diff options
Diffstat (limited to 'spec/models/ability_spec.rb')
-rw-r--r-- | spec/models/ability_spec.rb | 46 |
1 files changed, 43 insertions, 3 deletions
diff --git a/spec/models/ability_spec.rb b/spec/models/ability_spec.rb index 2bf971f553f..9ef77da6f43 100644 --- a/spec/models/ability_spec.rb +++ b/spec/models/ability_spec.rb @@ -74,13 +74,20 @@ describe Ability do context 'using a private project' do let(:project) { create(:project, :private) } - it 'returns users that are administrators' do + it 'returns users that are administrators when admin mode is enabled', :enable_admin_mode do user = build(:user, admin: true) expect(described_class.users_that_can_read_project([user], project)) .to eq([user]) end + it 'does not return users that are administrators when admin mode is disabled' do + user = build(:user, admin: true) + + expect(described_class.users_that_can_read_project([user], project)) + .to eq([]) + end + it 'returns external users if they are the project owner' do user1 = build(:user, external: true) user2 = build(:user, external: true) @@ -145,7 +152,7 @@ describe Ability do end describe '.merge_requests_readable_by_user' do - context 'with an admin' do + context 'with an admin when admin mode is enabled', :enable_admin_mode do it 'returns all merge requests' do user = build(:user, admin: true) merge_request = build(:merge_request) @@ -155,6 +162,19 @@ describe Ability do end end + context 'with an admin when admin mode is disabled' do + it 'returns merge_requests that are publicly visible' do + user = build(:user, admin: true) + hidden_merge_request = build(:merge_request) + visible_merge_request = build(:merge_request, source_project: build(:project, :public)) + + merge_requests = described_class + .merge_requests_readable_by_user([hidden_merge_request, visible_merge_request], user) + + expect(merge_requests).to eq([visible_merge_request]) + end + end + context 'without a user' do it 'returns merge_requests that are publicly visible' do hidden_merge_request = build(:merge_request) @@ -217,7 +237,7 @@ describe Ability do end describe '.issues_readable_by_user' do - context 'with an admin user' do + context 'with an admin when admin mode is enabled', :enable_admin_mode do it 'returns all given issues' do user = build(:user, admin: true) issue = build(:issue) @@ -227,6 +247,26 @@ describe Ability do end end + context 'with an admin when admin mode is disabled' do + it 'returns the issues readable by the admin' do + user = build(:user, admin: true) + issue = build(:issue) + + expect(issue).to receive(:readable_by?).with(user).and_return(true) + + expect(described_class.issues_readable_by_user([issue], user)) + .to eq([issue]) + end + + it 'returns no issues when not given access' do + user = build(:user, admin: true) + issue = build(:issue) + + expect(described_class.issues_readable_by_user([issue], user)) + .to be_empty + end + end + context 'with a regular user' do it 'returns the issues readable by the user' do user = build(:user) |