summaryrefslogtreecommitdiff
path: root/spec/features/security
Commit message (Collapse)AuthorAgeFilesLines
* Rename allow_guest_to_access_builds to public_buildsKamil Trzcinski2016-02-041-0/+54
|
* Fixed Rubocop offensesGabriel Mazetto2015-12-151-2/+2
|
* Merge branch 'public_profiles' into 'master'Dmitriy Zaporozhets2015-09-141-3/+3
|\ | | | | | | | | | | | | | | | | | | Make all group public https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/1219# Internal issue - https://dev.gitlab.org/gitlab/gitlabhq/issues/1361 See merge request !1247
| * Fix tests for group accessDmitriy Zaporozhets2015-09-141-6/+6
| |
| * Make all group publicValery Sizov2015-09-091-9/+9
| |
* | Fix help access specDouwe Maan2015-09-091-1/+1
| |
* | Use new routing helperDouwe Maan2015-09-081-1/+1
|/
* Change before(:all) -> let! to avoid leaking data across testsStan Hu2015-07-281-15/+15
| | | | Closes https://github.com/gitlabhq/gitlabhq/issues/9495
* Move spec/features/admin/security_spec to spec/features/securityrs-security-spec-speedRobert Speicher2015-07-221-0/+29
|
* Consolidate group access specs into one fileRobert Speicher2015-07-225-353/+284
|
* Remove redundant Profile access test casesRobert Speicher2015-07-221-9/+0
| | | | | | The user being created was no different than what `be_allowed_for` was doing behind the scenes so we were essentially testing all user-level accesses twice.
* Remove be_not_found_for matcherRobert Speicher2015-07-221-5/+0
| | | | It was only used in one test, and the test was kind of redundant.
* Move access-related matchers to their own moduleRobert Speicher2015-07-229-1/+18
|
* Audit log for user authenticationValery Sizov2015-07-061-2/+2
|
* Reporter role can manage issue tracker nowreporter-manage-issuesDmitriy Zaporozhets2015-06-303-0/+36
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Update spec/features/security specsRobert Speicher2015-06-221-1/+1
|
* Add Profiles::PreferencesControllerRobert Speicher2015-06-131-2/+2
|
* Move group members index from `/members` to `/group_members`.Douwe Maan2015-03-154-8/+8
|
* Move project members index from `/team` to `/project_members`Douwe Maan2015-03-153-6/+6
|
* Rename dashboard landing page to Your projectsDmitriy Zaporozhets2015-03-101-2/+2
|
* Move Profile groups tests to Dashboard group testsDmitriy Zaporozhets2015-03-082-59/+56
|
* Upgrade to Rails 4.1.9Vinnie Okada2015-02-143-49/+49
| | | | | | Make the following changes to deal with new behavior in Rails 4.1.2: * Use nested resources to avoid slashes in arguments to path helpers.
* Updated rspec to rspec 3.x syntaxJeroen van Baarsen2015-02-129-503/+512
| | | | Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com>
* Fix security testsDmitriy Zaporozhets2014-09-253-3/+3
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Delete wall notes testsDmitriy Zaporozhets2014-06-133-33/+0
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Fix group projects fetchDmitriy Zaporozhets2014-05-291-0/+12
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Fix specs. Fix note form reset after submitDmitriy Zaporozhets2014-05-243-33/+0
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Split feature tests out to different build jobJeroen van Baarsen2014-04-139-9/+9
|
* Make use of project factory traitsRobert Speicher2014-03-194-10/+5
|
* Dont test models methods in security specsDmitriy Zaporozhets2014-02-254-22/+2
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Allow access to groups with public projects.Jason Hollingsworth2014-02-204-0/+268
| | | | | Fixed Group avatars to only display when user has read permissions to at least one project in the group.
* Make changes to testsDmitriy Zaporozhets2014-01-223-3/+3
| | | | | | | * project_with_code -> project * project -> ermpty_project Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Adding authenticated public mode (internal).Jason Hollingsworth2013-11-263-1/+258
| | | | | | Added visibility_level icons to project view (rather than just text). Added public projects to search results. Added ability to restrict visibility levels standard users can set.
* Fix profile specsDmitriy Zaporozhets2013-10-091-1/+1
|
* Ignore owner_id for Group in testsDmitriy Zaporozhets2013-09-261-5/+7
|
* Extend profile security specsDmitriy Zaporozhets2013-09-251-0/+27
|
* Dashboard security specsDmitriy Zaporozhets2013-09-251-0/+55
|
* Public/Private projects security specsDmitriy Zaporozhets2013-09-253-474/+469
|
* Group security testsDmitriy Zaporozhets2013-09-251-0/+83
|
* Merge branch 'master' into karlhungus-mr-on-forkDmitriy Zaporozhets2013-08-081-8/+8
|\ | | | | | | | | | | | | | | | | | | | | Conflicts: app/contexts/filter_context.rb app/contexts/search_context.rb app/models/merge_request.rb app/models/note.rb app/views/shared/_merge_requests.html.haml spec/controllers/commit_controller_spec.rb spec/services/notification_service_spec.rb
| * Fix testsDmitriy Zaporozhets2013-08-051-8/+8
| |
* | Style changes from review with @randxIzaak Alpert2013-07-171-1/+0
| | | | | | | | | | | | -Some changes around calling origional methods for !for_fork? merge requests. Other changes to follow Change-Id: I009c716ce2475b9efa3fd07aee9215fca7a1c150
* | Merge Request on forked projectsIzaak Alpert2013-07-171-9/+10
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The good: - You can do a merge request for a forked commit and it will merge properly (i.e. it does work). - Push events take into account merge requests on forked projects - Tests around merge_actions now present, spinach, and other rspec tests - Satellites now clean themselves up rather then recreate The questionable: - Events only know about target projects - Project's merge requests only hold on to MR's where they are the target - All operations performed in the satellite The bad: - Duplication between project's repositories and satellites (e.g. commits_between) (for reference: http://feedback.gitlab.com/forums/176466-general/suggestions/3456722-merge-requests-between-projects-repos) Fixes: Make test repos/satellites only create when needed -Spinach/Rspec now only initialize test directory, and setup stubs (things that are relatively cheap) -project_with_code, source_project_with_code, and target_project_with_code now create/destroy their repos individually -fixed remote removal -How to merge renders properly -Update emails to show project/branches -Edit MR doesn't set target branch -Fix some failures on editing/creating merge requests, added a test -Added back a test around merge request observer -Clean up project_transfer_spec, Remove duplicate enable/disable observers -Ensure satellite lock files are cleaned up, Attempted to add some testing around these as well -Signifant speed ups for tests -Update formatting ordering in notes_on_merge_requests -Remove wiki schema update Fixes for search/search results -Search results was using by_project for a list of projects, updated this to use in_projects -updated search results to reference the correct (target) project -udpated search results to print both sides of the merge request Change-Id: I19407990a0950945cc95d62089cbcc6262dab1a8
* update tests with new routingDmitriy Zaporozhets2013-07-161-2/+2
|
* Fix tests and tab highlightDmitriy Zaporozhets2013-07-161-2/+2
|
* Fix profile emails with new key routeDmitriy Zaporozhets2013-06-241-2/+2
|
* Fix internally public projects testsStephen Lottermoser2013-05-021-4/+4
| | | | Takes into account 98bea4b1ff and 3b88636d3c.
* Internally public projectsStephen Lottermoser2013-05-021-0/+242
| | | | | | | | | | | | | | | | | | | Public projects listed in the public section will be linked to the actual project's page. Public projects now give any user Guest permissions to the project, allowing them to download the code, read and create issues, and view anything else in the project's pages. Ample access tests have been added to the project_access_spec to verify correct permissions and behavior on public projects. - Visitors to the site who are not logged in still cannot view the project's pages. - Logged-in users visiting a public project where they are not a team member can create issues, but not snippets. They can view the projects code, issues, merge requests, etc, just as if they were a Guest member of the project. - Since this is a public project, the user is also granted :download_code permissions, a permission normally reserved for Reporters, since they can clone the repo anyways and browse commits and branches locally.
* fix testsDmitriy Zaporozhets2013-04-011-1/+1
|
* Updatev security tests since admin is a superuser now. Has access to any projectDmitriy Zaporozhets2013-03-251-17/+17
|
View Lorry Controller Status