Skip to content

G
gitlab-ce
Commit c70a6991 authored by Serena Fang's avatar Serena Fang
Browse files
Options

Add specs for read and destroy tokens

parent 11d2b257
Hide whitespace changes
Inline Side-by-side
Showing with 32 additions and 0 deletions
app/policies/project_policy.rb
View file @ c70a6991
......@@ -644,6 +644,10 @@ class ProjectPolicy < BasePolicy
enable :create_resource_access_tokens
end
rule { can?(:project_bot_access) }.policy do
prevent :create_resource_access_tokens
end
rule { user_defined_variables_allowed | can?(:maintainer_access) }.policy do
enable :set_pipeline_variables
end
......
spec/support/shared_examples/policies/resource_access_token_shared_examples.rb
View file @ c70a6991
......@@ -18,6 +18,34 @@ RSpec.shared_examples 'Self-managed Core resource access tokens' do
it { is_expected.not_to be_allowed(:create_resource_access_tokens) }
end
end
context 'read resource access tokens' do
context 'with owner' do
let(:current_user) { owner }
it { is_expected.to be_allowed(:read_resource_access_tokens) }
end
context 'with developer' do
let(:current_user) { developer }
it { is_expected.not_to be_allowed(:read_resource_access_tokens) }
end
end
context 'destroy resource access tokens' do
context 'with owner' do
let(:current_user) { owner }
it { is_expected.to be_allowed(:destroy_resource_access_tokens) }
end
context 'with developer' do
let(:current_user) { developer }
it { is_expected.not_to be_allowed(:destroy_resource_access_tokens) }
end
end
end
RSpec.shared_examples 'GitLab.com Core resource access tokens' do
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7