Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
79110987
Commit
79110987
authored
May 13, 2020
by
Mehmet Emin INAC
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Extend the group policy with `create_vulnerability_export` ability
parent
66f19537
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
14 additions
and
10 deletions
+14
-10
ee/app/policies/ee/group_policy.rb
ee/app/policies/ee/group_policy.rb
+2
-0
ee/spec/policies/group_policy_spec.rb
ee/spec/policies/group_policy_spec.rb
+12
-10
No files found.
ee/app/policies/ee/group_policy.rb
View file @
79110987
...
...
@@ -178,6 +178,8 @@ module EE
rule
{
security_dashboard_enabled
&
developer
}.
enable
:read_group_security_dashboard
rule
{
can?
(
:read_group_security_dashboard
)
}.
enable
:create_vulnerability_export
rule
{
admin
|
owner
}.
policy
do
enable
:read_group_compliance_dashboard
enable
:read_group_credentials_inventory
...
...
ee/spec/policies/group_policy_spec.rb
View file @
79110987
...
...
@@ -581,7 +581,9 @@ describe GroupPolicy do
end
end
describe
'read_group_security_dashboard'
do
describe
'read_group_security_dashboard & create_vulnerability_export'
do
let
(
:abilities
)
{
%i(read_group_security_dashboard create_vulnerability_export)
}
before
do
stub_licensed_features
(
security_dashboard:
true
)
end
...
...
@@ -589,57 +591,57 @@ describe GroupPolicy do
context
'with admin'
do
let
(
:current_user
)
{
admin
}
it
{
is_expected
.
to
be_allowed
(
:read_group_security_dashboard
)
}
it
{
is_expected
.
to
be_allowed
(
*
abilities
)
}
end
context
'with owner'
do
let
(
:current_user
)
{
owner
}
it
{
is_expected
.
to
be_allowed
(
:read_group_security_dashboard
)
}
it
{
is_expected
.
to
be_allowed
(
*
abilities
)
}
end
context
'with maintainer'
do
let
(
:current_user
)
{
maintainer
}
it
{
is_expected
.
to
be_allowed
(
:read_group_security_dashboard
)
}
it
{
is_expected
.
to
be_allowed
(
*
abilities
)
}
end
context
'with developer'
do
let
(
:current_user
)
{
developer
}
it
{
is_expected
.
to
be_allowed
(
:read_group_security_dashboard
)
}
it
{
is_expected
.
to
be_allowed
(
*
abilities
)
}
context
'when security dashboard features is not available'
do
before
do
stub_licensed_features
(
security_dashboard:
false
)
end
it
{
is_expected
.
to
be_disallowed
(
:read_group_security_dashboard
)
}
it
{
is_expected
.
to
be_disallowed
(
*
abilities
)
}
end
end
context
'with reporter'
do
let
(
:current_user
)
{
reporter
}
it
{
is_expected
.
to
be_disallowed
(
:read_group_security_dashboard
)
}
it
{
is_expected
.
to
be_disallowed
(
*
abilities
)
}
end
context
'with guest'
do
let
(
:current_user
)
{
guest
}
it
{
is_expected
.
to
be_disallowed
(
:read_group_security_dashboard
)
}
it
{
is_expected
.
to
be_disallowed
(
*
abilities
)
}
end
context
'with non member'
do
let
(
:current_user
)
{
create
(
:user
)
}
it
{
is_expected
.
to
be_disallowed
(
:read_group_security_dashboard
)
}
it
{
is_expected
.
to
be_disallowed
(
*
abilities
)
}
end
context
'with anonymous'
do
let
(
:current_user
)
{
nil
}
it
{
is_expected
.
to
be_disallowed
(
:read_group_security_dashboard
)
}
it
{
is_expected
.
to
be_disallowed
(
*
abilities
)
}
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
