Skip to content

G
gitlab-ce
Commit dabad744 authored by James Lopez's avatar James Lopez
Browse files
Options

Merge branch '262094-fix-group-repository-analytics' into 'master' 

Disallow guest access for group repository analytics

See merge request gitlab-org/gitlab!44721
parents 57cdcf33 0525692d
Hide whitespace changes
Inline Side-by-side
Showing with 19 additions and 6 deletions
ee/app/policies/ee/group_policy.rb
View file @ dabad744
...@@ -140,7 +140,7 @@ module EE ...@@ -140,7 +140,7 @@ module EE
rule { has_access & group_activity_analytics_available } rule { has_access & group_activity_analytics_available }
.enable :read_group_activity_analytics .enable :read_group_activity_analytics
rule { has_access & group_repository_analytics_available } rule { reporter & group_repository_analytics_available }
.enable :read_group_repository_analytics .enable :read_group_repository_analytics
rule { reporter & group_merge_request_analytics_available } rule { reporter & group_merge_request_analytics_available }
......
ee/changelogs/unreleased/262094-fix-group-repository-analytics.yml 0 → 100644
View file @ dabad744
---
title: Disallow guest access for group repository analytics
merge_request: 44721
author:
type: fixed
ee/spec/controllers/groups/analytics/repository_analytics_controller_spec.rb
View file @ dabad744
...@@ -17,7 +17,7 @@ RSpec.describe Groups::Analytics::RepositoryAnalyticsController do ...@@ -17,7 +17,7 @@ RSpec.describe Groups::Analytics::RepositoryAnalyticsController do
subject { get :show, params: { group_id: group } } subject { get :show, params: { group_id: group } }
before do before do
group.add_guest(current_user) group.add_reporter(current_user)
end end
specify { is_expected.to have_gitlab_http_status(:success) } specify { is_expected.to have_gitlab_http_status(:success) }
......
ee/spec/policies/group_policy_spec.rb
View file @ dabad744
...@@ -199,17 +199,25 @@ RSpec.describe GroupPolicy do ...@@ -199,17 +199,25 @@ RSpec.describe GroupPolicy do
end end
context 'when group repository analytics is available' do context 'when group repository analytics is available' do
let(:current_user) { guest }
before do before do
stub_licensed_features(group_repository_analytics: true) stub_licensed_features(group_repository_analytics: true)
end end
it { is_expected.to be_allowed(:read_group_repository_analytics) } context 'for guests' do
let(:current_user) { guest }
it { is_expected.not_to be_allowed(:read_group_repository_analytics) }
end
context 'for reporter+' do
let(:current_user) { reporter }
it { is_expected.to be_allowed(:read_group_repository_analytics) }
end
end end
context 'when group repository analytics is not available' do context 'when group repository analytics is not available' do
let(:current_user) { guest } let(:current_user) { admin }
before do before do
stub_licensed_features(group_repository_analytics: false) stub_licensed_features(group_repository_analytics: false)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7