Improve wiki specs

In this commit we're improving some snippet
security specs.
parent 0d9ae330
......@@ -5,9 +5,8 @@ require 'spec_helper'
RSpec.describe "Private Project Snippets Access" do
include AccessMatchers
let(:project) { create(:project, :private) }
let(:private_snippet) { create(:project_snippet, :private, project: project, author: project.owner) }
let_it_be(:project) { create(:project, :private) }
let_it_be(:private_snippet) { create(:project_snippet, :private, project: project, author: project.owner) }
describe "GET /:project_path/snippets" do
subject { project_snippets_path(project) }
......
......@@ -5,23 +5,25 @@ require 'spec_helper'
RSpec.describe "Private Project Snippets Access" do
include AccessMatchers
let(:project) { create(:project, :private) }
let(:private_snippet) { create(:project_snippet, :private, project: project, author: project.owner) }
let_it_be(:project) { create(:project, :private) }
let_it_be(:private_snippet) { create(:project_snippet, :private, project: project, author: project.owner) }
describe "GET /:project_path/snippets" do
subject { project_snippets_path(project) }
it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) }
it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for(:visitor) }
specify :aggregate_failures do
is_expected.to be_allowed_for(:owner).of(project)
is_expected.to be_allowed_for(:maintainer).of(project)
is_expected.to be_allowed_for(:developer).of(project)
is_expected.to be_allowed_for(:reporter).of(project)
is_expected.to be_allowed_for(:guest).of(project)
is_expected.to be_denied_for(:user)
is_expected.to be_denied_for(:external)
is_expected.to be_denied_for(:visitor)
end
end
describe "GET /:project_path/snippets/new" do
......@@ -29,14 +31,17 @@ RSpec.describe "Private Project Snippets Access" do
it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) }
it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_denied_for(:guest).of(project) }
it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for(:visitor) }
specify :aggregate_failures do
is_expected.to be_allowed_for(:maintainer).of(project)
is_expected.to be_allowed_for(:owner).of(project)
is_expected.to be_allowed_for(:developer).of(project)
is_expected.to be_allowed_for(:reporter).of(project)
is_expected.to be_denied_for(:guest).of(project)
is_expected.to be_denied_for(:user)
is_expected.to be_denied_for(:external)
is_expected.to be_denied_for(:visitor)
end
end
describe "GET /:project_path/snippets/:id for a private snippet" do
......@@ -44,14 +49,17 @@ RSpec.describe "Private Project Snippets Access" do
it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) }
it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for(:visitor) }
specify :aggregate_failures do
is_expected.to be_allowed_for(:owner).of(project)
is_expected.to be_allowed_for(:maintainer).of(project)
is_expected.to be_allowed_for(:developer).of(project)
is_expected.to be_allowed_for(:reporter).of(project)
is_expected.to be_allowed_for(:guest).of(project)
is_expected.to be_denied_for(:user)
is_expected.to be_denied_for(:external)
is_expected.to be_denied_for(:visitor)
end
end
describe "GET /:project_path/snippets/:id/raw for a private snippet" do
......@@ -59,13 +67,16 @@ RSpec.describe "Private Project Snippets Access" do
it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) }
it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
it { is_expected.to be_allowed_for(:reporter).of(project) }
it { is_expected.to be_allowed_for(:guest).of(project) }
it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for(:visitor) }
specify :aggregate_failures do
is_expected.to be_allowed_for(:owner).of(project)
is_expected.to be_allowed_for(:maintainer).of(project)
is_expected.to be_allowed_for(:developer).of(project)
is_expected.to be_allowed_for(:reporter).of(project)
is_expected.to be_allowed_for(:guest).of(project)
is_expected.to be_denied_for(:user)
is_expected.to be_denied_for(:external)
is_expected.to be_denied_for(:visitor)
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment