Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
9fe7f0c7
Commit
9fe7f0c7
authored
Jun 30, 2017
by
Shinya Maeda
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Improved AccessMatchers and tests
parent
c023bbbb
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
26 additions
and
6 deletions
+26
-6
spec/controllers/projects/pipeline_schedules_controller_spec.rb
...ontrollers/projects/pipeline_schedules_controller_spec.rb
+3
-3
spec/support/matchers/access_matchers_for_controller.rb
spec/support/matchers/access_matchers_for_controller.rb
+23
-3
No files found.
spec/controllers/projects/pipeline_schedules_controller_spec.rb
View file @
9fe7f0c7
...
...
@@ -357,7 +357,7 @@ describe Projects::PipelineSchedulesController do
it
{
expect
{
go
}.
to
be_allowed_for
(
:admin
)
}
it
{
expect
{
go
}.
to
be_allowed_for
(
:owner
).
of
(
project
)
}
it
{
expect
{
go
}.
to
be_allowed_for
(
:master
).
of
(
project
)
}
# it { expect { go }.to be_allowed_for(:developer).of(project
) }
it
{
expect
{
go
}.
to
be_allowed_for
(
:developer
).
of
(
project
).
own
([
pipeline_schedule
]
)
}
it
{
expect
{
go
}.
to
be_denied_for
(
:reporter
).
of
(
project
)
}
it
{
expect
{
go
}.
to
be_denied_for
(
:guest
).
of
(
project
)
}
it
{
expect
{
go
}.
to
be_denied_for
(
:user
)
}
...
...
@@ -420,7 +420,7 @@ describe Projects::PipelineSchedulesController do
it
{
expect
{
go
}.
to
be_allowed_for
(
:admin
)
}
it
{
expect
{
go
}.
to
be_allowed_for
(
:owner
).
of
(
project
)
}
it
{
expect
{
go
}.
to
be_allowed_for
(
:master
).
of
(
project
)
}
# it { expect { go }.to be_allowed_for(:developer).of(project
) }
it
{
expect
{
go
}.
to
be_allowed_for
(
:developer
).
of
(
project
).
own
([
pipeline_schedule
]
)
}
it
{
expect
{
go
}.
to
be_denied_for
(
:reporter
).
of
(
project
)
}
it
{
expect
{
go
}.
to
be_denied_for
(
:guest
).
of
(
project
)
}
it
{
expect
{
go
}.
to
be_denied_for
(
:user
)
}
...
...
@@ -438,7 +438,7 @@ describe Projects::PipelineSchedulesController do
it
{
expect
{
go
}.
to
be_allowed_for
(
:admin
)
}
it
{
expect
{
go
}.
to
be_allowed_for
(
:owner
).
of
(
project
)
}
it
{
expect
{
go
}.
to
be_allowed_for
(
:master
).
of
(
project
)
}
# it { expect { go }.to be_allowed_for(:developer).of(project
) }
it
{
expect
{
go
}.
to
be_allowed_for
(
:developer
).
of
(
project
).
own
([
pipeline_schedule
]
)
}
it
{
expect
{
go
}.
to
be_denied_for
(
:reporter
).
of
(
project
)
}
it
{
expect
{
go
}.
to
be_denied_for
(
:guest
).
of
(
project
)
}
it
{
expect
{
go
}.
to
be_denied_for
(
:user
)
}
...
...
spec/support/matchers/access_matchers_for_controller.rb
View file @
9fe7f0c7
...
...
@@ -50,9 +50,24 @@ module AccessMatchersForController
"be
#{
type
}
for
#{
role
}
. Expected:
#{
expected
.
join
(
','
)
}
Got:
#{
result
}
"
end
def
update_owner
(
objects
,
user
)
return
unless
objects
objects
.
each
do
|
object
|
if
object
.
respond_to?
(
:owner
)
object
.
update_attribute
(
:owner
,
user
)
elsif
object
.
respond_to?
(
:user
)
object
.
update_attribute
(
:user
,
user
)
else
raise
ArgumentError
,
"cannot own this object
#{
object
}
"
end
end
end
matcher
:be_allowed_for
do
|
role
|
match
do
|
action
|
emulate_user
(
role
,
@membership
)
match
do
|
action
,
&
block
|
user
=
emulate_user
(
role
,
@membership
)
update_owner
(
@objects
,
user
)
action
.
call
EXPECTED_STATUS_CODE_ALLOWED
.
include?
(
response
.
status
)
...
...
@@ -62,13 +77,18 @@ module AccessMatchersForController
@membership
=
membership
end
chain
:own
do
|
objects
|
@objects
=
objects
end
description
{
description_for
(
role
,
'allowed'
,
EXPECTED_STATUS_CODE_ALLOWED
,
response
.
status
)
}
supports_block_expectations
end
matcher
:be_denied_for
do
|
role
|
match
do
|
action
|
emulate_user
(
role
,
@membership
)
user
=
emulate_user
(
role
,
@membership
)
update_owner
(
@objects
,
user
)
action
.
call
EXPECTED_STATUS_CODE_DENIED
.
include?
(
response
.
status
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment