diff options
| author | Fabio Papa <fabtheman@gmail.com> | 2019-06-26 07:59:10 +0300 |
|---|---|---|
| committer | Fabio Papa <fabtheman@gmail.com> | 2019-07-19 21:55:45 +0300 |
| commit | 7d061212b12a400acfa9c8f34e022e352e77cb64 (patch) | |
| tree | d5fcfa6d322456099a5c5780ce3b616265c1b570 /spec/policies/group_policy_spec.rb | |
| parent | e6e672f049aa887cc4765eb9dfd9f7ac320d5188 (diff) | |
Add examples specing the setting to choose who can create subgroups
This setting is at the group level only. The default is specified to
be maintainers and owners.
**Specs only**, all failing.
Diffstat (limited to 'spec/policies/group_policy_spec.rb')
| -rw-r--r-- | spec/policies/group_policy_spec.rb | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb index 59f3a961d50..aed9a8e34ff 100644 --- a/spec/policies/group_policy_spec.rb +++ b/spec/policies/group_policy_spec.rb @@ -163,6 +163,18 @@ describe GroupPolicy do expect_allowed(*updated_owner_permissions) end end + + context 'maintainer' do + let(:current_user) { maintainer } + + it 'allows every maintainer permission except creating subgroups' do + create_subgroup_permission = [:create_subgroup] + updated_maintainer_permissions = maintainer_permissions - create_subgroup_permission + + expect_disallowed(*create_subgroup_permission) + expect_allowed(*updated_maintainer_permissions) + end + end end describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do @@ -461,6 +473,64 @@ describe GroupPolicy do end end + context "create_subgroup" do + context 'when group has subgroup creation level set to owner' do + let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) } + + context 'reporter' do + let(:current_user) { reporter } + + it { is_expected.to be_disallowed(:create_subgroup) } + end + + context 'developer' do + let(:current_user) { developer } + + it { is_expected.to be_disallowed(:create_subgroup) } + end + + context 'maintainer' do + let(:current_user) { maintainer } + + it { is_expected.to be_disallowed(:create_subgroup) } + end + + context 'owner' do + let(:current_user) { owner } + + it { is_expected.to be_allowed(:create_subgroup) } + end + end + + context 'when group has subgroup creation level set to maintainer' do + let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) } + + context 'reporter' do + let(:current_user) { reporter } + + it { is_expected.to be_disallowed(:create_subgroup) } + end + + context 'developer' do + let(:current_user) { developer } + + it { is_expected.to be_disallowed(:create_subgroup) } + end + + context 'maintainer' do + let(:current_user) { maintainer } + + it { is_expected.to be_allowed(:create_subgroup) } + end + + context 'owner' do + let(:current_user) { owner } + + it { is_expected.to be_allowed(:create_subgroup) } + end + end + end + it_behaves_like 'clusterable policies' do let(:clusterable) { create(:group) } let(:cluster) do |