summaryrefslogtreecommitdiff
path: root/spec/support/shared_contexts/policies/project_policy_table_shared_context.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/support/shared_contexts/policies/project_policy_table_shared_context.rb')
-rw-r--r--spec/support/shared_contexts/policies/project_policy_table_shared_context.rb224
1 files changed, 214 insertions, 10 deletions
diff --git a/spec/support/shared_contexts/policies/project_policy_table_shared_context.rb b/spec/support/shared_contexts/policies/project_policy_table_shared_context.rb
index e666b346b8b..0a918ccde81 100644
--- a/spec/support/shared_contexts/policies/project_policy_table_shared_context.rb
+++ b/spec/support/shared_contexts/policies/project_policy_table_shared_context.rb
@@ -3,13 +3,28 @@
RSpec.shared_context 'ProjectPolicyTable context' do
using RSpec::Parameterized::TableSyntax
+ let(:pendings) { {} }
+ let(:pending?) do
+ pendings.include?(
+ {
+ project_level: project_level,
+ feature_access_level: feature_access_level,
+ membership: membership,
+ expected_count: expected_count
+ }
+ )
+ end
+
# rubocop:disable Metrics/AbcSize
+ # project_level, :feature_access_level, :membership, :expected_count
def permission_table_for_reporter_feature_access
+ :public | :enabled | :admin | 1
:public | :enabled | :reporter | 1
:public | :enabled | :guest | 1
:public | :enabled | :non_member | 1
:public | :enabled | :anonymous | 1
+ :public | :private | :admin | 1
:public | :private | :reporter | 1
:public | :private | :guest | 0
:public | :private | :non_member | 0
@@ -20,11 +35,13 @@ RSpec.shared_context 'ProjectPolicyTable context' do
:public | :disabled | :non_member | 0
:public | :disabled | :anonymous | 0
+ :internal | :enabled | :admin | 1
:internal | :enabled | :reporter | 1
:internal | :enabled | :guest | 1
:internal | :enabled | :non_member | 1
:internal | :enabled | :anonymous | 0
+ :internal | :private | :admin | 1
:internal | :private | :reporter | 1
:internal | :private | :guest | 0
:internal | :private | :non_member | 0
@@ -35,11 +52,7 @@ RSpec.shared_context 'ProjectPolicyTable context' do
:internal | :disabled | :non_member | 0
:internal | :disabled | :anonymous | 0
- :private | :enabled | :reporter | 1
- :private | :enabled | :guest | 1
- :private | :enabled | :non_member | 0
- :private | :enabled | :anonymous | 0
-
+ :private | :private | :admin | 1
:private | :private | :reporter | 1
:private | :private | :guest | 0
:private | :private | :non_member | 0
@@ -51,12 +64,15 @@ RSpec.shared_context 'ProjectPolicyTable context' do
:private | :disabled | :anonymous | 0
end
+ # project_level, :feature_access_level, :membership, :expected_count
def permission_table_for_guest_feature_access
+ :public | :enabled | :admin | 1
:public | :enabled | :reporter | 1
:public | :enabled | :guest | 1
:public | :enabled | :non_member | 1
:public | :enabled | :anonymous | 1
+ :public | :private | :admin | 1
:public | :private | :reporter | 1
:public | :private | :guest | 1
:public | :private | :non_member | 0
@@ -67,11 +83,13 @@ RSpec.shared_context 'ProjectPolicyTable context' do
:public | :disabled | :non_member | 0
:public | :disabled | :anonymous | 0
+ :internal | :enabled | :admin | 1
:internal | :enabled | :reporter | 1
:internal | :enabled | :guest | 1
:internal | :enabled | :non_member | 1
:internal | :enabled | :anonymous | 0
+ :internal | :private | :admin | 1
:internal | :private | :reporter | 1
:internal | :private | :guest | 1
:internal | :private | :non_member | 0
@@ -82,11 +100,7 @@ RSpec.shared_context 'ProjectPolicyTable context' do
:internal | :disabled | :non_member | 0
:internal | :disabled | :anonymous | 0
- :private | :enabled | :reporter | 1
- :private | :enabled | :guest | 1
- :private | :enabled | :non_member | 0
- :private | :enabled | :anonymous | 0
-
+ :private | :private | :admin | 1
:private | :private | :reporter | 1
:private | :private | :guest | 1
:private | :private | :non_member | 0
@@ -98,6 +112,196 @@ RSpec.shared_context 'ProjectPolicyTable context' do
:private | :disabled | :anonymous | 0
end
+ # This table is based on permission_table_for_guest_feature_access,
+ # but with a slight twist.
+ # Some features can be hidden away to GUEST, when project is private.
+ # (see ProjectFeature::PRIVATE_FEATURES_MIN_ACCESS_LEVEL_FOR_PRIVATE_PROJECT)
+ # This is the table for such features.
+ #
+ # e.g. `repository` feature has minimum requirement of GUEST,
+ # but a GUEST are prohibited from reading code if project is private.
+ #
+ # project_level, :feature_access_level, :membership, :expected_count
+ def permission_table_for_guest_feature_access_and_non_private_project_only
+ :public | :enabled | :admin | 1
+ :public | :enabled | :reporter | 1
+ :public | :enabled | :guest | 1
+ :public | :enabled | :non_member | 1
+ :public | :enabled | :anonymous | 1
+
+ :public | :private | :admin | 1
+ :public | :private | :reporter | 1
+ :public | :private | :guest | 1
+ :public | :private | :non_member | 0
+ :public | :private | :anonymous | 0
+
+ :public | :disabled | :reporter | 0
+ :public | :disabled | :guest | 0
+ :public | :disabled | :non_member | 0
+ :public | :disabled | :anonymous | 0
+
+ :internal | :enabled | :admin | 1
+ :internal | :enabled | :reporter | 1
+ :internal | :enabled | :guest | 1
+ :internal | :enabled | :non_member | 1
+ :internal | :enabled | :anonymous | 0
+
+ :internal | :private | :admin | 1
+ :internal | :private | :reporter | 1
+ :internal | :private | :guest | 1
+ :internal | :private | :non_member | 0
+ :internal | :private | :anonymous | 0
+
+ :internal | :disabled | :reporter | 0
+ :internal | :disabled | :guest | 0
+ :internal | :disabled | :non_member | 0
+ :internal | :disabled | :anonymous | 0
+
+ :private | :private | :admin | 1
+ :private | :private | :reporter | 1
+ :private | :private | :guest | 0
+ :private | :private | :non_member | 0
+ :private | :private | :anonymous | 0
+
+ :private | :disabled | :reporter | 0
+ :private | :disabled | :guest | 0
+ :private | :disabled | :non_member | 0
+ :private | :disabled | :anonymous | 0
+ end
+
+ # :project_level, :issues_access_level, :merge_requests_access_level, :membership, :expected_count
+ def permission_table_for_milestone_access
+ :public | :enabled | :enabled | :admin | 1
+ :public | :enabled | :enabled | :reporter | 1
+ :public | :enabled | :enabled | :guest | 1
+ :public | :enabled | :enabled | :non_member | 1
+ :public | :enabled | :enabled | :anonymous | 1
+
+ :public | :enabled | :private | :admin | 1
+ :public | :enabled | :private | :reporter | 1
+ :public | :enabled | :private | :guest | 1
+ :public | :enabled | :private | :non_member | 1
+ :public | :enabled | :private | :anonymous | 1
+
+ :public | :enabled | :disabled | :admin | 1
+ :public | :enabled | :disabled | :reporter | 1
+ :public | :enabled | :disabled | :guest | 1
+ :public | :enabled | :disabled | :non_member | 1
+ :public | :enabled | :disabled | :anonymous | 1
+
+ :public | :private | :enabled | :admin | 1
+ :public | :private | :enabled | :reporter | 1
+ :public | :private | :enabled | :guest | 1
+ :public | :private | :enabled | :non_member | 1
+ :public | :private | :enabled | :anonymous | 1
+
+ :public | :private | :private | :admin | 1
+ :public | :private | :private | :reporter | 1
+ :public | :private | :private | :guest | 1
+ :public | :private | :private | :non_member | 0
+ :public | :private | :private | :anonymous | 0
+
+ :public | :private | :disabled | :admin | 1
+ :public | :private | :disabled | :reporter | 1
+ :public | :private | :disabled | :guest | 1
+ :public | :private | :disabled | :non_member | 0
+ :public | :private | :disabled | :anonymous | 0
+
+ :public | :disabled | :enabled | :admin | 1
+ :public | :disabled | :enabled | :reporter | 1
+ :public | :disabled | :enabled | :guest | 1
+ :public | :disabled | :enabled | :non_member | 1
+ :public | :disabled | :enabled | :anonymous | 1
+
+ :public | :disabled | :private | :admin | 1
+ :public | :disabled | :private | :reporter | 1
+ :public | :disabled | :private | :guest | 0
+ :public | :disabled | :private | :non_member | 0
+ :public | :disabled | :private | :anonymous | 0
+
+ :public | :disabled | :disabled | :reporter | 0
+ :public | :disabled | :disabled | :guest | 0
+ :public | :disabled | :disabled | :non_member | 0
+ :public | :disabled | :disabled | :anonymous | 0
+
+ :internal | :enabled | :enabled | :admin | 1
+ :internal | :enabled | :enabled | :reporter | 1
+ :internal | :enabled | :enabled | :guest | 1
+ :internal | :enabled | :enabled | :non_member | 1
+ :internal | :enabled | :enabled | :anonymous | 0
+
+ :internal | :enabled | :private | :admin | 1
+ :internal | :enabled | :private | :reporter | 1
+ :internal | :enabled | :private | :guest | 1
+ :internal | :enabled | :private | :non_member | 1
+ :internal | :enabled | :private | :anonymous | 0
+
+ :internal | :enabled | :disabled | :admin | 1
+ :internal | :enabled | :disabled | :reporter | 1
+ :internal | :enabled | :disabled | :guest | 1
+ :internal | :enabled | :disabled | :non_member | 1
+ :internal | :enabled | :disabled | :anonymous | 0
+
+ :internal | :private | :enabled | :admin | 1
+ :internal | :private | :enabled | :reporter | 1
+ :internal | :private | :enabled | :guest | 1
+ :internal | :private | :enabled | :non_member | 1
+ :internal | :private | :enabled | :anonymous | 0
+
+ :internal | :private | :private | :admin | 1
+ :internal | :private | :private | :reporter | 1
+ :internal | :private | :private | :guest | 1
+ :internal | :private | :private | :non_member | 0
+ :internal | :private | :private | :anonymous | 0
+
+ :internal | :private | :disabled | :admin | 1
+ :internal | :private | :disabled | :reporter | 1
+ :internal | :private | :disabled | :guest | 1
+ :internal | :private | :disabled | :non_member | 0
+ :internal | :private | :disabled | :anonymous | 0
+
+ :internal | :disabled | :enabled | :admin | 1
+ :internal | :disabled | :enabled | :reporter | 1
+ :internal | :disabled | :enabled | :guest | 1
+ :internal | :disabled | :enabled | :non_member | 1
+ :internal | :disabled | :enabled | :anonymous | 0
+
+ :internal | :disabled | :private | :admin | 1
+ :internal | :disabled | :private | :reporter | 1
+ :internal | :disabled | :private | :guest | 0
+ :internal | :disabled | :private | :non_member | 0
+ :internal | :disabled | :private | :anonymous | 0
+
+ :internal | :disabled | :disabled | :reporter | 0
+ :internal | :disabled | :disabled | :guest | 0
+ :internal | :disabled | :disabled | :non_member | 0
+ :internal | :disabled | :disabled | :anonymous | 0
+
+ :private | :private | :private | :admin | 1
+ :private | :private | :private | :reporter | 1
+ :private | :private | :private | :guest | 1
+ :private | :private | :private | :non_member | 0
+ :private | :private | :private | :anonymous | 0
+
+ :private | :private | :disabled | :admin | 1
+ :private | :private | :disabled | :reporter | 1
+ :private | :private | :disabled | :guest | 1
+ :private | :private | :disabled | :non_member | 0
+ :private | :private | :disabled | :anonymous | 0
+
+ :private | :disabled | :private | :admin | 1
+ :private | :disabled | :private | :reporter | 1
+ :private | :disabled | :private | :guest | 0
+ :private | :disabled | :private | :non_member | 0
+ :private | :disabled | :private | :anonymous | 0
+
+ :private | :disabled | :disabled | :reporter | 0
+ :private | :disabled | :disabled | :guest | 0
+ :private | :disabled | :disabled | :non_member | 0
+ :private | :disabled | :disabled | :anonymous | 0
+ end
+
+ # :project_level, :membership, :expected_count
def permission_table_for_project_access
:public | :reporter | 1
:public | :guest | 1
View Lorry Controller Status