spec/support/shared_contexts/policies/group_policy_shared_context.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94

# frozen_string_literal: true

RSpec.shared_context 'GroupPolicy context' do
  let_it_be(:guest) { create(:user) }
  let_it_be(:reporter) { create(:user) }
  let_it_be(:developer) { create(:user) }
  let_it_be(:maintainer) { create(:user) }
  let_it_be(:owner) { create(:user) }
  let_it_be(:admin) { create(:admin) }
  let_it_be(:non_group_member) { create(:user) }
  let_it_be(:group, refind: true) { create(:group, :private, :owner_subgroup_creation_only, :crm_enabled) }

  let(:public_permissions) do
    %i[
      read_group read_counts
      read_label read_issue_board_list read_milestone read_issue_board
    ]
  end

  let(:guest_permissions) do
    %i[
      read_label read_group upload_file read_namespace read_group_activity
      read_group_issues read_group_boards read_group_labels read_group_milestones
      read_group_merge_requests
    ]
  end

  let(:reporter_permissions) do
    %i[
      admin_label
      admin_milestone
      admin_issue_board
      read_container_image
      read_harbor_registry
      read_metrics_dashboard_annotation
      read_prometheus
      read_crm_contact
      read_crm_organization
    ]
  end

  let(:developer_permissions) do
    %i[
      create_metrics_dashboard_annotation
      delete_metrics_dashboard_annotation
      update_metrics_dashboard_annotation
      create_custom_emoji
      create_package
      read_cluster
    ]
  end

  let(:maintainer_permissions) do
    %i[
      destroy_package
      admin_package
      create_projects
      create_cluster update_cluster admin_cluster add_cluster
      destroy_upload
    ]
  end

  let(:owner_permissions) do
    %i[
      owner_access
      admin_group
      admin_namespace
      admin_group_member
      change_visibility_level
      set_note_created_at
      create_subgroup
      read_statistics
      update_default_branch_protection
      read_group_runners
      admin_group_runners
      register_group_runners
      read_billing
      edit_billing
      admin_member_access_request
    ]
  end

  let(:admin_permissions) { %i[read_confidential_issues] }

  before_all do
    group.add_guest(guest)
    group.add_reporter(reporter)
    group.add_developer(developer)
    group.add_maintainer(maintainer)
    group.add_owner(owner)
  end

  subject { described_class.new(current_user, group) }
end