Commit a3601446 authored by Mikolaj Wawrzyniak's avatar Mikolaj Wawrzyniak

Add additional abilites to ProjectPolicy

To better authorize user actions related to
metrics_user_starred_dashboard records we need to add dedicated
abilities to project policy.
parent baa0c3d7
...@@ -269,6 +269,8 @@ class ProjectPolicy < BasePolicy ...@@ -269,6 +269,8 @@ class ProjectPolicy < BasePolicy
enable :read_prometheus enable :read_prometheus
enable :read_environment enable :read_environment
enable :read_deployment enable :read_deployment
enable :create_metrics_user_starred_dashboard
enable :read_metrics_user_starred_dashboard
end end
rule { owner | admin | guest | group_member }.prevent :request_access rule { owner | admin | guest | group_member }.prevent :request_access
......
...@@ -501,6 +501,8 @@ describe ProjectPolicy do ...@@ -501,6 +501,8 @@ describe ProjectPolicy do
it { is_expected.to be_allowed(:metrics_dashboard) } it { is_expected.to be_allowed(:metrics_dashboard) }
it { is_expected.to be_allowed(:read_prometheus) } it { is_expected.to be_allowed(:read_prometheus) }
it { is_expected.to be_allowed(:read_deployment) } it { is_expected.to be_allowed(:read_deployment) }
it { is_expected.to be_allowed(:read_metrics_user_starred_dashboard) }
it { is_expected.to be_allowed(:create_metrics_user_starred_dashboard) }
end end
context 'with guest' do context 'with guest' do
...@@ -527,6 +529,8 @@ describe ProjectPolicy do ...@@ -527,6 +529,8 @@ describe ProjectPolicy do
it { is_expected.to be_allowed(:metrics_dashboard) } it { is_expected.to be_allowed(:metrics_dashboard) }
it { is_expected.to be_allowed(:read_prometheus) } it { is_expected.to be_allowed(:read_prometheus) }
it { is_expected.to be_allowed(:read_deployment) } it { is_expected.to be_allowed(:read_deployment) }
it { is_expected.to be_allowed(:read_metrics_user_starred_dashboard) }
it { is_expected.to be_allowed(:create_metrics_user_starred_dashboard) }
end end
context 'with guest' do context 'with guest' do
...@@ -535,6 +539,8 @@ describe ProjectPolicy do ...@@ -535,6 +539,8 @@ describe ProjectPolicy do
it { is_expected.to be_allowed(:metrics_dashboard) } it { is_expected.to be_allowed(:metrics_dashboard) }
it { is_expected.to be_allowed(:read_prometheus) } it { is_expected.to be_allowed(:read_prometheus) }
it { is_expected.to be_allowed(:read_deployment) } it { is_expected.to be_allowed(:read_deployment) }
it { is_expected.to be_allowed(:read_metrics_user_starred_dashboard) }
it { is_expected.to be_allowed(:create_metrics_user_starred_dashboard) }
end end
context 'with anonymous' do context 'with anonymous' do
...@@ -543,6 +549,8 @@ describe ProjectPolicy do ...@@ -543,6 +549,8 @@ describe ProjectPolicy do
it { is_expected.to be_allowed(:metrics_dashboard) } it { is_expected.to be_allowed(:metrics_dashboard) }
it { is_expected.to be_allowed(:read_prometheus) } it { is_expected.to be_allowed(:read_prometheus) }
it { is_expected.to be_allowed(:read_deployment) } it { is_expected.to be_allowed(:read_deployment) }
it { is_expected.to be_allowed(:read_metrics_user_starred_dashboard) }
it { is_expected.to be_allowed(:create_metrics_user_starred_dashboard) }
end end
end end
end end
...@@ -557,6 +565,8 @@ describe ProjectPolicy do ...@@ -557,6 +565,8 @@ describe ProjectPolicy do
it { is_expected.to be_allowed(:metrics_dashboard) } it { is_expected.to be_allowed(:metrics_dashboard) }
it { is_expected.to be_allowed(:read_prometheus) } it { is_expected.to be_allowed(:read_prometheus) }
it { is_expected.to be_allowed(:read_deployment) } it { is_expected.to be_allowed(:read_deployment) }
it { is_expected.to be_allowed(:read_metrics_user_starred_dashboard) }
it { is_expected.to be_allowed(:create_metrics_user_starred_dashboard) }
end end
context 'with guest' do context 'with guest' do
...@@ -583,6 +593,8 @@ describe ProjectPolicy do ...@@ -583,6 +593,8 @@ describe ProjectPolicy do
it { is_expected.to be_allowed(:metrics_dashboard) } it { is_expected.to be_allowed(:metrics_dashboard) }
it { is_expected.to be_allowed(:read_prometheus) } it { is_expected.to be_allowed(:read_prometheus) }
it { is_expected.to be_allowed(:read_deployment) } it { is_expected.to be_allowed(:read_deployment) }
it { is_expected.to be_allowed(:read_metrics_user_starred_dashboard) }
it { is_expected.to be_allowed(:create_metrics_user_starred_dashboard) }
end end
context 'with guest' do context 'with guest' do
...@@ -591,6 +603,8 @@ describe ProjectPolicy do ...@@ -591,6 +603,8 @@ describe ProjectPolicy do
it { is_expected.to be_allowed(:metrics_dashboard) } it { is_expected.to be_allowed(:metrics_dashboard) }
it { is_expected.to be_allowed(:read_prometheus) } it { is_expected.to be_allowed(:read_prometheus) }
it { is_expected.to be_allowed(:read_deployment) } it { is_expected.to be_allowed(:read_deployment) }
it { is_expected.to be_allowed(:read_metrics_user_starred_dashboard) }
it { is_expected.to be_allowed(:create_metrics_user_starred_dashboard) }
end end
context 'with anonymous' do context 'with anonymous' do
...@@ -611,6 +625,8 @@ describe ProjectPolicy do ...@@ -611,6 +625,8 @@ describe ProjectPolicy do
it { is_expected.to be_allowed(:metrics_dashboard) } it { is_expected.to be_allowed(:metrics_dashboard) }
it { is_expected.to be_allowed(:read_prometheus) } it { is_expected.to be_allowed(:read_prometheus) }
it { is_expected.to be_allowed(:read_deployment) } it { is_expected.to be_allowed(:read_deployment) }
it { is_expected.to be_allowed(:read_metrics_user_starred_dashboard) }
it { is_expected.to be_allowed(:create_metrics_user_starred_dashboard) }
end end
context 'with guest' do context 'with guest' do
...@@ -633,6 +649,8 @@ describe ProjectPolicy do ...@@ -633,6 +649,8 @@ describe ProjectPolicy do
it { is_expected.to be_allowed(:metrics_dashboard) } it { is_expected.to be_allowed(:metrics_dashboard) }
it { is_expected.to be_allowed(:read_prometheus) } it { is_expected.to be_allowed(:read_prometheus) }
it { is_expected.to be_allowed(:read_deployment) } it { is_expected.to be_allowed(:read_deployment) }
it { is_expected.to be_allowed(:read_metrics_user_starred_dashboard) }
it { is_expected.to be_allowed(:create_metrics_user_starred_dashboard) }
end end
context 'with guest' do context 'with guest' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment