diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-26 09:09:25 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-26 09:09:25 +0300 |
| commit | 8759459c84757589002830279dfe3872ffc852bd (patch) | |
| tree | c7eb8b77a10db86f7cead8301d21650e628021d8 /spec/models/clusters | |
| parent | 77da08b6e8159daae9b352082bad0c55a003994f (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/models/clusters')
| -rw-r--r-- | spec/models/clusters/agent_spec.rb | 73 |
1 files changed, 72 insertions, 1 deletions
diff --git a/spec/models/clusters/agent_spec.rb b/spec/models/clusters/agent_spec.rb index df8ad861aff..2c560b992c1 100644 --- a/spec/models/clusters/agent_spec.rb +++ b/spec/models/clusters/agent_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Clusters::Agent do +RSpec.describe Clusters::Agent, feature_category: :deployment_management do subject { create(:cluster_agent) } it { is_expected.to belong_to(:created_by_user).class_name('User').optional } @@ -163,4 +163,75 @@ RSpec.describe Clusters::Agent do it { is_expected.to be_like_time(event2.recorded_at) } end + + describe '#ci_access_authorized_for?' do + using RSpec::Parameterized::TableSyntax + + let_it_be(:organization) { create(:group) } + let_it_be(:agent_management_project) { create(:project, group: organization) } + let_it_be(:agent) { create(:cluster_agent, project: agent_management_project) } + let_it_be(:deployment_project) { create(:project, group: organization) } + + let(:user) { create(:user) } + + subject { agent.ci_access_authorized_for?(user) } + + it { is_expected.to eq(false) } + + context 'with project-level authorization' do + let!(:authorization) { create(:agent_ci_access_project_authorization, agent: agent, project: deployment_project) } + + where(:user_role, :allowed) do + :guest | false + :reporter | false + :developer | true + :maintainer | true + :owner | true + end + + with_them do + before do + deployment_project.add_member(user, user_role) + end + + it { is_expected.to eq(allowed) } + end + + context 'when expose_authorized_cluster_agents feature flag is disabled' do + before do + stub_feature_flags(expose_authorized_cluster_agents: false) + end + + it { is_expected.to eq(false) } + end + end + + context 'with group-level authorization' do + let!(:authorization) { create(:agent_ci_access_group_authorization, agent: agent, group: organization) } + + where(:user_role, :allowed) do + :guest | false + :reporter | false + :developer | true + :maintainer | true + :owner | true + end + + with_them do + before do + organization.add_member(user, user_role) + end + + it { is_expected.to eq(allowed) } + end + + context 'when expose_authorized_cluster_agents feature flag is disabled' do + before do + stub_feature_flags(expose_authorized_cluster_agents: false) + end + + it { is_expected.to eq(false) } + end + end + end end |