Skip to content

G
gitlab-ce
Commit 4caaaab2 authored by Francisco Javier López's avatar Francisco Javier López
Browse files
Options

Improve wiki specs 

In this commit we're improving some snippet
security specs.
parent 0d9ae330
Show whitespace changes
Inline Side-by-side
Showing with 48 additions and 38 deletions
ee/spec/features/security/project/snippet/private_access_spec.rb
View file @ 4caaaab2
...@@ -5,9 +5,8 @@ require 'spec_helper' ...@@ -5,9 +5,8 @@ require 'spec_helper'
RSpec.describe "Private Project Snippets Access" do RSpec.describe "Private Project Snippets Access" do
include AccessMatchers include AccessMatchers
let(:project) { create(:project, :private) } let_it_be(:project) { create(:project, :private) }
let_it_be(:private_snippet) { create(:project_snippet, :private, project: project, author: project.owner) }
let(:private_snippet) { create(:project_snippet, :private, project: project, author: project.owner) }
describe "GET /:project_path/snippets" do describe "GET /:project_path/snippets" do
subject { project_snippets_path(project) } subject { project_snippets_path(project) }
......
spec/features/security/project/snippet/private_access_spec.rb
View file @ 4caaaab2
...@@ -5,23 +5,25 @@ require 'spec_helper' ...@@ -5,23 +5,25 @@ require 'spec_helper'
RSpec.describe "Private Project Snippets Access" do RSpec.describe "Private Project Snippets Access" do
include AccessMatchers include AccessMatchers
let(:project) { create(:project, :private) } let_it_be(:project) { create(:project, :private) }
let_it_be(:private_snippet) { create(:project_snippet, :private, project: project, author: project.owner) }
let(:private_snippet) { create(:project_snippet, :private, project: project, author: project.owner) }
describe "GET /:project_path/snippets" do describe "GET /:project_path/snippets" do
subject { project_snippets_path(project) } subject { project_snippets_path(project) }
it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) } it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) }
it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) } it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) } specify :aggregate_failures do
it { is_expected.to be_allowed_for(:developer).of(project) } is_expected.to be_allowed_for(:owner).of(project)
it { is_expected.to be_allowed_for(:reporter).of(project) } is_expected.to be_allowed_for(:maintainer).of(project)
it { is_expected.to be_allowed_for(:guest).of(project) } is_expected.to be_allowed_for(:developer).of(project)
it { is_expected.to be_denied_for(:user) } is_expected.to be_allowed_for(:reporter).of(project)
it { is_expected.to be_denied_for(:external) } is_expected.to be_allowed_for(:guest).of(project)
it { is_expected.to be_denied_for(:visitor) } is_expected.to be_denied_for(:user)
is_expected.to be_denied_for(:external)
is_expected.to be_denied_for(:visitor)
end
end end
describe "GET /:project_path/snippets/new" do describe "GET /:project_path/snippets/new" do
...@@ -29,14 +31,17 @@ RSpec.describe "Private Project Snippets Access" do ...@@ -29,14 +31,17 @@ RSpec.describe "Private Project Snippets Access" do
it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) } it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) }
it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) } it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) } specify :aggregate_failures do
it { is_expected.to be_allowed_for(:developer).of(project) } is_expected.to be_allowed_for(:maintainer).of(project)
it { is_expected.to be_allowed_for(:reporter).of(project) } is_expected.to be_allowed_for(:owner).of(project)
it { is_expected.to be_denied_for(:guest).of(project) } is_expected.to be_allowed_for(:developer).of(project)
it { is_expected.to be_denied_for(:user) } is_expected.to be_allowed_for(:reporter).of(project)
it { is_expected.to be_denied_for(:external) } is_expected.to be_denied_for(:guest).of(project)
it { is_expected.to be_denied_for(:visitor) } is_expected.to be_denied_for(:user)
is_expected.to be_denied_for(:external)
is_expected.to be_denied_for(:visitor)
end
end end
describe "GET /:project_path/snippets/:id for a private snippet" do describe "GET /:project_path/snippets/:id for a private snippet" do
...@@ -44,14 +49,17 @@ RSpec.describe "Private Project Snippets Access" do ...@@ -44,14 +49,17 @@ RSpec.describe "Private Project Snippets Access" do
it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) } it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) }
it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) } it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) } specify :aggregate_failures do
it { is_expected.to be_allowed_for(:developer).of(project) } is_expected.to be_allowed_for(:owner).of(project)
it { is_expected.to be_allowed_for(:reporter).of(project) } is_expected.to be_allowed_for(:maintainer).of(project)
it { is_expected.to be_allowed_for(:guest).of(project) } is_expected.to be_allowed_for(:developer).of(project)
it { is_expected.to be_denied_for(:user) } is_expected.to be_allowed_for(:reporter).of(project)
it { is_expected.to be_denied_for(:external) } is_expected.to be_allowed_for(:guest).of(project)
it { is_expected.to be_denied_for(:visitor) } is_expected.to be_denied_for(:user)
is_expected.to be_denied_for(:external)
is_expected.to be_denied_for(:visitor)
end
end end
describe "GET /:project_path/snippets/:id/raw for a private snippet" do describe "GET /:project_path/snippets/:id/raw for a private snippet" do
...@@ -59,13 +67,16 @@ RSpec.describe "Private Project Snippets Access" do ...@@ -59,13 +67,16 @@ RSpec.describe "Private Project Snippets Access" do
it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) } it('is allowed for admin when admin mode is enabled', :enable_admin_mode) { is_expected.to be_allowed_for(:admin) }
it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) } it('is denied for admin when admin mode is disabled') { is_expected.to be_denied_for(:admin) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) } specify :aggregate_failures do
it { is_expected.to be_allowed_for(:developer).of(project) } is_expected.to be_allowed_for(:owner).of(project)
it { is_expected.to be_allowed_for(:reporter).of(project) } is_expected.to be_allowed_for(:maintainer).of(project)
it { is_expected.to be_allowed_for(:guest).of(project) } is_expected.to be_allowed_for(:developer).of(project)
it { is_expected.to be_denied_for(:user) } is_expected.to be_allowed_for(:reporter).of(project)
it { is_expected.to be_denied_for(:external) } is_expected.to be_allowed_for(:guest).of(project)
it { is_expected.to be_denied_for(:visitor) } is_expected.to be_denied_for(:user)
is_expected.to be_denied_for(:external)
is_expected.to be_denied_for(:visitor)
end
end end
end end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7