Commit 035cb6d1 authored by Dave Pisek's avatar Dave Pisek

Add view tests for project sidebar - security

This commits adds tests to verify that the template partials
responsible for rendering the 'Security & Compliance' navigation
are rendering the correct nav-items based on users permission.
parent 3ca312d3
......@@ -122,6 +122,82 @@ describe 'layouts/nav/sidebar/_project' do
end
end
describe 'Security and Compliance' do
before do
allow(view).to receive(:can?).with(nil, :read_dependencies, project).and_return(can_read_dependencies)
allow(view).to receive(:can?).with(nil, :read_project_security_dashboard, project).and_return(can_read_dashboard)
render
end
describe 'when the user has full permissions' do
let(:can_read_dashboard) { true }
let(:can_read_dependencies) { true }
it 'top level navigation link is visible' do
expect(rendered).to have_link('Security & Compliance', href: project_security_dashboard_path(project))
end
it 'security dashboard link is visible' do
expect(rendered).to have_link('Security Dashboard', href: project_security_dashboard_path(project))
end
it 'dependency list link is visible' do
expect(rendered).to have_link('Dependency List', href: project_dependencies_path(project))
end
end
describe 'when the user can view only security dashboard' do
let(:can_read_dashboard) { true }
let(:can_read_dependencies) { false }
it 'top level navigation link is visible' do
expect(rendered).to have_link('Security & Compliance', href: project_security_dashboard_path(project))
end
it 'security dashboard link is visible' do
expect(rendered).to have_link('Security Dashboard', href: project_security_dashboard_path(project))
end
it 'dependency list link is not visible' do
expect(rendered).not_to have_link('Dependency List', href: project_dependencies_path(project))
end
end
describe 'when the user can view only dependency list' do
let(:can_read_dashboard) { false }
let(:can_read_dependencies) { true }
it 'top level navigation link is visible' do
expect(rendered).to have_link('Security & Compliance', href: project_dependencies_path(project))
end
it 'security dashboard link is not visible' do
expect(rendered).not_to have_link('Security Dashboard', href: project_security_dashboard_path(project))
end
it 'dependency list link is visible' do
expect(rendered).to have_link('Dependency List', href: project_dependencies_path(project))
end
end
describe 'when the user has no permissions' do
let(:can_read_dependencies) { false }
let(:can_read_dashboard) { false }
it 'top level navigation link is visible' do
expect(rendered).not_to have_link('Security & Compliance', href: project_security_dashboard_path(project))
end
it 'security dashboard link is not visible' do
expect(rendered).not_to have_link('Security Dashboard', href: project_security_dashboard_path(project))
end
it 'dependency list link is not visible' do
expect(rendered).not_to have_link('Dependency List', href: project_dependencies_path(project))
end
end
end
describe 'Packages' do
let(:user) { create(:user) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment