blob: decddfde89a9189f1046c7aa25c16696942636b7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
require 'spec_helper'
describe ProtectedBranchPolicy do
let(:user) { create(:user) }
let(:name) { 'feature' }
let(:protected_branch) { create(:protected_branch, name: name) }
let(:project) { protected_branch.project }
subject { described_class.new(user, protected_branch) }
context 'when unprotection restriction feature is disabled' do
it "branches can't be updated by guests" do
project.add_guest(user)
is_expected.to be_disallowed(:update_protected_branch)
end
it 'branches can be updated via access to project settings' do
project.add_master(user)
is_expected.to be_allowed(:update_protected_branch)
end
end
context 'when unprotection restriction feature is enabled' do
before do
# stub_licensed_features(unprotection_restrictions: true)
end
context 'and unprotection is limited to admins' do #TODO: remove this is temporary exploration
before do
stub_application_setting(only_admins_can_unprotect_master_branch: true)
end
context 'and the protection is for master' do
let(:name) { 'master' }
it 'project owners cannot remove protections' do
project.add_master(user)
is_expected.not_to be_allowed(:update_protected_branch)
end
it 'admins can remove protections' do
user.update!(admin: true)
is_expected.to be_allowed(:update_protected_branch)
end
end
context "and the protection isn't for master" do
it 'project owners can remove protections' do
project.add_master(user)
is_expected.to be_allowed(:update_protected_branch)
end
end
end
end
end
|
