summaryrefslogtreecommitdiff
path: root/spec/policies/resource_milestone_event_policy_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/policies/resource_milestone_event_policy_spec.rb')
-rw-r--r--spec/policies/resource_milestone_event_policy_spec.rb73
1 files changed, 73 insertions, 0 deletions
diff --git a/spec/policies/resource_milestone_event_policy_spec.rb b/spec/policies/resource_milestone_event_policy_spec.rb
new file mode 100644
index 00000000000..22d1f837ae3
--- /dev/null
+++ b/spec/policies/resource_milestone_event_policy_spec.rb
@@ -0,0 +1,73 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe ResourceMilestoneEventPolicy, feature_category: :team_planning do
+ let_it_be(:user) { create(:user) }
+ let_it_be(:group) { create(:group) }
+ let_it_be(:project) { create(:project, :private) }
+ let_it_be(:issue) { create(:issue, project: project) }
+ let_it_be(:private_project) { create(:project, :private) }
+
+ describe '#read_resource_milestone_event' do
+ context 'with non-member user' do
+ it 'does not allow to read event' do
+ event = build_event(project)
+
+ expect(permissions(user, event)).to be_disallowed(:read_milestone, :read_resource_milestone_event, :read_note)
+ end
+ end
+
+ context 'with member user' do
+ before do
+ project.add_guest(user)
+ end
+
+ it 'allows to read event for accessible milestone' do
+ event = build_event(project)
+
+ expect(permissions(user, event)).to be_allowed(:read_milestone, :read_resource_milestone_event, :read_note)
+ end
+
+ it 'does not allow to read event for not accessible milestone' do
+ event = build_event(private_project)
+
+ expect(permissions(user, event)).to be_disallowed(:read_milestone, :read_resource_milestone_event, :read_note)
+ end
+ end
+ end
+
+ describe '#read_milestone' do
+ before do
+ project.add_guest(user)
+ end
+
+ it 'allows to read deleted milestone' do
+ event = build(:resource_milestone_event, issue: issue, milestone: nil)
+
+ expect(permissions(user, event)).to be_allowed(:read_milestone, :read_resource_milestone_event, :read_note)
+ end
+
+ it 'allows to read accessible milestone' do
+ event = build_event(project)
+
+ expect(permissions(user, event)).to be_allowed(:read_milestone, :read_resource_milestone_event, :read_note)
+ end
+
+ it 'does not allow to read not accessible milestone' do
+ event = build_event(private_project)
+
+ expect(permissions(user, event)).to be_disallowed(:read_milestone, :read_resource_milestone_event, :read_note)
+ end
+ end
+
+ def build_event(project)
+ milestone = create(:milestone, project: project)
+
+ build(:resource_milestone_event, issue: issue, milestone: milestone)
+ end
+
+ def permissions(user, issue)
+ described_class.new(user, issue)
+ end
+end
View Lorry Controller Status