Improve wiki specs

In this commit we're improving some snippet security specs.

Improve wiki specs
In this commit we're improving some snippet security specs.
4caaaab2 · Francisco Javier López · 0d9ae330 · 4caaaab2 · 4caaaab2
Commit 4caaaab2 authored Jun 04, 2021 by Francisco Javier López
2 changed files
--- a/ee/spec/features/security/project/snippet/private_access_spec.rb
+++ b/ee/spec/features/security/project/snippet/private_access_spec.rb
@@ -5,9 +5,8 @@ require 'spec_helper'
 RSpec.describe "Private Project Snippets Access" do
  include AccessMatchers

-  let(:project) { create(:project, :private) }
-
-  let(:private_snippet) { create(:project_snippet, :private, project: project, author: project.owner) }
+  let_it_be(:project) { create(:project, :private) }
+  let_it_be(:private_snippet) { create(:project_snippet, :private, project: project, author: project.owner) }

  describe "GET /:project_path/snippets" do
    subject { project_snippets_path(project) }

--- a/spec/features/security/project/snippet/private_access_spec.rb
+++ b/spec/features/security/project/snippet/private_access_spec.rb
@@ -5,23 +5,25 @@ require 'spec_helper'
 RSpec.describe "Private Project Snippets Access" do
  include AccessMatchers

-  let(:project) { create(:project, :private) }
-
-  let(:private_snippet) { create(:project_snippet, :private, project: project, author: project.owner) }
+  let_it_be(:project) { create(:project, :private) }
+  let_it_be(:private_snippet) { create(:project_snippet, :private, project: project, author: project.owner) }

  describe "GET /:project_path/snippets" do
    subject { project_snippets_path(project) }

    it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) }
    it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) }
-    it { is_expected.to be_allowed_for(:owner).of(project) }
-    it { is_expected.to be_allowed_for(:maintainer).of(project) }
-    it { is_expected.to be_allowed_for(:developer).of(project) }
-    it { is_expected.to be_allowed_for(:reporter).of(project) }
-    it { is_expected.to be_allowed_for(:guest).of(project) }
-    it { is_expected.to be_denied_for(:user) }
-    it { is_expected.to be_denied_for(:external) }
-    it { is_expected.to be_denied_for(:visitor) }
+
+    specify :aggregate_failures do
+      is_expected.to be_allowed_for(:owner).of(project)
+      is_expected.to be_allowed_for(:maintainer).of(project)
+      is_expected.to be_allowed_for(:developer).of(project)
+      is_expected.to be_allowed_for(:reporter).of(project)
+      is_expected.to be_allowed_for(:guest).of(project)
+      is_expected.to be_denied_for(:user)
+      is_expected.to be_denied_for(:external)
+      is_expected.to be_denied_for(:visitor)
+    end
  end

  describe "GET /:project_path/snippets/new" do
@@ -29,14 +31,17 @@ RSpec.describe "Private Project Snippets Access" do

    it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) }
    it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) }
-    it { is_expected.to be_allowed_for(:owner).of(project) }
-    it { is_expected.to be_allowed_for(:maintainer).of(project) }
-    it { is_expected.to be_allowed_for(:developer).of(project) }
-    it { is_expected.to be_allowed_for(:reporter).of(project) }
-    it { is_expected.to be_denied_for(:guest).of(project) }
-    it { is_expected.to be_denied_for(:user) }
-    it { is_expected.to be_denied_for(:external) }
-    it { is_expected.to be_denied_for(:visitor) }
+
+    specify :aggregate_failures do
+      is_expected.to be_allowed_for(:maintainer).of(project)
+      is_expected.to be_allowed_for(:owner).of(project)
+      is_expected.to be_allowed_for(:developer).of(project)
+      is_expected.to be_allowed_for(:reporter).of(project)
+      is_expected.to be_denied_for(:guest).of(project)
+      is_expected.to be_denied_for(:user)
+      is_expected.to be_denied_for(:external)
+      is_expected.to be_denied_for(:visitor)
+    end
  end

  describe "GET /:project_path/snippets/:id for a private snippet" do
@@ -44,14 +49,17 @@ RSpec.describe "Private Project Snippets Access" do

    it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) }
    it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) }
-    it { is_expected.to be_allowed_for(:owner).of(project) }
-    it { is_expected.to be_allowed_for(:maintainer).of(project) }
-    it { is_expected.to be_allowed_for(:developer).of(project) }
-    it { is_expected.to be_allowed_for(:reporter).of(project) }
-    it { is_expected.to be_allowed_for(:guest).of(project) }
-    it { is_expected.to be_denied_for(:user) }
-    it { is_expected.to be_denied_for(:external) }
-    it { is_expected.to be_denied_for(:visitor) }
+
+    specify :aggregate_failures do
+      is_expected.to be_allowed_for(:owner).of(project)
+      is_expected.to be_allowed_for(:maintainer).of(project)
+      is_expected.to be_allowed_for(:developer).of(project)
+      is_expected.to be_allowed_for(:reporter).of(project)
+      is_expected.to be_allowed_for(:guest).of(project)
+      is_expected.to be_denied_for(:user)
+      is_expected.to be_denied_for(:external)
+      is_expected.to be_denied_for(:visitor)
+    end
  end

  describe "GET /:project_path/snippets/:id/raw for a private snippet" do
@@ -59,13 +67,16 @@ RSpec.describe "Private Project Snippets Access" do

    it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) }
    it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) }
-    it { is_expected.to be_allowed_for(:owner).of(project) }
-    it { is_expected.to be_allowed_for(:maintainer).of(project) }
-    it { is_expected.to be_allowed_for(:developer).of(project) }
-    it { is_expected.to be_allowed_for(:reporter).of(project) }
-    it { is_expected.to be_allowed_for(:guest).of(project) }
-    it { is_expected.to be_denied_for(:user) }
-    it { is_expected.to be_denied_for(:external) }
-    it { is_expected.to be_denied_for(:visitor) }
+
+    specify :aggregate_failures do
+      is_expected.to be_allowed_for(:owner).of(project)
+      is_expected.to be_allowed_for(:maintainer).of(project)
+      is_expected.to be_allowed_for(:developer).of(project)
+      is_expected.to be_allowed_for(:reporter).of(project)
+      is_expected.to be_allowed_for(:guest).of(project)
+      is_expected.to be_denied_for(:user)
+      is_expected.to be_denied_for(:external)
+      is_expected.to be_denied_for(:visitor)
+    end
  end
 end