summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--spec/controllers/projects/boards/issues_controller_spec.rb4
-rw-r--r--spec/controllers/projects/boards/lists_controller_spec.rb14
-rw-r--r--spec/controllers/projects/boards_controller_spec.rb14
3 files changed, 21 insertions, 11 deletions
diff --git a/spec/controllers/projects/boards/issues_controller_spec.rb b/spec/controllers/projects/boards/issues_controller_spec.rb
index 2c6cdf086b8..d0ad5e26dbd 100644
--- a/spec/controllers/projects/boards/issues_controller_spec.rb
+++ b/spec/controllers/projects/boards/issues_controller_spec.rb
@@ -40,10 +40,12 @@ describe Projects::Boards::IssuesController do
end
context 'with unauthorized user' do
- it 'returns a successful 403 response' do
+ before do
allow(Ability.abilities).to receive(:allowed?).with(user, :read_project, project).and_return(true)
allow(Ability.abilities).to receive(:allowed?).with(user, :read_issue, project).and_return(false)
+ end
+ it 'returns a successful 403 response' do
list_issues user: user, list_id: list2
expect(response).to have_http_status(403)
diff --git a/spec/controllers/projects/boards/lists_controller_spec.rb b/spec/controllers/projects/boards/lists_controller_spec.rb
index a241e2f363f..9496636e3cc 100644
--- a/spec/controllers/projects/boards/lists_controller_spec.rb
+++ b/spec/controllers/projects/boards/lists_controller_spec.rb
@@ -33,13 +33,17 @@ describe Projects::Boards::ListsController do
expect(parsed_response.length).to eq 3
end
- it 'returns a successful 403 response with unauthorized user' do
- allow(Ability.abilities).to receive(:allowed?).with(user, :read_project, project).and_return(true)
- allow(Ability.abilities).to receive(:allowed?).with(user, :read_list, project).and_return(false)
+ context 'with unauthorized user' do
+ before do
+ allow(Ability.abilities).to receive(:allowed?).with(user, :read_project, project).and_return(true)
+ allow(Ability.abilities).to receive(:allowed?).with(user, :read_list, project).and_return(false)
+ end
- read_board_list user: user
+ it 'returns a successful 403 response' do
+ read_board_list user: user
- expect(response).to have_http_status(403)
+ expect(response).to have_http_status(403)
+ end
end
def read_board_list(user:)
diff --git a/spec/controllers/projects/boards_controller_spec.rb b/spec/controllers/projects/boards_controller_spec.rb
index 9ed4d8a4218..75a6d39e82c 100644
--- a/spec/controllers/projects/boards_controller_spec.rb
+++ b/spec/controllers/projects/boards_controller_spec.rb
@@ -21,13 +21,17 @@ describe Projects::BoardsController do
expect(response.content_type).to eq 'text/html'
end
- it 'returns a successful 404 response with unauthorized user' do
- allow(Ability.abilities).to receive(:allowed?).with(user, :read_project, project).and_return(true)
- allow(Ability.abilities).to receive(:allowed?).with(user, :read_board, project).and_return(false)
+ context 'with unauthorized user' do
+ before do
+ allow(Ability.abilities).to receive(:allowed?).with(user, :read_project, project).and_return(true)
+ allow(Ability.abilities).to receive(:allowed?).with(user, :read_board, project).and_return(false)
+ end
- read_board
+ it 'returns a successful 404 response' do
+ read_board
- expect(response).to have_http_status(404)
+ expect(response).to have_http_status(404)
+ end
end
def read_board(format: :html)