diff options
Diffstat (limited to 'spec/controllers/boards')
| -rw-r--r-- | spec/controllers/boards/issues_controller_spec.rb | 10 | ||||
| -rw-r--r-- | spec/controllers/boards/lists_controller_spec.rb | 7 |
2 files changed, 5 insertions, 12 deletions
diff --git a/spec/controllers/boards/issues_controller_spec.rb b/spec/controllers/boards/issues_controller_spec.rb index 8657fc2ebc0..725ea2bf1ab 100644 --- a/spec/controllers/boards/issues_controller_spec.rb +++ b/spec/controllers/boards/issues_controller_spec.rb @@ -1,7 +1,7 @@ require 'spec_helper' describe Boards::IssuesController do - let(:project) { create(:project) } + let(:project) { create(:project, :private) } let(:board) { create(:board, project: project) } let(:user) { create(:user) } let(:guest) { create(:user) } @@ -127,14 +127,10 @@ describe Boards::IssuesController do end context 'with unauthorized user' do - before do - allow(Ability).to receive(:allowed?).and_call_original - allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true) - allow(Ability).to receive(:allowed?).with(user, :read_issue, project).and_return(false) - end + let(:unauth_user) { create(:user) } it 'returns a forbidden 403 response' do - list_issues user: user, board: board, list: list2 + list_issues user: unauth_user, board: board, list: list2 expect(response).to have_gitlab_http_status(403) end diff --git a/spec/controllers/boards/lists_controller_spec.rb b/spec/controllers/boards/lists_controller_spec.rb index 70033857168..e5b8aa2e678 100644 --- a/spec/controllers/boards/lists_controller_spec.rb +++ b/spec/controllers/boards/lists_controller_spec.rb @@ -31,13 +31,10 @@ describe Boards::ListsController do end context 'with unauthorized user' do - before do - allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true) - allow(Ability).to receive(:allowed?).with(user, :read_list, project).and_return(false) - end + let(:unauth_user) { create(:user) } it 'returns a forbidden 403 response' do - read_board_list user: user, board: board + read_board_list user: unauth_user, board: board expect(response).to have_gitlab_http_status(403) end |