Skip to content

G
gitlab-ce
Commit 2771c42e authored by Pedro Pombeiro's avatar Pedro Pombeiro
Browse files
Options

Test that users without permissions don't see project runners

parent cb110c33
Hide whitespace changes
Inline Side-by-side
Showing with 8 additions and 0 deletions
spec/requests/api/graphql/ci/runner_spec.rb
View file @ 2771c42e
...@@ -25,6 +25,8 @@ RSpec.describe 'Query.runner(id)' do ...@@ -25,6 +25,8 @@ RSpec.describe 'Query.runner(id)' do
access_level: 0, tag_list: %w[tag1 tag2], run_untagged: true, executor_type: :shell) access_level: 0, tag_list: %w[tag1 tag2], run_untagged: true, executor_type: :shell)
end end
let_it_be(:active_project_runner) { create(:ci_runner, :project) }
def get_runner(id) def get_runner(id)
case id case id
when :active_instance_runner when :active_instance_runner
...@@ -33,6 +35,8 @@ RSpec.describe 'Query.runner(id)' do ...@@ -33,6 +35,8 @@ RSpec.describe 'Query.runner(id)' do
inactive_instance_runner inactive_instance_runner
when :active_group_runner when :active_group_runner
active_group_runner active_group_runner
when :active_project_runner
active_project_runner
end end
end end
...@@ -381,6 +385,10 @@ RSpec.describe 'Query.runner(id)' do ...@@ -381,6 +385,10 @@ RSpec.describe 'Query.runner(id)' do
context 'on group runner' do context 'on group runner' do
it_behaves_like 'retrieval by unauthorized user', :active_group_runner it_behaves_like 'retrieval by unauthorized user', :active_group_runner
end end
context 'on project runner' do
it_behaves_like 'retrieval by unauthorized user', :active_project_runner
end
end end
describe 'by non-admin user' do describe 'by non-admin user' do
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7