developer cannot push to protected branch when project is empty or he has not been granted permission to do so

author: tiagonbotelho <tiagonbotelho@hotmail.com> 2016-08-01 12:06:57 +0300
committer: tiagonbotelho <tiagonbotelho@hotmail.com> 2016-08-02 06:17:32 +0300
commit: edc5f4018e45327421e112de18d53bfbdabd38f9 (patch)
tree: 812e61a4476ec8028214bb315cd0eb3754065862 /spec/lib/gitlab/user_access_spec.rb
parent: 957331bf45e33c5d1ca0331ca6acb56fc8ecdb92 (diff)
1 files changed, 39 insertions, 0 deletions
diff --git a/spec/lib/gitlab/user_access_spec.rb b/spec/lib/gitlab/user_access_spec.rb
index 5bb095366fa..26918f7b82d 100644
--- a/spec/lib/gitlab/user_access_spec.rb
+++ b/spec/lib/gitlab/user_access_spec.rb
@@ -23,6 +23,45 @@ describe Gitlab::UserAccess, lib: true do
       end
     end
 
+    describe 'push to empty project' do
+      let(:empty_project) { create(:project_empty_repo) }
+      let(:project_access) { Gitlab::UserAccess.new(user, project: empty_project) }
+
+      it 'returns true if user is master' do
+        empty_project.team << [user, :master]
+
+        expect(project_access.can_push_to_branch?('master')).to be_truthy
+      end
+
+      it 'returns false if user is developer and project is fully protected' do
+        empty_project.team << [user, :developer]
+        stub_application_setting(default_branch_protection: Gitlab::Access::PROTECTION_FULL)
+
+        expect(project_access.can_push_to_branch?('master')).to be_falsey
+      end
+
+      it 'returns false if user is developer and it is not allowed to push new commits but can merge into branch' do
+        empty_project.team << [user, :developer]
+        stub_application_setting(default_branch_protection: Gitlab::Access::PROTECTION_DEV_CAN_MERGE)
+
+        expect(project_access.can_push_to_branch?('master')).to be_falsey
+      end
+
+      it 'returns true if user is developer and project is unprotected' do
+        empty_project.team << [user, :developer]
+        stub_application_setting(default_branch_protection: Gitlab::Access::PROTECTION_NONE)
+
+        expect(project_access.can_push_to_branch?('master')).to be_truthy
+      end
+
+      it 'returns true if user is developer and project grants developers permission' do
+        empty_project.team << [user, :developer]
+        stub_application_setting(default_branch_protection: Gitlab::Access::PROTECTION_DEV_CAN_PUSH)
+
+        expect(project_access.can_push_to_branch?('master')).to be_truthy
+      end
+    end
+
     describe 'push to protected branch' do
       let(:branch) { create :protected_branch, project: project }
author	tiagonbotelho <tiagonbotelho@hotmail.com>	2016-08-01 12:06:57 +0300
committer	tiagonbotelho <tiagonbotelho@hotmail.com>	2016-08-02 06:17:32 +0300
commit	edc5f4018e45327421e112de18d53bfbdabd38f9 (patch)
tree	812e61a4476ec8028214bb315cd0eb3754065862 /spec/lib/gitlab/user_access_spec.rb
parent	957331bf45e33c5d1ca0331ca6acb56fc8ecdb92 (diff)