Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
1c71a629
Commit
1c71a629
authored
Sep 19, 2017
by
Rémy Coutable
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Refactor spec/policies/project_policy_spec.rb to minimize the diff with CE
Signed-off-by:
Rémy Coutable
<
remy@rymai.me
>
parent
fd0482d6
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
117 additions
and
65 deletions
+117
-65
spec/policies/project_policy_spec.rb
spec/policies/project_policy_spec.rb
+117
-65
No files found.
spec/policies/project_policy_spec.rb
View file @
1c71a629
require
'spec_helper'
describe
ProjectPolicy
do
let
(
:guest
)
{
create
(
:user
)
}
let
(
:reporter
)
{
create
(
:user
)
}
let
(
:dev
)
{
create
(
:user
)
}
let
(
:master
)
{
create
(
:user
)
}
let
(
:owner
)
{
create
(
:user
)
}
let
(
:auditor
)
{
create
(
:user
,
:auditor
)
}
let
(
:admin
)
{
create
(
:admin
)
}
set
(
:guest
)
{
create
(
:user
)
}
set
(
:reporter
)
{
create
(
:user
)
}
set
(
:developer
)
{
create
(
:user
)
}
set
(
:master
)
{
create
(
:user
)
}
set
(
:owner
)
{
create
(
:user
)
}
set
(
:admin
)
{
create
(
:admin
)
}
let
(
:project
)
{
create
(
:project
,
:public
,
namespace:
owner
.
namespace
)
}
let
(
:guest_permissions
)
do
let
(
:
base_
guest_permissions
)
do
%i[
read_project read_board read_list read_wiki read_issue read_label
read_
issue_link read_
milestone read_project_snippet read_project_member
read_milestone read_project_snippet read_project_member
read_note create_project create_issue create_note
upload_file
]
end
let
(
:reporter_permissions
)
do
let
(
:
base_
reporter_permissions
)
do
%i[
download_code fork_project create_project_snippet update_issue
admin_issue admin_label admin_
issue_link admin_
list read_commit_status read_build
admin_issue admin_label admin_list read_commit_status read_build
read_container_image read_pipeline read_environment read_deployment
read_merge_request download_wiki_code
]
...
...
@@ -42,10 +41,9 @@ describe ProjectPolicy do
]
end
let
(
:master_permissions
)
do
let
(
:
base_
master_permissions
)
do
%i[
push_code_to_protected_branches delete_protected_branch
update_project_snippet update_environment
delete_protected_branch update_project_snippet update_environment
update_deployment admin_project_snippet
admin_project_member admin_note admin_wiki admin_project
admin_commit_status admin_build admin_container_image
...
...
@@ -68,21 +66,20 @@ describe ProjectPolicy do
]
end
let
(
:auditor_permissions
)
do
%i[
download_code download_wiki_code read_project read_board read_list
read_wiki read_issue read_label read_issue_link read_milestone read_project_snippet
read_project_member read_note read_cycle_analytics read_pipeline
read_build read_commit_status read_container_image read_environment
read_deployment read_merge_request read_pages
]
end
# Used in EE specs
let
(
:additional_guest_permissions
)
{
[]
}
let
(
:additional_reporter_permissions
)
{
[]
}
let
(
:additional_master_permissions
)
{
[]
}
let
(
:guest_permissions
)
{
base_guest_permissions
+
additional_guest_permissions
}
let
(
:reporter_permissions
)
{
base_reporter_permissions
+
additional_reporter_permissions
}
let
(
:master_permissions
)
{
base_master_permissions
+
additional_master_permissions
}
before
do
project
.
team
<<
[
guest
,
:guest
]
project
.
team
<<
[
master
,
:master
]
project
.
team
<<
[
dev
,
:developer
]
project
.
team
<<
[
reporter
,
:reporter
]
project
.
add_guest
(
guest
)
project
.
add_master
(
master
)
project
.
add_developer
(
developer
)
project
.
add_reporter
(
reporter
)
end
def
expect_allowed
(
*
permissions
)
...
...
@@ -139,7 +136,9 @@ describe ProjectPolicy do
end
end
context
'when a project has pending invites, and the current user is anonymous'
do
shared_examples
'project policies as anonymous'
do
context
'abilities for public projects'
do
context
'when a project has pending invites'
do
let
(
:group
)
{
create
(
:group
,
:public
)
}
let
(
:project
)
{
create
(
:project
,
:public
,
namespace:
group
)
}
let
(
:user_permissions
)
{
[
:create_project
,
:create_issue
,
:create_note
,
:upload_file
]
}
...
...
@@ -156,21 +155,22 @@ describe ProjectPolicy do
expect_disallowed
(
*
user_permissions
)
end
end
end
context
'abilities for non-public projects'
do
let
(
:project
)
{
create
(
:project
,
namespace:
owner
.
namespace
)
}
subject
{
described_class
.
new
(
current_user
,
project
)
}
context
'with no user'
do
let
(
:current_user
)
{
nil
}
subject
{
described_class
.
new
(
nil
,
project
)
}
it
{
is_expected
.
to
be_banned
}
end
end
context
'guests
'
do
let
(
:current_user
)
{
guest
}
shared_examples
'project policies as guest
'
do
subject
{
described_class
.
new
(
guest
,
project
)
}
context
'abilities for non-public projects'
do
let
(
:project
)
{
create
(
:project
,
namespace:
owner
.
namespace
)
}
let
(
:reporter_public_build_permissions
)
do
reporter_permissions
-
[
:read_build
,
:read_pipeline
]
end
...
...
@@ -191,7 +191,7 @@ describe ProjectPolicy do
end
end
context
'public builds disabled'
do
context
'
when
public builds disabled'
do
before
do
project
.
update
(
public_builds:
false
)
end
...
...
@@ -204,8 +204,7 @@ describe ProjectPolicy do
context
'when builds are disabled'
do
before
do
project
.
project_feature
.
update
(
builds_access_level:
ProjectFeature
::
DISABLED
)
project
.
project_feature
.
update
(
builds_access_level:
ProjectFeature
::
DISABLED
)
end
it
do
...
...
@@ -214,9 +213,13 @@ describe ProjectPolicy do
end
end
end
end
shared_examples
'project policies as reporter'
do
context
'abilities for non-public projects'
do
let
(
:project
)
{
create
(
:project
,
namespace:
owner
.
namespace
)
}
context
'reporter'
do
let
(
:current_user
)
{
reporter
}
subject
{
described_class
.
new
(
reporter
,
project
)
}
it
do
expect_allowed
(
*
guest_permissions
)
...
...
@@ -228,9 +231,13 @@ describe ProjectPolicy do
expect_disallowed
(
*
owner_permissions
)
end
end
end
shared_examples
'project policies as developer'
do
context
'abilities for non-public projects'
do
let
(
:project
)
{
create
(
:project
,
namespace:
owner
.
namespace
)
}
context
'developer'
do
let
(
:current_user
)
{
dev
}
subject
{
described_class
.
new
(
developer
,
project
)
}
it
do
expect_allowed
(
*
guest_permissions
)
...
...
@@ -241,9 +248,13 @@ describe ProjectPolicy do
expect_disallowed
(
*
owner_permissions
)
end
end
end
context
'master'
do
let
(
:current_user
)
{
master
}
shared_examples
'project policies as master'
do
context
'abilities for non-public projects'
do
let
(
:project
)
{
create
(
:project
,
namespace:
owner
.
namespace
)
}
subject
{
described_class
.
new
(
master
,
project
)
}
it
do
expect_allowed
(
*
guest_permissions
)
...
...
@@ -254,9 +265,13 @@ describe ProjectPolicy do
expect_disallowed
(
*
owner_permissions
)
end
end
end
context
'owner'
do
let
(
:current_user
)
{
owner
}
shared_examples
'project policies as owner'
do
context
'abilities for non-public projects'
do
let
(
:project
)
{
create
(
:project
,
namespace:
owner
.
namespace
)
}
subject
{
described_class
.
new
(
owner
,
project
)
}
it
do
expect_allowed
(
*
guest_permissions
)
...
...
@@ -267,9 +282,13 @@ describe ProjectPolicy do
expect_allowed
(
*
owner_permissions
)
end
end
end
shared_examples
'project policies as admin'
do
context
'abilities for non-public projects'
do
let
(
:project
)
{
create
(
:project
,
namespace:
owner
.
namespace
)
}
context
'admin'
do
let
(
:current_user
)
{
admin
}
subject
{
described_class
.
new
(
admin
,
project
)
}
it
do
expect_allowed
(
*
guest_permissions
)
...
...
@@ -280,11 +299,44 @@ describe ProjectPolicy do
expect_allowed
(
*
owner_permissions
)
end
end
end
it_behaves_like
'project policies as anonymous'
it_behaves_like
'project policies as guest'
it_behaves_like
'project policies as reporter'
it_behaves_like
'project policies as developer'
it_behaves_like
'project policies as master'
it_behaves_like
'project policies as owner'
it_behaves_like
'project policies as admin'
context
'EE'
do
let
(
:additional_guest_permissions
)
{
[
:read_issue_link
]
}
let
(
:additional_reporter_permissions
)
{
[
:admin_issue_link
]}
let
(
:additional_master_permissions
)
{
[
:push_code_to_protected_branches
]
}
let
(
:auditor_permissions
)
do
%i[
download_code download_wiki_code read_project read_board read_list
read_wiki read_issue read_label read_issue_link read_milestone read_project_snippet
read_project_member read_note read_cycle_analytics read_pipeline
read_build read_commit_status read_container_image read_environment
read_deployment read_merge_request read_pages
]
end
it_behaves_like
'project policies as anonymous'
it_behaves_like
'project policies as guest'
it_behaves_like
'project policies as reporter'
it_behaves_like
'project policies as developer'
it_behaves_like
'project policies as master'
it_behaves_like
'project policies as owner'
it_behaves_like
'project policies as admin'
context
'auditor'
do
let
(
:current_user
)
{
auditor
}
let
(
:auditor
)
{
create
(
:user
,
:auditor
)
}
subject
{
described_class
.
new
(
auditor
,
project
)
}
context
'not a team member'
do
context
'
who is
not a team member'
do
it
do
is_expected
.
to
be_disallowed
(
*
developer_permissions
)
is_expected
.
to
be_disallowed
(
*
master_permissions
)
...
...
@@ -294,9 +346,9 @@ describe ProjectPolicy do
end
end
context
'team member'
do
context
'
who is a
team member'
do
before
do
project
.
team
<<
[
auditor
,
:guest
]
project
.
add_guest
(
auditor
)
end
it
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment