diff options
Diffstat (limited to 'spec/support/shared_contexts')
-rw-r--r-- | spec/support/shared_contexts/policies/project_policy_table_shared_context.rb | 224 |
1 files changed, 214 insertions, 10 deletions
diff --git a/spec/support/shared_contexts/policies/project_policy_table_shared_context.rb b/spec/support/shared_contexts/policies/project_policy_table_shared_context.rb index e666b346b8b..0a918ccde81 100644 --- a/spec/support/shared_contexts/policies/project_policy_table_shared_context.rb +++ b/spec/support/shared_contexts/policies/project_policy_table_shared_context.rb @@ -3,13 +3,28 @@ RSpec.shared_context 'ProjectPolicyTable context' do using RSpec::Parameterized::TableSyntax + let(:pendings) { {} } + let(:pending?) do + pendings.include?( + { + project_level: project_level, + feature_access_level: feature_access_level, + membership: membership, + expected_count: expected_count + } + ) + end + # rubocop:disable Metrics/AbcSize + # project_level, :feature_access_level, :membership, :expected_count def permission_table_for_reporter_feature_access + :public | :enabled | :admin | 1 :public | :enabled | :reporter | 1 :public | :enabled | :guest | 1 :public | :enabled | :non_member | 1 :public | :enabled | :anonymous | 1 + :public | :private | :admin | 1 :public | :private | :reporter | 1 :public | :private | :guest | 0 :public | :private | :non_member | 0 @@ -20,11 +35,13 @@ RSpec.shared_context 'ProjectPolicyTable context' do :public | :disabled | :non_member | 0 :public | :disabled | :anonymous | 0 + :internal | :enabled | :admin | 1 :internal | :enabled | :reporter | 1 :internal | :enabled | :guest | 1 :internal | :enabled | :non_member | 1 :internal | :enabled | :anonymous | 0 + :internal | :private | :admin | 1 :internal | :private | :reporter | 1 :internal | :private | :guest | 0 :internal | :private | :non_member | 0 @@ -35,11 +52,7 @@ RSpec.shared_context 'ProjectPolicyTable context' do :internal | :disabled | :non_member | 0 :internal | :disabled | :anonymous | 0 - :private | :enabled | :reporter | 1 - :private | :enabled | :guest | 1 - :private | :enabled | :non_member | 0 - :private | :enabled | :anonymous | 0 - + :private | :private | :admin | 1 :private | :private | :reporter | 1 :private | :private | :guest | 0 :private | :private | :non_member | 0 @@ -51,12 +64,15 @@ RSpec.shared_context 'ProjectPolicyTable context' do :private | :disabled | :anonymous | 0 end + # project_level, :feature_access_level, :membership, :expected_count def permission_table_for_guest_feature_access + :public | :enabled | :admin | 1 :public | :enabled | :reporter | 1 :public | :enabled | :guest | 1 :public | :enabled | :non_member | 1 :public | :enabled | :anonymous | 1 + :public | :private | :admin | 1 :public | :private | :reporter | 1 :public | :private | :guest | 1 :public | :private | :non_member | 0 @@ -67,11 +83,13 @@ RSpec.shared_context 'ProjectPolicyTable context' do :public | :disabled | :non_member | 0 :public | :disabled | :anonymous | 0 + :internal | :enabled | :admin | 1 :internal | :enabled | :reporter | 1 :internal | :enabled | :guest | 1 :internal | :enabled | :non_member | 1 :internal | :enabled | :anonymous | 0 + :internal | :private | :admin | 1 :internal | :private | :reporter | 1 :internal | :private | :guest | 1 :internal | :private | :non_member | 0 @@ -82,11 +100,7 @@ RSpec.shared_context 'ProjectPolicyTable context' do :internal | :disabled | :non_member | 0 :internal | :disabled | :anonymous | 0 - :private | :enabled | :reporter | 1 - :private | :enabled | :guest | 1 - :private | :enabled | :non_member | 0 - :private | :enabled | :anonymous | 0 - + :private | :private | :admin | 1 :private | :private | :reporter | 1 :private | :private | :guest | 1 :private | :private | :non_member | 0 @@ -98,6 +112,196 @@ RSpec.shared_context 'ProjectPolicyTable context' do :private | :disabled | :anonymous | 0 end + # This table is based on permission_table_for_guest_feature_access, + # but with a slight twist. + # Some features can be hidden away to GUEST, when project is private. + # (see ProjectFeature::PRIVATE_FEATURES_MIN_ACCESS_LEVEL_FOR_PRIVATE_PROJECT) + # This is the table for such features. + # + # e.g. `repository` feature has minimum requirement of GUEST, + # but a GUEST are prohibited from reading code if project is private. + # + # project_level, :feature_access_level, :membership, :expected_count + def permission_table_for_guest_feature_access_and_non_private_project_only + :public | :enabled | :admin | 1 + :public | :enabled | :reporter | 1 + :public | :enabled | :guest | 1 + :public | :enabled | :non_member | 1 + :public | :enabled | :anonymous | 1 + + :public | :private | :admin | 1 + :public | :private | :reporter | 1 + :public | :private | :guest | 1 + :public | :private | :non_member | 0 + :public | :private | :anonymous | 0 + + :public | :disabled | :reporter | 0 + :public | :disabled | :guest | 0 + :public | :disabled | :non_member | 0 + :public | :disabled | :anonymous | 0 + + :internal | :enabled | :admin | 1 + :internal | :enabled | :reporter | 1 + :internal | :enabled | :guest | 1 + :internal | :enabled | :non_member | 1 + :internal | :enabled | :anonymous | 0 + + :internal | :private | :admin | 1 + :internal | :private | :reporter | 1 + :internal | :private | :guest | 1 + :internal | :private | :non_member | 0 + :internal | :private | :anonymous | 0 + + :internal | :disabled | :reporter | 0 + :internal | :disabled | :guest | 0 + :internal | :disabled | :non_member | 0 + :internal | :disabled | :anonymous | 0 + + :private | :private | :admin | 1 + :private | :private | :reporter | 1 + :private | :private | :guest | 0 + :private | :private | :non_member | 0 + :private | :private | :anonymous | 0 + + :private | :disabled | :reporter | 0 + :private | :disabled | :guest | 0 + :private | :disabled | :non_member | 0 + :private | :disabled | :anonymous | 0 + end + + # :project_level, :issues_access_level, :merge_requests_access_level, :membership, :expected_count + def permission_table_for_milestone_access + :public | :enabled | :enabled | :admin | 1 + :public | :enabled | :enabled | :reporter | 1 + :public | :enabled | :enabled | :guest | 1 + :public | :enabled | :enabled | :non_member | 1 + :public | :enabled | :enabled | :anonymous | 1 + + :public | :enabled | :private | :admin | 1 + :public | :enabled | :private | :reporter | 1 + :public | :enabled | :private | :guest | 1 + :public | :enabled | :private | :non_member | 1 + :public | :enabled | :private | :anonymous | 1 + + :public | :enabled | :disabled | :admin | 1 + :public | :enabled | :disabled | :reporter | 1 + :public | :enabled | :disabled | :guest | 1 + :public | :enabled | :disabled | :non_member | 1 + :public | :enabled | :disabled | :anonymous | 1 + + :public | :private | :enabled | :admin | 1 + :public | :private | :enabled | :reporter | 1 + :public | :private | :enabled | :guest | 1 + :public | :private | :enabled | :non_member | 1 + :public | :private | :enabled | :anonymous | 1 + + :public | :private | :private | :admin | 1 + :public | :private | :private | :reporter | 1 + :public | :private | :private | :guest | 1 + :public | :private | :private | :non_member | 0 + :public | :private | :private | :anonymous | 0 + + :public | :private | :disabled | :admin | 1 + :public | :private | :disabled | :reporter | 1 + :public | :private | :disabled | :guest | 1 + :public | :private | :disabled | :non_member | 0 + :public | :private | :disabled | :anonymous | 0 + + :public | :disabled | :enabled | :admin | 1 + :public | :disabled | :enabled | :reporter | 1 + :public | :disabled | :enabled | :guest | 1 + :public | :disabled | :enabled | :non_member | 1 + :public | :disabled | :enabled | :anonymous | 1 + + :public | :disabled | :private | :admin | 1 + :public | :disabled | :private | :reporter | 1 + :public | :disabled | :private | :guest | 0 + :public | :disabled | :private | :non_member | 0 + :public | :disabled | :private | :anonymous | 0 + + :public | :disabled | :disabled | :reporter | 0 + :public | :disabled | :disabled | :guest | 0 + :public | :disabled | :disabled | :non_member | 0 + :public | :disabled | :disabled | :anonymous | 0 + + :internal | :enabled | :enabled | :admin | 1 + :internal | :enabled | :enabled | :reporter | 1 + :internal | :enabled | :enabled | :guest | 1 + :internal | :enabled | :enabled | :non_member | 1 + :internal | :enabled | :enabled | :anonymous | 0 + + :internal | :enabled | :private | :admin | 1 + :internal | :enabled | :private | :reporter | 1 + :internal | :enabled | :private | :guest | 1 + :internal | :enabled | :private | :non_member | 1 + :internal | :enabled | :private | :anonymous | 0 + + :internal | :enabled | :disabled | :admin | 1 + :internal | :enabled | :disabled | :reporter | 1 + :internal | :enabled | :disabled | :guest | 1 + :internal | :enabled | :disabled | :non_member | 1 + :internal | :enabled | :disabled | :anonymous | 0 + + :internal | :private | :enabled | :admin | 1 + :internal | :private | :enabled | :reporter | 1 + :internal | :private | :enabled | :guest | 1 + :internal | :private | :enabled | :non_member | 1 + :internal | :private | :enabled | :anonymous | 0 + + :internal | :private | :private | :admin | 1 + :internal | :private | :private | :reporter | 1 + :internal | :private | :private | :guest | 1 + :internal | :private | :private | :non_member | 0 + :internal | :private | :private | :anonymous | 0 + + :internal | :private | :disabled | :admin | 1 + :internal | :private | :disabled | :reporter | 1 + :internal | :private | :disabled | :guest | 1 + :internal | :private | :disabled | :non_member | 0 + :internal | :private | :disabled | :anonymous | 0 + + :internal | :disabled | :enabled | :admin | 1 + :internal | :disabled | :enabled | :reporter | 1 + :internal | :disabled | :enabled | :guest | 1 + :internal | :disabled | :enabled | :non_member | 1 + :internal | :disabled | :enabled | :anonymous | 0 + + :internal | :disabled | :private | :admin | 1 + :internal | :disabled | :private | :reporter | 1 + :internal | :disabled | :private | :guest | 0 + :internal | :disabled | :private | :non_member | 0 + :internal | :disabled | :private | :anonymous | 0 + + :internal | :disabled | :disabled | :reporter | 0 + :internal | :disabled | :disabled | :guest | 0 + :internal | :disabled | :disabled | :non_member | 0 + :internal | :disabled | :disabled | :anonymous | 0 + + :private | :private | :private | :admin | 1 + :private | :private | :private | :reporter | 1 + :private | :private | :private | :guest | 1 + :private | :private | :private | :non_member | 0 + :private | :private | :private | :anonymous | 0 + + :private | :private | :disabled | :admin | 1 + :private | :private | :disabled | :reporter | 1 + :private | :private | :disabled | :guest | 1 + :private | :private | :disabled | :non_member | 0 + :private | :private | :disabled | :anonymous | 0 + + :private | :disabled | :private | :admin | 1 + :private | :disabled | :private | :reporter | 1 + :private | :disabled | :private | :guest | 0 + :private | :disabled | :private | :non_member | 0 + :private | :disabled | :private | :anonymous | 0 + + :private | :disabled | :disabled | :reporter | 0 + :private | :disabled | :disabled | :guest | 0 + :private | :disabled | :disabled | :non_member | 0 + :private | :disabled | :disabled | :anonymous | 0 + end + + # :project_level, :membership, :expected_count def permission_table_for_project_access :public | :reporter | 1 :public | :guest | 1 |