diff options
author | tiagonbotelho <tiagonbotelho@hotmail.com> | 2016-08-01 12:06:57 +0300 |
---|---|---|
committer | tiagonbotelho <tiagonbotelho@hotmail.com> | 2016-08-02 06:17:32 +0300 |
commit | edc5f4018e45327421e112de18d53bfbdabd38f9 (patch) | |
tree | 812e61a4476ec8028214bb315cd0eb3754065862 /spec/lib/gitlab/user_access_spec.rb | |
parent | 957331bf45e33c5d1ca0331ca6acb56fc8ecdb92 (diff) |
developer cannot push to protected branch when project is empty or he has not been granted permission to do so
Diffstat (limited to 'spec/lib/gitlab/user_access_spec.rb')
-rw-r--r-- | spec/lib/gitlab/user_access_spec.rb | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/spec/lib/gitlab/user_access_spec.rb b/spec/lib/gitlab/user_access_spec.rb index 5bb095366fa..26918f7b82d 100644 --- a/spec/lib/gitlab/user_access_spec.rb +++ b/spec/lib/gitlab/user_access_spec.rb @@ -23,6 +23,45 @@ describe Gitlab::UserAccess, lib: true do end end + describe 'push to empty project' do + let(:empty_project) { create(:project_empty_repo) } + let(:project_access) { Gitlab::UserAccess.new(user, project: empty_project) } + + it 'returns true if user is master' do + empty_project.team << [user, :master] + + expect(project_access.can_push_to_branch?('master')).to be_truthy + end + + it 'returns false if user is developer and project is fully protected' do + empty_project.team << [user, :developer] + stub_application_setting(default_branch_protection: Gitlab::Access::PROTECTION_FULL) + + expect(project_access.can_push_to_branch?('master')).to be_falsey + end + + it 'returns false if user is developer and it is not allowed to push new commits but can merge into branch' do + empty_project.team << [user, :developer] + stub_application_setting(default_branch_protection: Gitlab::Access::PROTECTION_DEV_CAN_MERGE) + + expect(project_access.can_push_to_branch?('master')).to be_falsey + end + + it 'returns true if user is developer and project is unprotected' do + empty_project.team << [user, :developer] + stub_application_setting(default_branch_protection: Gitlab::Access::PROTECTION_NONE) + + expect(project_access.can_push_to_branch?('master')).to be_truthy + end + + it 'returns true if user is developer and project grants developers permission' do + empty_project.team << [user, :developer] + stub_application_setting(default_branch_protection: Gitlab::Access::PROTECTION_DEV_CAN_PUSH) + + expect(project_access.can_push_to_branch?('master')).to be_truthy + end + end + describe 'push to protected branch' do let(:branch) { create :protected_branch, project: project } |