Update policy for seat_usage_controller#show to match API

Update policy check from `authorize_admin_group` to `authorize_admin_group_member`, in order to match API - https://gitlab.com/gitlab-org/gitlab/-/blob/cb26a88c1852289bb19b11a8231610e0c2c72a49/ee/lib/ee/api/members.rb#L69. https://gitlab.com/gitlab-org/gitlab/-/issues/262877

Update policy for seat_usage_controller#show to match API
Update policy check from `authorize_admin_group` to `authorize_admin_group_member`, in order to match API - https://gitlab.com/gitlab-org/gitlab/-/blob/cb26a88c1852289bb19b11a8231610e0c2c72a49/ee/lib/ee/api/members.rb#L69. https://gitlab.com/gitlab-org/gitlab/-/issues/262877
306cdcc7 · Krasimir Angelov · 32d81c90 · 306cdcc7 · 306cdcc7
Commit 306cdcc7 authored Jul 28, 2021 by Krasimir Angelov
2 changed files
--- a/ee/app/controllers/groups/seat_usage_controller.rb
+++ b/ee/app/controllers/groups/seat_usage_controller.rb
 # frozen_string_literal: true
 class Groups::SeatUsageController < Groups::ApplicationController
-  before_action :authorize_admin_group!
+  before_action :authorize_admin_group_member!
  before_action :verify_namespace_plan_check_enabled
  layout "group_settings"

--- a/ee/spec/controllers/groups/seat_usage_controller_spec.rb
+++ b/ee/spec/controllers/groups/seat_usage_controller_spec.rb
@@ -36,10 +36,10 @@ RSpec.describe Groups::SeatUsageController do
        group.add_developer(user)
      end
-      it 'renders 404 when user is not an owner' do
+      it 'renders 403 when user is not an owner' do
        get_show
-        is_expected.to have_gitlab_http_status(:not_found)
+        is_expected.to have_gitlab_http_status(:forbidden)
      end
    end
  end