diff options
Diffstat (limited to 'spec/policies/base_policy_spec.rb')
-rw-r--r-- | spec/policies/base_policy_spec.rb | 30 |
1 files changed, 22 insertions, 8 deletions
diff --git a/spec/policies/base_policy_spec.rb b/spec/policies/base_policy_spec.rb index 44ff909872d..ec20616d357 100644 --- a/spec/policies/base_policy_spec.rb +++ b/spec/policies/base_policy_spec.rb @@ -22,31 +22,45 @@ RSpec.describe BasePolicy do end end - shared_examples 'admin only access' do |policy| + shared_examples 'admin only access' do |ability| + def policy + # method, because we want a fresh cache each time. + described_class.new(current_user, nil) + end + let(:current_user) { build_stubbed(:user) } - subject { described_class.new(current_user, nil) } + subject { policy } - it { is_expected.not_to be_allowed(policy) } + it { is_expected.not_to be_allowed(ability) } - context 'for admins' do + context 'with an admin' do let(:current_user) { build_stubbed(:admin) } it 'allowed when in admin mode' do enable_admin_mode!(current_user) - is_expected.to be_allowed(policy) + is_expected.to be_allowed(ability) end it 'prevented when not in admin mode' do - is_expected.not_to be_allowed(policy) + is_expected.not_to be_allowed(ability) end end - context 'for anonymous' do + context 'with anonymous' do let(:current_user) { nil } - it { is_expected.not_to be_allowed(policy) } + it { is_expected.not_to be_allowed(ability) } + end + + describe 'bypassing the session for sessionless login', :request_store do + let(:current_user) { build_stubbed(:admin) } + + it 'changes from prevented to allowed' do + expect { Gitlab::Auth::CurrentUserMode.bypass_session!(current_user.id) } + .to change { policy.allowed?(ability) }.from(false).to(true) + end end end |