summaryrefslogtreecommitdiff
path: root/spec/policies/ci
diff options
context:
space:
mode:
Diffstat (limited to 'spec/policies/ci')
-rw-r--r--spec/policies/ci/build_policy_spec.rb52
-rw-r--r--spec/policies/ci/pipeline_policy_spec.rb47
2 files changed, 64 insertions, 35 deletions
diff --git a/spec/policies/ci/build_policy_spec.rb b/spec/policies/ci/build_policy_spec.rb
index ace95ac7067..2a8e6653eb8 100644
--- a/spec/policies/ci/build_policy_spec.rb
+++ b/spec/policies/ci/build_policy_spec.rb
@@ -96,55 +96,37 @@ describe Ci::BuildPolicy, :models do
end
end
- describe 'rules for manual actions' do
+ describe 'rules for protected branch' do
let(:project) { create(:project) }
before do
project.add_developer(user)
- end
-
- context 'when branch build is assigned to is protected' do
- before do
- create(:protected_branch, :no_one_can_push,
- name: 'some-ref', project: project)
- end
- context 'when build is a manual action' do
- let(:build) do
- create(:ci_build, :manual, ref: 'some-ref', pipeline: pipeline)
- end
-
- it 'does not include ability to update build' do
- expect(policy).to be_disallowed :update_build
- end
- end
+ create(:protected_branch, branch_policy,
+ name: build.ref, project: project)
+ end
- context 'when build is not a manual action' do
- let(:build) do
- create(:ci_build, ref: 'some-ref', pipeline: pipeline)
- end
+ context 'when no one can push or merge to the branch' do
+ let(:branch_policy) { :no_one_can_push }
- it 'includes ability to update build' do
- expect(policy).to be_allowed :update_build
- end
+ it 'does not include ability to update build' do
+ expect(policies).to be_disallowed :update_build
end
end
- context 'when branch build is assigned to is not protected' do
- context 'when build is a manual action' do
- let(:build) { create(:ci_build, :manual, pipeline: pipeline) }
+ context 'when developers can push to the branch' do
+ let(:branch_policy) { :developers_can_push }
- it 'includes ability to update build' do
- expect(policy).to be_allowed :update_build
- end
+ it 'includes ability to update build' do
+ expect(policies).to be_allowed :update_build
end
+ end
- context 'when build is not a manual action' do
- let(:build) { create(:ci_build, pipeline: pipeline) }
+ context 'when developers can push to the branch' do
+ let(:branch_policy) { :developers_can_merge }
- it 'includes ability to update build' do
- expect(policy).to be_allowed :update_build
- end
+ it 'includes ability to update build' do
+ expect(policies).to be_allowed :update_build
end
end
end
diff --git a/spec/policies/ci/pipeline_policy_spec.rb b/spec/policies/ci/pipeline_policy_spec.rb
new file mode 100644
index 00000000000..db09be96875
--- /dev/null
+++ b/spec/policies/ci/pipeline_policy_spec.rb
@@ -0,0 +1,47 @@
+require 'spec_helper'
+
+describe Ci::PipelinePolicy, :models do
+ let(:user) { create(:user) }
+ let(:pipeline) { create(:ci_empty_pipeline, project: project) }
+
+ let(:policies) do
+ described_class.abilities(user, pipeline).to_set
+ end
+
+ describe 'rules' do
+ describe 'rules for protected branch' do
+ let(:project) { create(:project) }
+
+ before do
+ project.add_developer(user)
+
+ create(:protected_branch, branch_policy,
+ name: pipeline.ref, project: project)
+ end
+
+ context 'when no one can push or merge to the branch' do
+ let(:branch_policy) { :no_one_can_push }
+
+ it 'does not include ability to update pipeline' do
+ expect(policies).to be_disallowed :update_pipeline
+ end
+ end
+
+ context 'when developers can push to the branch' do
+ let(:branch_policy) { :developers_can_push }
+
+ it 'includes ability to update pipeline' do
+ expect(policies).to be_allowed :update_pipeline
+ end
+ end
+
+ context 'when developers can push to the branch' do
+ let(:branch_policy) { :developers_can_merge }
+
+ it 'includes ability to update pipeline' do
+ expect(policies).to be_allowed :update_pipeline
+ end
+ end
+ end
+ end
+end
View Lorry Controller Status