Commit 13ad9a74 authored by Robert Speicher's avatar Robert Speicher

Speed up Project security access specs

Prior, every single test was creating four `ProjectMember` objects, each
of which created one `User` record, even though each test only used
_one_ of those Users, if any.

Now each test only creates the single user record it needs, if it needs
one. This shaves minutes off of each spec file changed here.
parent eff24047
...@@ -5,19 +5,6 @@ describe "Internal Project Access", feature: true do ...@@ -5,19 +5,6 @@ describe "Internal Project Access", feature: true do
let(:project) { create(:project, :internal) } let(:project) { create(:project, :internal) }
let(:owner) { project.owner }
let(:master) { create(:user) }
let(:developer) { create(:user) }
let(:reporter) { create(:user) }
let(:guest) { create(:user) }
before do
project.team << [master, :master]
project.team << [developer, :developer]
project.team << [reporter, :reporter]
project.team << [guest, :guest]
end
describe "Project should be internal" do describe "Project should be internal" do
describe '#internal?' do describe '#internal?' do
subject { project.internal? } subject { project.internal? }
...@@ -28,213 +15,213 @@ describe "Internal Project Access", feature: true do ...@@ -28,213 +15,213 @@ describe "Internal Project Access", feature: true do
describe "GET /:project_path" do describe "GET /:project_path" do
subject { namespace_project_path(project.namespace, project) } subject { namespace_project_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/tree/master" do describe "GET /:project_path/tree/master" do
subject { namespace_project_tree_path(project.namespace, project, project.repository.root_ref) } subject { namespace_project_tree_path(project.namespace, project, project.repository.root_ref) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/commits/master" do describe "GET /:project_path/commits/master" do
subject { namespace_project_commits_path(project.namespace, project, project.repository.root_ref, limit: 1) } subject { namespace_project_commits_path(project.namespace, project, project.repository.root_ref, limit: 1) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/commit/:sha" do describe "GET /:project_path/commit/:sha" do
subject { namespace_project_commit_path(project.namespace, project, project.repository.commit) } subject { namespace_project_commit_path(project.namespace, project, project.repository.commit) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/compare" do describe "GET /:project_path/compare" do
subject { namespace_project_compare_index_path(project.namespace, project) } subject { namespace_project_compare_index_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/project_members" do describe "GET /:project_path/project_members" do
subject { namespace_project_project_members_path(project.namespace, project) } subject { namespace_project_project_members_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
end end
describe "GET /:project_path/blob" do describe "GET /:project_path/blob" do
let(:commit) { project.repository.commit } let(:commit) { project.repository.commit }
subject { namespace_project_blob_path(project.namespace, project, File.join(commit.id, '.gitignore')) } subject { namespace_project_blob_path(project.namespace, project, File.join(commit.id, '.gitignore')) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/edit" do describe "GET /:project_path/edit" do
subject { edit_namespace_project_path(project.namespace, project) } subject { edit_namespace_project_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_denied_for developer } it { is_expected.to be_denied_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/deploy_keys" do describe "GET /:project_path/deploy_keys" do
subject { namespace_project_deploy_keys_path(project.namespace, project) } subject { namespace_project_deploy_keys_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_denied_for developer } it { is_expected.to be_denied_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/issues" do describe "GET /:project_path/issues" do
subject { namespace_project_issues_path(project.namespace, project) } subject { namespace_project_issues_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/issues/:id/edit" do describe "GET /:project_path/issues/:id/edit" do
let(:issue) { create(:issue, project: project) } let(:issue) { create(:issue, project: project) }
subject { edit_namespace_project_issue_path(project.namespace, project, issue) } subject { edit_namespace_project_issue_path(project.namespace, project, issue) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/snippets" do describe "GET /:project_path/snippets" do
subject { namespace_project_snippets_path(project.namespace, project) } subject { namespace_project_snippets_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/snippets/new" do describe "GET /:project_path/snippets/new" do
subject { new_namespace_project_snippet_path(project.namespace, project) } subject { new_namespace_project_snippet_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/merge_requests" do describe "GET /:project_path/merge_requests" do
subject { namespace_project_merge_requests_path(project.namespace, project) } subject { namespace_project_merge_requests_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/merge_requests/new" do describe "GET /:project_path/merge_requests/new" do
subject { new_namespace_project_merge_request_path(project.namespace, project) } subject { new_namespace_project_merge_request_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/branches" do describe "GET /:project_path/branches" do
...@@ -245,15 +232,15 @@ describe "Internal Project Access", feature: true do ...@@ -245,15 +232,15 @@ describe "Internal Project Access", feature: true do
allow_any_instance_of(Project).to receive(:branches).and_return([]) allow_any_instance_of(Project).to receive(:branches).and_return([])
end end
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/tags" do describe "GET /:project_path/tags" do
...@@ -264,58 +251,58 @@ describe "Internal Project Access", feature: true do ...@@ -264,58 +251,58 @@ describe "Internal Project Access", feature: true do
allow_any_instance_of(Project).to receive(:tags).and_return([]) allow_any_instance_of(Project).to receive(:tags).and_return([])
end end
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/hooks" do describe "GET /:project_path/hooks" do
subject { namespace_project_hooks_path(project.namespace, project) } subject { namespace_project_hooks_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_denied_for developer } it { is_expected.to be_denied_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/pipelines" do describe "GET /:project_path/pipelines" do
subject { namespace_project_pipelines_path(project.namespace, project) } subject { namespace_project_pipelines_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/pipelines/:id" do describe "GET /:project_path/pipelines/:id" do
let(:pipeline) { create(:ci_pipeline, project: project) } let(:pipeline) { create(:ci_pipeline, project: project) }
subject { namespace_project_pipeline_path(project.namespace, project, pipeline) } subject { namespace_project_pipeline_path(project.namespace, project, pipeline) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/builds" do describe "GET /:project_path/builds" do
...@@ -324,29 +311,29 @@ describe "Internal Project Access", feature: true do ...@@ -324,29 +311,29 @@ describe "Internal Project Access", feature: true do
context "when allowed for public and internal" do context "when allowed for public and internal" do
before { project.update(public_builds: true) } before { project.update(public_builds: true) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
context "when disallowed for public and internal" do context "when disallowed for public and internal" do
before { project.update(public_builds: false) } before { project.update(public_builds: false) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
end end
...@@ -358,73 +345,73 @@ describe "Internal Project Access", feature: true do ...@@ -358,73 +345,73 @@ describe "Internal Project Access", feature: true do
context "when allowed for public and internal" do context "when allowed for public and internal" do
before { project.update(public_builds: true) } before { project.update(public_builds: true) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
context "when disallowed for public and internal" do context "when disallowed for public and internal" do
before { project.update(public_builds: false) } before { project.update(public_builds: false) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
end end
describe "GET /:project_path/environments" do describe "GET /:project_path/environments" do
subject { namespace_project_environments_path(project.namespace, project) } subject { namespace_project_environments_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/environments/:id" do describe "GET /:project_path/environments/:id" do
let(:environment) { create(:environment, project: project) } let(:environment) { create(:environment, project: project) }
subject { namespace_project_environment_path(project.namespace, project, environment) } subject { namespace_project_environment_path(project.namespace, project, environment) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/environments/new" do describe "GET /:project_path/environments/new" do
subject { new_namespace_project_environment_path(project.namespace, project) } subject { new_namespace_project_environment_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/container_registry" do describe "GET /:project_path/container_registry" do
...@@ -435,14 +422,14 @@ describe "Internal Project Access", feature: true do ...@@ -435,14 +422,14 @@ describe "Internal Project Access", feature: true do
subject { namespace_project_container_registry_index_path(project.namespace, project) } subject { namespace_project_container_registry_index_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
end end
...@@ -5,19 +5,6 @@ describe "Private Project Access", feature: true do ...@@ -5,19 +5,6 @@ describe "Private Project Access", feature: true do
let(:project) { create(:project, :private) } let(:project) { create(:project, :private) }
let(:owner) { project.owner }
let(:master) { create(:user) }
let(:developer) { create(:user) }
let(:reporter) { create(:user) }
let(:guest) { create(:user) }
before do
project.team << [master, :master]
project.team << [developer, :developer]
project.team << [reporter, :reporter]
project.team << [guest, :guest]
end
describe "Project should be private" do describe "Project should be private" do
describe '#private?' do describe '#private?' do
subject { project.private? } subject { project.private? }
...@@ -28,185 +15,185 @@ describe "Private Project Access", feature: true do ...@@ -28,185 +15,185 @@ describe "Private Project Access", feature: true do
describe "GET /:project_path" do describe "GET /:project_path" do
subject { namespace_project_path(project.namespace, project) } subject { namespace_project_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/tree/master" do describe "GET /:project_path/tree/master" do
subject { namespace_project_tree_path(project.namespace, project, project.repository.root_ref) } subject { namespace_project_tree_path(project.namespace, project, project.repository.root_ref) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/commits/master" do describe "GET /:project_path/commits/master" do
subject { namespace_project_commits_path(project.namespace, project, project.repository.root_ref, limit: 1) } subject { namespace_project_commits_path(project.namespace, project, project.repository.root_ref, limit: 1) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/commit/:sha" do describe "GET /:project_path/commit/:sha" do
subject { namespace_project_commit_path(project.namespace, project, project.repository.commit) } subject { namespace_project_commit_path(project.namespace, project, project.repository.commit) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/compare" do describe "GET /:project_path/compare" do
subject { namespace_project_compare_index_path(project.namespace, project) } subject { namespace_project_compare_index_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/project_members" do describe "GET /:project_path/project_members" do
subject { namespace_project_project_members_path(project.namespace, project) } subject { namespace_project_project_members_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/blob" do describe "GET /:project_path/blob" do
let(:commit) { project.repository.commit } let(:commit) { project.repository.commit }
subject { namespace_project_blob_path(project.namespace, project, File.join(commit.id, '.gitignore'))} subject { namespace_project_blob_path(project.namespace, project, File.join(commit.id, '.gitignore'))}
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/edit" do describe "GET /:project_path/edit" do
subject { edit_namespace_project_path(project.namespace, project) } subject { edit_namespace_project_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_denied_for developer } it { is_expected.to be_denied_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/deploy_keys" do describe "GET /:project_path/deploy_keys" do
subject { namespace_project_deploy_keys_path(project.namespace, project) } subject { namespace_project_deploy_keys_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_denied_for developer } it { is_expected.to be_denied_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/issues" do describe "GET /:project_path/issues" do
subject { namespace_project_issues_path(project.namespace, project) } subject { namespace_project_issues_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/issues/:id/edit" do describe "GET /:project_path/issues/:id/edit" do
let(:issue) { create(:issue, project: project) } let(:issue) { create(:issue, project: project) }
subject { edit_namespace_project_issue_path(project.namespace, project, issue) } subject { edit_namespace_project_issue_path(project.namespace, project, issue) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/snippets" do describe "GET /:project_path/snippets" do
subject { namespace_project_snippets_path(project.namespace, project) } subject { namespace_project_snippets_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/merge_requests" do describe "GET /:project_path/merge_requests" do
subject { namespace_project_merge_requests_path(project.namespace, project) } subject { namespace_project_merge_requests_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/branches" do describe "GET /:project_path/branches" do
...@@ -217,15 +204,15 @@ describe "Private Project Access", feature: true do ...@@ -217,15 +204,15 @@ describe "Private Project Access", feature: true do
allow_any_instance_of(Project).to receive(:branches).and_return([]) allow_any_instance_of(Project).to receive(:branches).and_return([])
end end
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/tags" do describe "GET /:project_path/tags" do
...@@ -236,72 +223,72 @@ describe "Private Project Access", feature: true do ...@@ -236,72 +223,72 @@ describe "Private Project Access", feature: true do
allow_any_instance_of(Project).to receive(:tags).and_return([]) allow_any_instance_of(Project).to receive(:tags).and_return([])
end end
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/hooks" do describe "GET /:project_path/hooks" do
subject { namespace_project_hooks_path(project.namespace, project) } subject { namespace_project_hooks_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_denied_for developer } it { is_expected.to be_denied_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/pipelines" do describe "GET /:project_path/pipelines" do
subject { namespace_project_pipelines_path(project.namespace, project) } subject { namespace_project_pipelines_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/pipelines/:id" do describe "GET /:project_path/pipelines/:id" do
let(:pipeline) { create(:ci_pipeline, project: project) } let(:pipeline) { create(:ci_pipeline, project: project) }
subject { namespace_project_pipeline_path(project.namespace, project, pipeline) } subject { namespace_project_pipeline_path(project.namespace, project, pipeline) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/builds" do describe "GET /:project_path/builds" do
subject { namespace_project_builds_path(project.namespace, project) } subject { namespace_project_builds_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/builds/:id" do describe "GET /:project_path/builds/:id" do
...@@ -309,58 +296,58 @@ describe "Private Project Access", feature: true do ...@@ -309,58 +296,58 @@ describe "Private Project Access", feature: true do
let(:build) { create(:ci_build, pipeline: pipeline) } let(:build) { create(:ci_build, pipeline: pipeline) }
subject { namespace_project_build_path(project.namespace, project, build.id) } subject { namespace_project_build_path(project.namespace, project, build.id) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/environments" do describe "GET /:project_path/environments" do
subject { namespace_project_environments_path(project.namespace, project) } subject { namespace_project_environments_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/environments/:id" do describe "GET /:project_path/environments/:id" do
let(:environment) { create(:environment, project: project) } let(:environment) { create(:environment, project: project) }
subject { namespace_project_environment_path(project.namespace, project, environment) } subject { namespace_project_environment_path(project.namespace, project, environment) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/environments/new" do describe "GET /:project_path/environments/new" do
subject { new_namespace_project_environment_path(project.namespace, project) } subject { new_namespace_project_environment_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/container_registry" do describe "GET /:project_path/container_registry" do
...@@ -371,14 +358,14 @@ describe "Private Project Access", feature: true do ...@@ -371,14 +358,14 @@ describe "Private Project Access", feature: true do
subject { namespace_project_container_registry_index_path(project.namespace, project) } subject { namespace_project_container_registry_index_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
end end
...@@ -5,19 +5,6 @@ describe "Public Project Access", feature: true do ...@@ -5,19 +5,6 @@ describe "Public Project Access", feature: true do
let(:project) { create(:project, :public) } let(:project) { create(:project, :public) }
let(:owner) { project.owner }
let(:master) { create(:user) }
let(:developer) { create(:user) }
let(:reporter) { create(:user) }
let(:guest) { create(:user) }
before do
project.team << [master, :master]
project.team << [developer, :developer]
project.team << [reporter, :reporter]
project.team << [guest, :guest]
end
describe "Project should be public" do describe "Project should be public" do
describe '#public?' do describe '#public?' do
subject { project.public? } subject { project.public? }
...@@ -28,114 +15,114 @@ describe "Public Project Access", feature: true do ...@@ -28,114 +15,114 @@ describe "Public Project Access", feature: true do
describe "GET /:project_path" do describe "GET /:project_path" do
subject { namespace_project_path(project.namespace, project) } subject { namespace_project_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
describe "GET /:project_path/tree/master" do describe "GET /:project_path/tree/master" do
subject { namespace_project_tree_path(project.namespace, project, project.repository.root_ref) } subject { namespace_project_tree_path(project.namespace, project, project.repository.root_ref) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
describe "GET /:project_path/commits/master" do describe "GET /:project_path/commits/master" do
subject { namespace_project_commits_path(project.namespace, project, project.repository.root_ref, limit: 1) } subject { namespace_project_commits_path(project.namespace, project, project.repository.root_ref, limit: 1) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
describe "GET /:project_path/commit/:sha" do describe "GET /:project_path/commit/:sha" do
subject { namespace_project_commit_path(project.namespace, project, project.repository.commit) } subject { namespace_project_commit_path(project.namespace, project, project.repository.commit) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
describe "GET /:project_path/compare" do describe "GET /:project_path/compare" do
subject { namespace_project_compare_index_path(project.namespace, project) } subject { namespace_project_compare_index_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
describe "GET /:project_path/project_members" do describe "GET /:project_path/project_members" do
subject { namespace_project_project_members_path(project.namespace, project) } subject { namespace_project_project_members_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
end end
describe "GET /:project_path/pipelines" do describe "GET /:project_path/pipelines" do
subject { namespace_project_pipelines_path(project.namespace, project) } subject { namespace_project_pipelines_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
describe "GET /:project_path/pipelines/:id" do describe "GET /:project_path/pipelines/:id" do
let(:pipeline) { create(:ci_pipeline, project: project) } let(:pipeline) { create(:ci_pipeline, project: project) }
subject { namespace_project_pipeline_path(project.namespace, project, pipeline) } subject { namespace_project_pipeline_path(project.namespace, project, pipeline) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
describe "GET /:project_path/builds" do describe "GET /:project_path/builds" do
...@@ -144,29 +131,29 @@ describe "Public Project Access", feature: true do ...@@ -144,29 +131,29 @@ describe "Public Project Access", feature: true do
context "when allowed for public" do context "when allowed for public" do
before { project.update(public_builds: true) } before { project.update(public_builds: true) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
context "when disallowed for public" do context "when disallowed for public" do
before { project.update(public_builds: false) } before { project.update(public_builds: false) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
end end
...@@ -178,73 +165,73 @@ describe "Public Project Access", feature: true do ...@@ -178,73 +165,73 @@ describe "Public Project Access", feature: true do
context "when allowed for public" do context "when allowed for public" do
before { project.update(public_builds: true) } before { project.update(public_builds: true) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
context "when disallowed for public" do context "when disallowed for public" do
before { project.update(public_builds: false) } before { project.update(public_builds: false) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
end end
describe "GET /:project_path/environments" do describe "GET /:project_path/environments" do
subject { namespace_project_environments_path(project.namespace, project) } subject { namespace_project_environments_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/environments/:id" do describe "GET /:project_path/environments/:id" do
let(:environment) { create(:environment, project: project) } let(:environment) { create(:environment, project: project) }
subject { namespace_project_environment_path(project.namespace, project, environment) } subject { namespace_project_environment_path(project.namespace, project, environment) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/environments/new" do describe "GET /:project_path/environments/new" do
subject { new_namespace_project_environment_path(project.namespace, project) } subject { new_namespace_project_environment_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/blob" do describe "GET /:project_path/blob" do
...@@ -252,127 +239,127 @@ describe "Public Project Access", feature: true do ...@@ -252,127 +239,127 @@ describe "Public Project Access", feature: true do
subject { namespace_project_blob_path(project.namespace, project, File.join(commit.id, '.gitignore')) } subject { namespace_project_blob_path(project.namespace, project, File.join(commit.id, '.gitignore')) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
describe "GET /:project_path/edit" do describe "GET /:project_path/edit" do
subject { edit_namespace_project_path(project.namespace, project) } subject { edit_namespace_project_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_denied_for developer } it { is_expected.to be_denied_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/deploy_keys" do describe "GET /:project_path/deploy_keys" do
subject { namespace_project_deploy_keys_path(project.namespace, project) } subject { namespace_project_deploy_keys_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_denied_for developer } it { is_expected.to be_denied_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/issues" do describe "GET /:project_path/issues" do
subject { namespace_project_issues_path(project.namespace, project) } subject { namespace_project_issues_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
describe "GET /:project_path/issues/:id/edit" do describe "GET /:project_path/issues/:id/edit" do
let(:issue) { create(:issue, project: project) } let(:issue) { create(:issue, project: project) }
subject { edit_namespace_project_issue_path(project.namespace, project, issue) } subject { edit_namespace_project_issue_path(project.namespace, project, issue) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/snippets" do describe "GET /:project_path/snippets" do
subject { namespace_project_snippets_path(project.namespace, project) } subject { namespace_project_snippets_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
describe "GET /:project_path/snippets/new" do describe "GET /:project_path/snippets/new" do
subject { new_namespace_project_snippet_path(project.namespace, project) } subject { new_namespace_project_snippet_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/merge_requests" do describe "GET /:project_path/merge_requests" do
subject { namespace_project_merge_requests_path(project.namespace, project) } subject { namespace_project_merge_requests_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
describe "GET /:project_path/merge_requests/new" do describe "GET /:project_path/merge_requests/new" do
subject { new_namespace_project_merge_request_path(project.namespace, project) } subject { new_namespace_project_merge_request_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/branches" do describe "GET /:project_path/branches" do
...@@ -383,15 +370,15 @@ describe "Public Project Access", feature: true do ...@@ -383,15 +370,15 @@ describe "Public Project Access", feature: true do
allow_any_instance_of(Project).to receive(:branches).and_return([]) allow_any_instance_of(Project).to receive(:branches).and_return([])
end end
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
describe "GET /:project_path/tags" do describe "GET /:project_path/tags" do
...@@ -402,29 +389,29 @@ describe "Public Project Access", feature: true do ...@@ -402,29 +389,29 @@ describe "Public Project Access", feature: true do
allow_any_instance_of(Project).to receive(:tags).and_return([]) allow_any_instance_of(Project).to receive(:tags).and_return([])
end end
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
describe "GET /:project_path/hooks" do describe "GET /:project_path/hooks" do
subject { namespace_project_hooks_path(project.namespace, project) } subject { namespace_project_hooks_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_denied_for developer } it { is_expected.to be_denied_for(:developer).of(project) }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_denied_for(:reporter).of(project) }
it { is_expected.to be_denied_for guest } it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for(:visitor) }
end end
describe "GET /:project_path/container_registry" do describe "GET /:project_path/container_registry" do
...@@ -435,14 +422,14 @@ describe "Public Project Access", feature: true do ...@@ -435,14 +422,14 @@ describe "Public Project Access", feature: true do
subject { namespace_project_container_registry_index_path(project.namespace, project) } subject { namespace_project_container_registry_index_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for(:admin) }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for(:master).of(project) }
it { is_expected.to be_allowed_for developer } it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for reporter } it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for guest } it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_allowed_for :external } it { is_expected.to be_allowed_for(:external) }
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for(:visitor) }
end end
end end
...@@ -7,7 +7,7 @@ module AccessMatchers ...@@ -7,7 +7,7 @@ module AccessMatchers
extend RSpec::Matchers::DSL extend RSpec::Matchers::DSL
include Warden::Test::Helpers include Warden::Test::Helpers
def emulate_user(user) def emulate_user(user, project = nil)
case user case user
when :user when :user
login_as(create(:user)) login_as(create(:user))
...@@ -18,6 +18,18 @@ module AccessMatchers ...@@ -18,6 +18,18 @@ module AccessMatchers
when :external when :external
login_as(create(:user, external: true)) login_as(create(:user, external: true))
when User when User
login_as(user)
when :owner
raise ArgumentError, "cannot emulate owner without project" unless project
login_as(project.owner)
when *Gitlab::Access.sym_options.keys
raise ArgumentError, "cannot emulate user #{user} without project" unless project
role = user
user = create(:user)
project.public_send(:"add_#{role}", user)
login_as(user) login_as(user)
else else
raise ArgumentError, "cannot emulate user #{user}" raise ArgumentError, "cannot emulate user #{user}"
...@@ -26,8 +38,7 @@ module AccessMatchers ...@@ -26,8 +38,7 @@ module AccessMatchers
def description_for(user, type) def description_for(user, type)
if user.kind_of?(User) if user.kind_of?(User)
# User#inspect displays too much information for RSpec's description # User#inspect displays too much information for RSpec's descriptions
# messages
"be #{type} for the specified user" "be #{type} for the specified user"
else else
"be #{type} for #{user}" "be #{type} for #{user}"
...@@ -36,21 +47,31 @@ module AccessMatchers ...@@ -36,21 +47,31 @@ module AccessMatchers
matcher :be_allowed_for do |user| matcher :be_allowed_for do |user|
match do |url| match do |url|
emulate_user(user) emulate_user(user, @project)
visit url visit(url)
status_code != 404 && current_path != new_user_session_path status_code != 404 && current_path != new_user_session_path
end end
chain :of do |project|
@project = project
end
description { description_for(user, 'allowed') } description { description_for(user, 'allowed') }
end end
matcher :be_denied_for do |user| matcher :be_denied_for do |user|
match do |url| match do |url|
emulate_user(user) emulate_user(user, @project)
visit url visit(url)
status_code == 404 || current_path == new_user_session_path status_code == 404 || current_path == new_user_session_path
end end
chain :of do |project|
@project = project
end
description { description_for(user, 'denied') } description { description_for(user, 'denied') }
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment