diff options
Diffstat (limited to 'spec/policies/environment_policy_spec.rb')
-rw-r--r-- | spec/policies/environment_policy_spec.rb | 106 |
1 files changed, 75 insertions, 31 deletions
diff --git a/spec/policies/environment_policy_spec.rb b/spec/policies/environment_policy_spec.rb index de4cb5b30c5..0442b032e89 100644 --- a/spec/policies/environment_policy_spec.rb +++ b/spec/policies/environment_policy_spec.rb @@ -1,57 +1,101 @@ require 'spec_helper' describe EnvironmentPolicy do - let(:user) { create(:user) } - let(:project) { create(:project, :repository) } + using RSpec::Parameterized::TableSyntax - let(:environment) do - create(:environment, :with_review_app, project: project) - end + let(:user) { create(:user) } let(:policy) do described_class.new(user, environment) end describe '#rules' do - context 'when user does not have access to the project' do - let(:project) { create(:project, :private, :repository) } + shared_examples 'project permissions' do + context 'with stop action' do + let(:environment) do + create(:environment, :with_review_app, project: project) + end - it 'does not include ability to stop environment' do - expect(policy).to be_disallowed :stop_environment - end - end + where(:access_level, :allowed?) do + nil | false + :guest | false + :reporter | false + :developer | true + :maintainer | true + end - context 'when anonymous user has access to the project' do - let(:project) { create(:project, :public, :repository) } + with_them do + before do + project.add_user(user, access_level) unless access_level.nil? + end - it 'does not include ability to stop environment' do - expect(policy).to be_disallowed :stop_environment - end - end + it { expect(policy.allowed?(:stop_environment)).to be allowed? } + end - context 'when team member has access to the project' do - let(:project) { create(:project, :public, :repository) } + context 'when an admin user' do + let(:user) { create(:user, :admin) } - before do - project.add_developer(user) - end + it { expect(policy).to be_allowed :stop_environment } + end + + context 'with protected branch' do + with_them do + before do + project.add_user(user, access_level) unless access_level.nil? + create(:protected_branch, :no_one_can_push, + name: 'master', project: project) + end - context 'when team member has ability to stop environment' do - it 'does includes ability to stop environment' do - expect(policy).to be_allowed :stop_environment + it { expect(policy).to be_disallowed :stop_environment } + end + + context 'when an admin user' do + let(:user) { create(:user, :admin) } + + it { expect(policy).to be_allowed :stop_environment } + end end end - context 'when team member has no ability to stop environment' do - before do - create(:protected_branch, :no_one_can_push, - name: 'master', project: project) + context 'without stop action' do + let(:environment) do + create(:environment, project: project) + end + + where(:access_level, :allowed?) do + nil | false + :guest | false + :reporter | false + :developer | false + :maintainer | true end - it 'does not include ability to stop environment' do - expect(policy).to be_disallowed :stop_environment + with_them do + before do + project.add_user(user, access_level) unless access_level.nil? + end + + it { expect(policy.allowed?(:stop_environment)).to be allowed? } + end + + context 'when an admin user' do + let(:user) { create(:user, :admin) } + + it { expect(policy).to be_allowed :stop_environment } end end end + + context 'when project is public' do + let(:project) { create(:project, :public, :repository) } + + include_examples 'project permissions' + end + + context 'when project is private' do + let(:project) { create(:project, :private, :repository) } + + include_examples 'project permissions' + end end end |