe ProjectPolicy, models: true do :download_code, :fork_project, :create_project_snippet, :update_issue, :admin_issue, :admin_label, :admin_list, :read_commit_status, :read_build, :read_container_image, :read_pipeline, :read_environment, :read_deployment, - :read_merge_request + :read_merge_request, :download_wiki_code ] end @@ -56,7 +56,8 @@ describe ProjectPolicy, models: true do let(:public_permissions) do [ :download_code, :fork_project, :read_commit_status, :read_pipeline, - :read_container_image, :build_download_code, :build_read_container_image + :read_container_image, :build_download_code, :build_read_container_image, + :download_wiki_code ] end @@ -87,6 +88,15 @@ describe ProjectPolicy, models: true do expect(Ability.allowed?(user, :read_issue, project)).to be_falsy end + it 'does not include the wiki permissions when the feature is disabled' do + project.project_feature.update_attribute(:wiki_access_level, ProjectFeature::DISABLED) + wiki_permissions = [:read_wiki, :create_wiki, :update_wiki, :admin_wiki, :download_wiki_code] + + permissions = described_class.abilities(owner, project).to_set + + expect(permissions).not_to include(*wiki_permissions) + end + context 'abilities for non-public projects' do let(:project) { create(:empty_project, namespace: owner.namespace) } |