summaryrefslogtreecommitdiff
path: root/spec/policies
diff options
context:
space:
mode:
Diffstat (limited to 'spec/policies')
-rw-r--r--spec/policies/personal_snippet_policy_spec.rb141
1 files changed, 141 insertions, 0 deletions
diff --git a/spec/policies/personal_snippet_policy_spec.rb b/spec/policies/personal_snippet_policy_spec.rb
new file mode 100644
index 00000000000..58aa1145c9e
--- /dev/null
+++ b/spec/policies/personal_snippet_policy_spec.rb
@@ -0,0 +1,141 @@
+require 'spec_helper'
+
+describe PersonalSnippetPolicy, models: true do
+ let(:regular_user) { create(:user) }
+ let(:external_user) { create(:user, :external) }
+ let(:admin_user) { create(:user, :admin) }
+
+ let(:author_permissions) do
+ [
+ :update_personal_snippet,
+ :admin_personal_snippet,
+ :destroy_personal_snippet
+ ]
+ end
+
+ def permissions(user)
+ described_class.abilities(user, snippet).to_set
+ end
+
+ context 'public snippet' do
+ let(:snippet) { create(:personal_snippet, :public) }
+
+ context 'no user' do
+ subject { permissions(nil) }
+
+ it do
+ is_expected.to include(:read_personal_snippet)
+ is_expected.not_to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'regular user' do
+ subject { permissions(regular_user) }
+
+ it do
+ is_expected.to include(:read_personal_snippet)
+ is_expected.to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'author' do
+ subject { permissions(snippet.author) }
+
+ it do
+ is_expected.to include(:read_personal_snippet)
+ is_expected.to include(:comment_personal_snippet)
+ is_expected.to include(*author_permissions)
+ end
+ end
+ end
+
+ context 'internal snippet' do
+ let(:snippet) { create(:personal_snippet, :internal) }
+
+ context 'no user' do
+ subject { permissions(nil) }
+
+ it do
+ is_expected.not_to include(:read_personal_snippet)
+ is_expected.not_to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'regular user' do
+ subject { permissions(regular_user) }
+
+ it do
+ is_expected.to include(:read_personal_snippet)
+ is_expected.to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'external user' do
+ subject { permissions(external_user) }
+
+ it do
+ is_expected.not_to include(:read_personal_snippet)
+ is_expected.not_to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'snippet author' do
+ subject { permissions(snippet.author) }
+
+ it do
+ is_expected.to include(:read_personal_snippet)
+ is_expected.to include(:comment_personal_snippet)
+ is_expected.to include(*author_permissions)
+ end
+ end
+ end
+
+ context 'private snippet' do
+ let(:snippet) { create(:project_snippet, :private) }
+
+ context 'no user' do
+ subject { permissions(nil) }
+
+ it do
+ is_expected.not_to include(:read_personal_snippet)
+ is_expected.not_to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'regular user' do
+ subject { permissions(regular_user) }
+
+ it do
+ is_expected.not_to include(:read_personal_snippet)
+ is_expected.not_to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'external user' do
+ subject { permissions(external_user) }
+
+ it do
+ is_expected.not_to include(:read_personal_snippet)
+ is_expected.not_to include(:comment_personal_snippet)
+ is_expected.not_to include(*author_permissions)
+ end
+ end
+
+ context 'snippet author' do
+ subject { permissions(snippet.author) }
+
+ it do
+ is_expected.to include(:read_personal_snippet)
+ is_expected.to include(:comment_personal_snippet)
+ is_expected.to include(*author_permissions)
+ end
+ end
+ end
+end