Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
gitlab-ce
Commits
ac7ad422
Commit
ac7ad422
authored
Jun 26, 2017
by
Shinya Maeda
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
IMprove access_matchers
parent
043f1b82
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
24 additions
and
26 deletions
+24
-26
spec/controllers/projects/pipeline_schedules_controller_spec.rb
...ontrollers/projects/pipeline_schedules_controller_spec.rb
+2
-1
spec/support/matchers/access_matchers_for_controller.rb
spec/support/matchers/access_matchers_for_controller.rb
+22
-25
No files found.
spec/controllers/projects/pipeline_schedules_controller_spec.rb
View file @
ac7ad422
...
@@ -127,7 +127,8 @@ describe Projects::PipelineSchedulesController do
...
@@ -127,7 +127,8 @@ describe Projects::PipelineSchedulesController do
describe
'PUT update'
do
describe
'PUT update'
do
let
(
:action
)
do
let
(
:action
)
do
proc
do
|
user
|
proc
do
|
user
|
put
:update
,
namespace_id:
project
.
namespace
.
to_param
,
project_id:
project
,
id:
pipeline_schedule
.
id
put
:update
,
namespace_id:
project
.
namespace
.
to_param
,
project_id:
project
,
id:
pipeline_schedule
.
id
,
schedule:
{
description:
'a'
}
end
end
end
end
...
...
spec/support/matchers/access_matchers_for_controller.rb
View file @
ac7ad422
...
@@ -5,8 +5,8 @@ module AccessMatchersForController
...
@@ -5,8 +5,8 @@ module AccessMatchersForController
extend
RSpec
::
Matchers
::
DSL
extend
RSpec
::
Matchers
::
DSL
include
Warden
::
Test
::
Helpers
include
Warden
::
Test
::
Helpers
EXPECTED_STATUS_CODE_ALLOWED
=
[
200
,
302
].
freeze
EXPECTED_STATUS_CODE_ALLOWED
=
[
200
,
201
,
302
].
freeze
EXPECTED_STATUS_CODE_DENIED
=
[
404
].
freeze
EXPECTED_STATUS_CODE_DENIED
=
[
40
1
,
40
4
].
freeze
def
emulate_user
(
role
,
membership
=
nil
)
def
emulate_user
(
role
,
membership
=
nil
)
case
role
case
role
...
@@ -19,9 +19,22 @@ module AccessMatchersForController
...
@@ -19,9 +19,22 @@ module AccessMatchersForController
when
:external
when
:external
user
=
create
(
:user
,
external:
true
)
user
=
create
(
:user
,
external:
true
)
sign_in
(
user
)
sign_in
(
user
)
when
:visitor
# rubocop:disable Lint/EmptyWhen
when
:visitor
# no-op
user
=
nil
when
User
user
=
role
sign_in
(
user
)
when
*
Gitlab
::
Access
.
sym_options_with_owner
.
keys
# owner, master, developer, reporter, guest
when
*
Gitlab
::
Access
.
sym_options_with_owner
.
keys
# owner, master, developer, reporter, guest
user
=
cerate_user_by_membership
(
role
,
membership
)
sign_in
(
user
)
else
raise
ArgumentError
,
"cannot emulate user
#{
role
}
"
end
user
end
def
cerate_user_by_membership
(
role
,
membership
=
nil
)
raise
ArgumentError
,
"cannot emulate
#{
role
}
without membership parent"
unless
membership
raise
ArgumentError
,
"cannot emulate
#{
role
}
without membership parent"
unless
membership
if
role
==
:owner
&&
membership
.
owner
if
role
==
:owner
&&
membership
.
owner
...
@@ -30,12 +43,6 @@ module AccessMatchersForController
...
@@ -30,12 +43,6 @@ module AccessMatchersForController
user
=
create
(
:user
)
user
=
create
(
:user
)
membership
.
public_send
(
:"add_
#{
role
}
"
,
user
)
membership
.
public_send
(
:"add_
#{
role
}
"
,
user
)
end
end
sign_in
(
user
)
else
raise
ArgumentError
,
"cannot emulate user
#{
role
}
"
end
user
user
end
end
...
@@ -47,12 +54,7 @@ module AccessMatchersForController
...
@@ -47,12 +54,7 @@ module AccessMatchersForController
matcher
:be_allowed_for
do
|
role
|
matcher
:be_allowed_for
do
|
role
|
match
do
|
action
|
match
do
|
action
|
user
=
emulate_user
(
role
,
@membership
)
user
=
emulate_user
(
role
,
@membership
)
begin
action
.
call
(
user
)
action
.
call
(
user
)
rescue
# Ignore internal exceptions which will be caused in the controller
# In such cases, response.status will be 200.
end
EXPECTED_STATUS_CODE_ALLOWED
.
include?
(
response
.
status
)
EXPECTED_STATUS_CODE_ALLOWED
.
include?
(
response
.
status
)
end
end
...
@@ -68,12 +70,7 @@ module AccessMatchersForController
...
@@ -68,12 +70,7 @@ module AccessMatchersForController
matcher
:be_denied_for
do
|
role
|
matcher
:be_denied_for
do
|
role
|
match
do
|
action
|
match
do
|
action
|
user
=
emulate_user
(
role
,
@membership
)
user
=
emulate_user
(
role
,
@membership
)
begin
action
.
call
(
user
)
action
.
call
(
user
)
rescue
# Ignore internal exceptions which will be caused in the controller
# In such cases, response.status will be 200.
end
EXPECTED_STATUS_CODE_DENIED
.
include?
(
response
.
status
)
EXPECTED_STATUS_CODE_DENIED
.
include?
(
response
.
status
)
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment