1 files changed, 33 insertions, 0 deletions

diff --git a/spec/support/shared_contexts/security_and_compliance_permissions_shared_context.rb b/spec/support/shared_contexts/security_and_compliance_permissions_shared_context.rb
new file mode 100644
index 00000000000..dc5195e4b01
--- /dev/null
+++ b/spec/support/shared_contexts/security_and_compliance_permissions_shared_context.rb
@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+RSpec.shared_context '"Security & Compliance" permissions' do
+  let(:project_instance) { an_instance_of(Project) }
+  let(:user_instance) { an_instance_of(User) }
+  let(:before_request_defined) { false }
+  let(:valid_request) {}
+
+  def self.before_request(&block)
+    return unless block
+
+    let(:before_request_call) { instance_exec(&block) }
+    let(:before_request_defined) { true }
+  end
+
+  before do
+    allow(Ability).to receive(:allowed?).and_call_original
+    allow(Ability).to receive(:allowed?).with(user_instance, :access_security_and_compliance, project_instance).and_return(true)
+  end
+
+  context 'when the "Security & Compliance" feature is disabled' do
+    subject { response }
+
+    before do
+      before_request_call if before_request_defined
+
+      allow(Ability).to receive(:allowed?).with(user_instance, :access_security_and_compliance, project_instance).and_return(false)
+      valid_request
+    end
+
+    it { is_expected.to have_gitlab_http_status(:not_found) }
+  end
+end