Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
77fce7c0
Commit
77fce7c0
authored
Oct 29, 2020
by
Philip Cunningham
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Consolidate policy tests for on-demand DAST scans
Creates shared example for policy and removes redundant tests.
parent
1a701493
Changes
13
Show whitespace changes
Inline
Side-by-side
Showing
13 changed files
with
106 additions
and
372 deletions
+106
-372
ee/spec/graphql/mutations/dast_on_demand_scans/create_spec.rb
...pec/graphql/mutations/dast_on_demand_scans/create_spec.rb
+2
-54
ee/spec/graphql/mutations/dast_scanner_profiles/create_spec.rb
...ec/graphql/mutations/dast_scanner_profiles/create_spec.rb
+2
-14
ee/spec/graphql/mutations/dast_scanner_profiles/delete_spec.rb
...ec/graphql/mutations/dast_scanner_profiles/delete_spec.rb
+2
-8
ee/spec/graphql/mutations/dast_scanner_profiles/update_spec.rb
...ec/graphql/mutations/dast_scanner_profiles/update_spec.rb
+2
-22
ee/spec/graphql/mutations/dast_site_profiles/create_spec.rb
ee/spec/graphql/mutations/dast_site_profiles/create_spec.rb
+2
-30
ee/spec/graphql/mutations/dast_site_profiles/delete_spec.rb
ee/spec/graphql/mutations/dast_site_profiles/delete_spec.rb
+2
-54
ee/spec/graphql/mutations/dast_site_profiles/update_spec.rb
ee/spec/graphql/mutations/dast_site_profiles/update_spec.rb
+2
-54
ee/spec/graphql/mutations/dast_site_tokens/create_spec.rb
ee/spec/graphql/mutations/dast_site_tokens/create_spec.rb
+2
-30
ee/spec/graphql/mutations/dast_site_validations/create_spec.rb
...ec/graphql/mutations/dast_site_validations/create_spec.rb
+2
-30
ee/spec/policies/dast_scanner_profile_policy_spec.rb
ee/spec/policies/dast_scanner_profile_policy_spec.rb
+9
-0
ee/spec/policies/dast_site_profile_policy_spec.rb
ee/spec/policies/dast_site_profile_policy_spec.rb
+2
-38
ee/spec/policies/dast_site_validation_policy_spec.rb
ee/spec/policies/dast_site_validation_policy_spec.rb
+2
-38
ee/spec/support/shared_examples/policies/dast_on_demand_scans_shared_examples.rb
...examples/policies/dast_on_demand_scans_shared_examples.rb
+75
-0
No files found.
ee/spec/graphql/mutations/dast_on_demand_scans/create_spec.rb
View file @
77fce7c0
...
...
@@ -16,6 +16,8 @@ RSpec.describe Mutations::DastOnDemandScans::Create do
stub_licensed_features
(
security_on_demand_scans:
true
)
end
specify
{
expect
(
described_class
).
to
require_graphql_authorizations
(
:create_on_demand_dast_scan
)
}
describe
'#resolve'
do
subject
do
mutation
.
resolve
(
...
...
@@ -33,52 +35,6 @@ RSpec.describe Mutations::DastOnDemandScans::Create do
end
end
context
'when the user is not associated with the project'
do
it
'raises an exception'
do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user is an owner'
do
it
'has no errors'
do
group
.
add_owner
(
user
)
expect
(
subject
[
:errors
]).
to
be_empty
end
end
context
'when the user is a maintainer'
do
it
'has no errors'
do
project
.
add_maintainer
(
user
)
expect
(
subject
[
:errors
]).
to
be_empty
end
end
context
'when the user is a developer'
do
it
'has no errors'
do
project
.
add_developer
(
user
)
expect
(
subject
[
:errors
]).
to
be_empty
end
end
context
'when the user is a reporter'
do
it
'raises an exception'
do
project
.
add_reporter
(
user
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user is a guest'
do
it
'raises an exception'
do
project
.
add_guest
(
user
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user can run a dast scan'
do
before
do
project
.
add_developer
(
user
)
...
...
@@ -152,14 +108,6 @@ RSpec.describe Mutations::DastOnDemandScans::Create do
end
end
end
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
end
end
end
...
...
ee/spec/graphql/mutations/dast_scanner_profiles/create_spec.rb
View file @
77fce7c0
...
...
@@ -16,6 +16,8 @@ RSpec.describe Mutations::DastScannerProfiles::Create do
stub_licensed_features
(
security_on_demand_scans:
true
)
end
specify
{
expect
(
described_class
).
to
require_graphql_authorizations
(
:create_on_demand_dast_scan
)
}
describe
'#resolve'
do
subject
do
mutation
.
resolve
(
...
...
@@ -35,12 +37,6 @@ RSpec.describe Mutations::DastScannerProfiles::Create do
end
end
context
'when the user is not associated with the project'
do
it
'raises an exception'
do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user can run a dast scan'
do
before
do
group
.
add_owner
(
user
)
...
...
@@ -83,14 +79,6 @@ RSpec.describe Mutations::DastScannerProfiles::Create do
expect
(
response
[
:errors
]).
to
include
(
'Name has already been taken'
)
end
end
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
end
end
end
ee/spec/graphql/mutations/dast_scanner_profiles/delete_spec.rb
View file @
77fce7c0
...
...
@@ -15,6 +15,8 @@ RSpec.describe Mutations::DastScannerProfiles::Delete do
stub_licensed_features
(
security_on_demand_scans:
true
)
end
specify
{
expect
(
described_class
).
to
require_graphql_authorizations
(
:create_on_demand_dast_scan
)
}
describe
'#resolve'
do
subject
do
mutation
.
resolve
(
...
...
@@ -54,14 +56,6 @@ RSpec.describe Mutations::DastScannerProfiles::Delete do
end
end
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when deletion fails'
do
it
'returns an error'
do
allow_next_instance_of
(
::
DastScannerProfiles
::
DestroyService
)
do
|
service
|
...
...
ee/spec/graphql/mutations/dast_scanner_profiles/update_spec.rb
View file @
77fce7c0
...
...
@@ -22,6 +22,8 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
stub_licensed_features
(
security_on_demand_scans:
true
)
end
specify
{
expect
(
described_class
).
to
require_graphql_authorizations
(
:create_on_demand_dast_scan
)
}
describe
'#resolve'
do
subject
do
mutation
.
resolve
(
...
...
@@ -47,20 +49,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
end
end
context
'when the user is not associated with the project'
do
it
'raises an exception'
do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when user can not run a DAST scan'
do
it
'raises an exception'
do
project
.
add_guest
(
user
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user can run a DAST scan'
do
before
do
project
.
add_developer
(
user
)
...
...
@@ -108,14 +96,6 @@ RSpec.describe Mutations::DastScannerProfiles::Update do
expect
(
subject
[
:errors
]).
to
include
(
'Scanner profile not found for given parameters'
)
end
end
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
end
end
end
...
...
ee/spec/graphql/mutations/dast_site_profiles/create_spec.rb
View file @
77fce7c0
...
...
@@ -17,6 +17,8 @@ RSpec.describe Mutations::DastSiteProfiles::Create do
stub_licensed_features
(
security_on_demand_scans:
true
)
end
specify
{
expect
(
described_class
).
to
require_graphql_authorizations
(
:create_on_demand_dast_scan
)
}
describe
'#resolve'
do
subject
do
mutation
.
resolve
(
...
...
@@ -35,28 +37,6 @@ RSpec.describe Mutations::DastSiteProfiles::Create do
end
end
context
'when the user is not associated with the project'
do
it
'raises an exception'
do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user is an owner'
do
it
'returns the dast_site_profile id'
do
group
.
add_owner
(
user
)
expect
(
subject
[
:id
]).
to
eq
(
dast_site_profile
.
to_global_id
)
end
end
context
'when the user is a maintainer'
do
it
'returns the dast_site_profile id'
do
project
.
add_maintainer
(
user
)
expect
(
subject
[
:id
]).
to
eq
(
dast_site_profile
.
to_global_id
)
end
end
context
'when the user can run a dast scan'
do
before
do
project
.
add_developer
(
user
)
...
...
@@ -89,14 +69,6 @@ RSpec.describe Mutations::DastSiteProfiles::Create do
expect
(
response
[
:errors
]).
to
include
(
'Name has already been taken'
)
end
end
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
end
end
end
...
...
ee/spec/graphql/mutations/dast_site_profiles/delete_spec.rb
View file @
77fce7c0
...
...
@@ -15,6 +15,8 @@ RSpec.describe Mutations::DastSiteProfiles::Delete do
stub_licensed_features
(
security_on_demand_scans:
true
)
end
specify
{
expect
(
described_class
).
to
require_graphql_authorizations
(
:create_on_demand_dast_scan
)
}
describe
'#resolve'
do
subject
do
mutation
.
resolve
(
...
...
@@ -32,52 +34,6 @@ RSpec.describe Mutations::DastSiteProfiles::Delete do
end
end
context
'when the user is not associated with the project'
do
it
'raises an exception'
do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user is an owner'
do
it
'has no errors'
do
group
.
add_owner
(
user
)
expect
(
subject
[
:errors
]).
to
be_empty
end
end
context
'when the user is a maintainer'
do
it
'has no errors'
do
project
.
add_maintainer
(
user
)
expect
(
subject
[
:errors
]).
to
be_empty
end
end
context
'when the user is a developer'
do
it
'has no errors'
do
project
.
add_developer
(
user
)
expect
(
subject
[
:errors
]).
to
be_empty
end
end
context
'when the user is a reporter'
do
it
'raises an exception'
do
project
.
add_reporter
(
user
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user is a guest'
do
it
'raises an exception'
do
project
.
add_guest
(
user
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user can run a dast scan'
do
before
do
project
.
add_developer
(
user
)
...
...
@@ -96,14 +52,6 @@ RSpec.describe Mutations::DastSiteProfiles::Delete do
expect
(
subject
[
:errors
]).
to
include
(
'Name is weird'
)
end
end
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
end
end
end
...
...
ee/spec/graphql/mutations/dast_site_profiles/update_spec.rb
View file @
77fce7c0
...
...
@@ -18,6 +18,8 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
stub_licensed_features
(
security_on_demand_scans:
true
)
end
specify
{
expect
(
described_class
).
to
require_graphql_authorizations
(
:create_on_demand_dast_scan
)
}
describe
'#resolve'
do
subject
do
mutation
.
resolve
(
...
...
@@ -37,52 +39,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
end
end
context
'when the user is not associated with the project'
do
it
'raises an exception'
do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user is an owner'
do
it
'has no errors'
do
group
.
add_owner
(
user
)
expect
(
subject
[
:errors
]).
to
be_empty
end
end
context
'when the user is a maintainer'
do
it
'has no errors'
do
project
.
add_maintainer
(
user
)
expect
(
subject
[
:errors
]).
to
be_empty
end
end
context
'when the user is a developer'
do
it
'has no errors'
do
project
.
add_developer
(
user
)
expect
(
subject
[
:errors
]).
to
be_empty
end
end
context
'when the user is a reporter'
do
it
'raises an exception'
do
project
.
add_reporter
(
user
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user is a guest'
do
it
'raises an exception'
do
project
.
add_guest
(
user
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user can run a dast scan'
do
before
do
project
.
add_developer
(
user
)
...
...
@@ -96,14 +52,6 @@ RSpec.describe Mutations::DastSiteProfiles::Update do
expect
(
dast_site_profile
.
dast_site
.
url
).
to
eq
(
new_target_url
)
end
end
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
end
end
end
...
...
ee/spec/graphql/mutations/dast_site_tokens/create_spec.rb
View file @
77fce7c0
...
...
@@ -18,6 +18,8 @@ RSpec.describe Mutations::DastSiteTokens::Create do
allow
(
SecureRandom
).
to
receive
(
:uuid
).
and_return
(
uuid
)
end
specify
{
expect
(
described_class
).
to
require_graphql_authorizations
(
:create_on_demand_dast_scan
)
}
describe
'#resolve'
do
subject
do
mutation
.
resolve
(
...
...
@@ -35,28 +37,6 @@ RSpec.describe Mutations::DastSiteTokens::Create do
end
end
context
'when the user is not associated with the project'
do
it
'raises an exception'
do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user is an owner'
do
it
'returns the dast_site_token id'
do
group
.
add_owner
(
user
)
expect
(
subject
[
:id
]).
to
eq
(
dast_site_token
.
to_global_id
)
end
end
context
'when the user is a maintainer'
do
it
'returns the dast_site_token id'
do
project
.
add_maintainer
(
user
)
expect
(
subject
[
:id
]).
to
eq
(
dast_site_token
.
to_global_id
)
end
end
context
'when the user can run a dast scan'
do
before
do
project
.
add_developer
(
user
)
...
...
@@ -94,14 +74,6 @@ RSpec.describe Mutations::DastSiteTokens::Create do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
end
end
end
...
...
ee/spec/graphql/mutations/dast_site_validations/create_spec.rb
View file @
77fce7c0
...
...
@@ -17,6 +17,8 @@ RSpec.describe Mutations::DastSiteValidations::Create do
stub_licensed_features
(
security_on_demand_scans:
true
)
end
specify
{
expect
(
described_class
).
to
require_graphql_authorizations
(
:create_on_demand_dast_scan
)
}
describe
'#resolve'
do
subject
do
mutation
.
resolve
(
...
...
@@ -36,28 +38,6 @@ RSpec.describe Mutations::DastSiteValidations::Create do
end
end
context
'when the user is not associated with the project'
do
it
'raises an exception'
do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when the user is an owner'
do
it
'returns the dast_site_validation id'
do
group
.
add_owner
(
user
)
expect
(
subject
[
:id
]).
to
eq
(
dast_site_validation
.
to_global_id
)
end
end
context
'when the user is a maintainer'
do
it
'returns the dast_site_validation id'
do
project
.
add_maintainer
(
user
)
expect
(
subject
[
:id
]).
to
eq
(
dast_site_validation
.
to_global_id
)
end
end
context
'when the user can run a dast scan'
do
before
do
project
.
add_developer
(
user
)
...
...
@@ -78,14 +58,6 @@ RSpec.describe Mutations::DastSiteValidations::Create do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
context
'when on demand scan licensed feature is not available'
do
it
'raises an exception'
do
stub_licensed_features
(
security_on_demand_scans:
false
)
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Graphql
::
Errors
::
ResourceNotAvailable
)
end
end
end
end
end
...
...
ee/spec/policies/dast_scanner_profile_policy_spec.rb
0 → 100644
View file @
77fce7c0
# frozen_string_literal: true
require
'spec_helper'
RSpec
.
describe
DastScannerProfilePolicy
do
it_behaves_like
'a dast on-demand scan policy'
do
let_it_be
(
:record
)
{
create
(
:dast_scanner_profile
,
project:
project
)
}
end
end
ee/spec/policies/dast_site_profile_policy_spec.rb
View file @
77fce7c0
...
...
@@ -3,43 +3,7 @@
require
'spec_helper'
RSpec
.
describe
DastSiteProfilePolicy
do
describe
'create_on_demand_dast_scan'
do
let
(
:dast_site_profile
)
{
create
(
:dast_site_profile
)
}
let
(
:project
)
{
dast_site_profile
.
project
}
let
(
:user
)
{
create
(
:user
)
}
subject
{
described_class
.
new
(
user
,
dast_site_profile
)
}
before
do
stub_licensed_features
(
security_on_demand_scans:
true
)
end
context
'when a user does not have access to the project'
do
it
{
is_expected
.
to
be_disallowed
(
:create_on_demand_dast_scan
)
}
end
context
'when a user does not have access to dast_site_profiles'
do
before
do
project
.
add_guest
(
user
)
end
it
{
is_expected
.
to
be_disallowed
(
:create_on_demand_dast_scan
)
}
end
context
'when a user has access dast_site_profiles'
do
before
do
project
.
add_developer
(
user
)
end
it
{
is_expected
.
to
be_allowed
(
:create_on_demand_dast_scan
)
}
context
'when on demand scan licensed feature is not available'
do
before
do
stub_licensed_features
(
security_on_demand_scans:
false
)
end
it
{
is_expected
.
to
be_disallowed
(
:create_on_demand_dast_scan
)
}
end
end
it_behaves_like
'a dast on-demand scan policy'
do
let_it_be
(
:record
)
{
create
(
:dast_site_profile
,
project:
project
)
}
end
end
ee/spec/policies/dast_site_validation_policy_spec.rb
View file @
77fce7c0
...
...
@@ -3,43 +3,7 @@
require
'spec_helper'
RSpec
.
describe
DastSiteValidationPolicy
do
describe
'create_on_demand_dast_scan'
do
let_it_be
(
:dast_site_validation
,
reload:
true
)
{
create
(
:dast_site_validation
)
}
let_it_be
(
:project
)
{
dast_site_validation
.
dast_site_token
.
project
}
let_it_be
(
:user
)
{
create
(
:user
)
}
subject
{
described_class
.
new
(
user
,
dast_site_validation
)
}
before
do
stub_licensed_features
(
security_on_demand_scans:
true
)
end
context
'when a user does not have access to the project'
do
it
{
is_expected
.
to
be_disallowed
(
:create_on_demand_dast_scan
)
}
end
context
'when a user does not have access to dast_site_validations'
do
before
do
project
.
add_guest
(
user
)
end
it
{
is_expected
.
to
be_disallowed
(
:create_on_demand_dast_scan
)
}
end
context
'when a user has access dast_site_validations'
do
before
do
project
.
add_developer
(
user
)
end
it
{
is_expected
.
to
be_allowed
(
:create_on_demand_dast_scan
)
}
context
'when on demand scan licensed feature is not available'
do
before
do
stub_licensed_features
(
security_on_demand_scans:
false
)
end
it
{
is_expected
.
to
be_disallowed
(
:create_on_demand_dast_scan
)
}
end
end
it_behaves_like
'a dast on-demand scan policy'
do
let_it_be
(
:record
)
{
create
(
:dast_site_validation
,
dast_site_token:
create
(
:dast_site_token
,
project:
project
))
}
end
end
ee/spec/support/shared_examples/policies/dast_on_demand_scans_shared_examples.rb
0 → 100644
View file @
77fce7c0
# frozen_string_literal: true
RSpec
.
shared_examples
'a dast on-demand scan policy'
do
let_it_be
(
:group
)
{
create
(
:group
)
}
let_it_be
(
:project
)
{
create
(
:project
,
group:
group
)
}
let_it_be
(
:user
)
{
create
(
:user
)
}
subject
{
described_class
.
new
(
user
,
record
)
}
before
do
stub_licensed_features
(
security_on_demand_scans:
true
)
end
describe
'create_on_demand_dast_scan'
do
context
'when a user does not have access to the project'
do
it
{
is_expected
.
to
be_disallowed
(
:create_on_demand_dast_scan
)
}
end
context
'when the user is a guest'
do
before
do
project
.
add_guest
(
user
)
end
it
{
is_expected
.
to
be_disallowed
(
:create_on_demand_dast_scan
)
}
end
context
'when the user is a reporter'
do
before
do
project
.
add_reporter
(
user
)
end
it
{
is_expected
.
to
be_disallowed
(
:create_on_demand_dast_scan
)
}
end
context
'when the user is a developer'
do
before
do
project
.
add_developer
(
user
)
end
it
{
is_expected
.
to
be_allowed
(
:create_on_demand_dast_scan
)
}
end
context
'when the user is a maintainer'
do
before
do
project
.
add_maintainer
(
user
)
end
it
{
is_expected
.
to
be_allowed
(
:create_on_demand_dast_scan
)
}
end
context
'when the user is an owner'
do
before
do
group
.
add_owner
(
user
)
end
it
{
is_expected
.
to
be_allowed
(
:create_on_demand_dast_scan
)
}
end
context
'when the user is allowed'
do
before
do
project
.
add_developer
(
user
)
end
context
'when on demand scan licensed feature is not available'
do
let
(
:project
)
{
create
(
:project
,
group:
group
)
}
# allows license stub to work correctly
before
do
stub_licensed_features
(
security_on_demand_scans:
false
)
end
it
{
is_expected
.
to
be_disallowed
(
:create_on_demand_dast_scan
)
}
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment