1 files changed, 2 insertions, 322 deletions

diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index 772d1fbee2b..726ccba8807 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -1,96 +1,7 @@
 require 'spec_helper'
 
 describe ProjectPolicy do
-  set(:guest) { create(:user) }
-  set(:reporter) { create(:user) }
-  set(:developer) { create(:user) }
-  set(:maintainer) { create(:user) }
-  set(:owner) { create(:user) }
-  set(:admin) { create(:admin) }
-  let(:project) { create(:project, :public, namespace: owner.namespace) }
-
-  let(:base_guest_permissions) do
-    %i[
-      read_project read_board read_list read_wiki read_issue
-      read_project_for_iids read_issue_iid read_label
-      read_milestone read_project_snippet read_project_member read_note
-      create_project create_issue create_note upload_file create_merge_request_in
-      award_emoji read_release
-    ]
-  end
-
-  let(:base_reporter_permissions) do
-    %i[
-      download_code fork_project create_project_snippet update_issue
-      admin_issue admin_label admin_list read_commit_status read_build
-      read_container_image read_pipeline read_environment read_deployment
-      read_merge_request download_wiki_code read_sentry_issue
-    ]
-  end
-
-  let(:team_member_reporter_permissions) do
-    %i[build_download_code build_read_container_image]
-  end
-
-  let(:developer_permissions) do
-    %i[
-      admin_milestone admin_merge_request update_merge_request create_commit_status
-      update_commit_status create_build update_build create_pipeline
-      update_pipeline create_merge_request_from create_wiki push_code
-      resolve_note create_container_image update_container_image
-      create_environment create_deployment create_release update_release
-    ]
-  end
-
-  let(:base_maintainer_permissions) do
-    %i[
-      push_to_delete_protected_branch update_project_snippet update_environment
-      update_deployment admin_project_snippet admin_project_member admin_note admin_wiki admin_project
-      admin_commit_status admin_build admin_container_image
-      admin_pipeline admin_environment admin_deployment destroy_release add_cluster
-      daily_statistics
-    ]
-  end
-
-  let(:public_permissions) do
-    %i[
-      download_code fork_project read_commit_status read_pipeline
-      read_container_image build_download_code build_read_container_image
-      download_wiki_code read_release
-    ]
-  end
-
-  let(:owner_permissions) do
-    %i[
-      change_namespace change_visibility_level rename_project remove_project
-      archive_project remove_fork_project destroy_merge_request destroy_issue
-      set_issue_iid set_issue_created_at set_note_created_at
-    ]
-  end
-
-  # Used in EE specs
-  let(:additional_guest_permissions) { [] }
-  let(:additional_reporter_permissions) { [] }
-  let(:additional_maintainer_permissions) { [] }
-
-  let(:guest_permissions) { base_guest_permissions + additional_guest_permissions }
-  let(:reporter_permissions) { base_reporter_permissions + additional_reporter_permissions }
-  let(:maintainer_permissions) { base_maintainer_permissions + additional_maintainer_permissions }
-
-  before do
-    project.add_guest(guest)
-    project.add_maintainer(maintainer)
-    project.add_developer(developer)
-    project.add_reporter(reporter)
-  end
-
-  def expect_allowed(*permissions)
-    permissions.each { |p| is_expected.to be_allowed(p) }
-  end
-
-  def expect_disallowed(*permissions)
-    permissions.each { |p| is_expected.not_to be_allowed(p) }
-  end
+  include_context 'ProjectPolicy context'
 
   it 'does not include the read_issue permission when the issue author is not a member of the private project' do
     project = create(:project, :private)
@@ -140,7 +51,7 @@ describe ProjectPolicy do
       end
 
       it 'disables boards and lists permissions' do
-        expect_disallowed :read_board, :create_board, :update_board, :admin_board
+        expect_disallowed :read_board, :create_board, :update_board
         expect_disallowed :read_list, :create_list, :update_list, :admin_list
       end
 
@@ -237,237 +148,6 @@ describe ProjectPolicy do
     end
   end
 
-  shared_examples 'archived project policies' do
-    let(:feature_write_abilities) do
-      described_class::READONLY_FEATURES_WHEN_ARCHIVED.flat_map do |feature|
-        described_class.create_update_admin_destroy(feature)
-      end
-    end
-
-    let(:other_write_abilities) do
-      %i[
-        create_merge_request_in
-        create_merge_request_from
-        push_to_delete_protected_branch
-        push_code
-        request_access
-        upload_file
-        resolve_note
-        award_emoji
-      ]
-    end
-
-    context 'when the project is archived' do
-      before do
-        project.archived = true
-      end
-
-      it 'disables write actions on all relevant project features' do
-        expect_disallowed(*feature_write_abilities)
-      end
-
-      it 'disables some other important write actions' do
-        expect_disallowed(*other_write_abilities)
-      end
-
-      it 'does not disable other abilities' do
-        expect_allowed(*(regular_abilities - feature_write_abilities - other_write_abilities))
-      end
-    end
-  end
-
-  shared_examples 'project policies as anonymous' do
-    context 'abilities for public projects' do
-      context 'when a project has pending invites' do
-        let(:group) { create(:group, :public) }
-        let(:project) { create(:project, :public, namespace: group) }
-        let(:user_permissions) { [:create_merge_request_in, :create_project, :create_issue, :create_note, :upload_file, :award_emoji] }
-        let(:anonymous_permissions) { guest_permissions - user_permissions }
-
-        subject { described_class.new(nil, project) }
-
-        before do
-          create(:group_member, :invited, group: group)
-        end
-
-        it 'does not grant owner access' do
-          expect_allowed(*anonymous_permissions)
-          expect_disallowed(*user_permissions)
-        end
-
-        it_behaves_like 'archived project policies' do
-          let(:regular_abilities) { anonymous_permissions }
-        end
-      end
-    end
-
-    context 'abilities for non-public projects' do
-      let(:project) { create(:project, namespace: owner.namespace) }
-
-      subject { described_class.new(nil, project) }
-
-      it { is_expected.to be_banned }
-    end
-  end
-
-  shared_examples 'project policies as guest' do
-    subject { described_class.new(guest, project) }
-
-    context 'abilities for non-public projects' do
-      let(:project) { create(:project, namespace: owner.namespace) }
-      let(:reporter_public_build_permissions) do
-        reporter_permissions - [:read_build, :read_pipeline]
-      end
-
-      it do
-        expect_allowed(*guest_permissions)
-        expect_disallowed(*reporter_public_build_permissions)
-        expect_disallowed(*team_member_reporter_permissions)
-        expect_disallowed(*developer_permissions)
-        expect_disallowed(*maintainer_permissions)
-        expect_disallowed(*owner_permissions)
-      end
-
-      it_behaves_like 'archived project policies' do
-        let(:regular_abilities) { guest_permissions }
-      end
-
-      context 'public builds enabled' do
-        it do
-          expect_allowed(*guest_permissions)
-          expect_allowed(:read_build, :read_pipeline)
-        end
-      end
-
-      context 'when public builds disabled' do
-        before do
-          project.update(public_builds: false)
-        end
-
-        it do
-          expect_allowed(*guest_permissions)
-          expect_disallowed(:read_build, :read_pipeline)
-        end
-      end
-
-      context 'when builds are disabled' do
-        before do
-          project.project_feature.update(builds_access_level: ProjectFeature::DISABLED)
-        end
-
-        it do
-          expect_disallowed(:read_build)
-          expect_allowed(:read_pipeline)
-        end
-      end
-    end
-  end
-
-  shared_examples 'project policies as reporter' do
-    context 'abilities for non-public projects' do
-      let(:project) { create(:project, namespace: owner.namespace) }
-
-      subject { described_class.new(reporter, project) }
-
-      it do
-        expect_allowed(*guest_permissions)
-        expect_allowed(*reporter_permissions)
-        expect_allowed(*team_member_reporter_permissions)
-        expect_disallowed(*developer_permissions)
-        expect_disallowed(*maintainer_permissions)
-        expect_disallowed(*owner_permissions)
-      end
-
-      it_behaves_like 'archived project policies' do
-        let(:regular_abilities) { reporter_permissions }
-      end
-    end
-  end
-
-  shared_examples 'project policies as developer' do
-    context 'abilities for non-public projects' do
-      let(:project) { create(:project, namespace: owner.namespace) }
-
-      subject { described_class.new(developer, project) }
-
-      it do
-        expect_allowed(*guest_permissions)
-        expect_allowed(*reporter_permissions)
-        expect_allowed(*team_member_reporter_permissions)
-        expect_allowed(*developer_permissions)
-        expect_disallowed(*maintainer_permissions)
-        expect_disallowed(*owner_permissions)
-      end
-
-      it_behaves_like 'archived project policies' do
-        let(:regular_abilities) { developer_permissions }
-      end
-    end
-  end
-
-  shared_examples 'project policies as maintainer' do
-    context 'abilities for non-public projects' do
-      let(:project) { create(:project, namespace: owner.namespace) }
-
-      subject { described_class.new(maintainer, project) }
-
-      it do
-        expect_allowed(*guest_permissions)
-        expect_allowed(*reporter_permissions)
-        expect_allowed(*team_member_reporter_permissions)
-        expect_allowed(*developer_permissions)
-        expect_allowed(*maintainer_permissions)
-        expect_disallowed(*owner_permissions)
-      end
-
-      it_behaves_like 'archived project policies' do
-        let(:regular_abilities) { maintainer_permissions }
-      end
-    end
-  end
-
-  shared_examples 'project policies as owner' do
-    context 'abilities for non-public projects' do
-      let(:project) { create(:project, namespace: owner.namespace) }
-
-      subject { described_class.new(owner, project) }
-
-      it do
-        expect_allowed(*guest_permissions)
-        expect_allowed(*reporter_permissions)
-        expect_allowed(*team_member_reporter_permissions)
-        expect_allowed(*developer_permissions)
-        expect_allowed(*maintainer_permissions)
-        expect_allowed(*owner_permissions)
-      end
-
-      it_behaves_like 'archived project policies' do
-        let(:regular_abilities) { owner_permissions }
-      end
-    end
-  end
-
-  shared_examples 'project policies as admin' do
-    context 'abilities for non-public projects' do
-      let(:project) { create(:project, namespace: owner.namespace) }
-
-      subject { described_class.new(admin, project) }
-
-      it do
-        expect_allowed(*guest_permissions)
-        expect_allowed(*reporter_permissions)
-        expect_disallowed(*team_member_reporter_permissions)
-        expect_allowed(*developer_permissions)
-        expect_allowed(*maintainer_permissions)
-        expect_allowed(*owner_permissions)
-      end
-
-      it_behaves_like 'archived project policies' do
-        let(:regular_abilities) { owner_permissions }
-      end
-    end
-  end
-
   it_behaves_like 'project policies as anonymous'
   it_behaves_like 'project policies as guest'
   it_behaves_like 'project policies as reporter'