diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-01-08 03:14:32 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-01-08 03:14:32 +0300 |
| commit | c00e3e49ef33b44d5fe1bd34a396bb3dfe2cca65 (patch) | |
| tree | e080a70e32591045f6f11a5c15d3fd4948bc3494 /spec/policies/group_policy_spec.rb | |
| parent | f0b862a98200720a23fe3ed2807f4bb911f30d6d (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/policies/group_policy_spec.rb')
| -rw-r--r-- | spec/policies/group_policy_spec.rb | 59 |
1 files changed, 56 insertions, 3 deletions
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb index 7822ee2b92e..08fc8d2e77c 100644 --- a/spec/policies/group_policy_spec.rb +++ b/spec/policies/group_policy_spec.rb @@ -6,7 +6,7 @@ RSpec.describe GroupPolicy do include_context 'GroupPolicy context' context 'public group with no user' do - let(:group) { create(:group, :public) } + let(:group) { create(:group, :public, :crm_enabled) } let(:current_user) { nil } it do @@ -975,7 +975,7 @@ RSpec.describe GroupPolicy do it { expect_disallowed(:read_label) } context 'when group hierarchy has a project with service desk enabled' do - let_it_be(:subgroup) { create(:group, :private, parent: group)} + let_it_be(:subgroup) { create(:group, :private, parent: group) } let_it_be(:project) { create(:project, group: subgroup, service_desk_enabled: true) } it { expect_allowed(:read_label) } @@ -983,6 +983,49 @@ RSpec.describe GroupPolicy do end end + context "project bots" do + let(:project_bot) { create(:user, :project_bot) } + let(:user) { create(:user) } + + context "project_bot_access" do + context "when regular user and part of the group" do + let(:current_user) { user } + + before do + group.add_developer(user) + end + + it { is_expected.not_to be_allowed(:project_bot_access) } + end + + context "when project bot and not part of the project" do + let(:current_user) { project_bot } + + it { is_expected.not_to be_allowed(:project_bot_access) } + end + + context "when project bot and part of the project" do + let(:current_user) { project_bot } + + before do + group.add_developer(project_bot) + end + + it { is_expected.to be_allowed(:project_bot_access) } + end + end + + context 'with resource access tokens' do + let(:current_user) { project_bot } + + before do + group.add_maintainer(project_bot) + end + + it { is_expected.not_to be_allowed(:create_resource_access_tokens) } + end + end + describe 'update_runners_registration_token' do context 'admin' do let(:current_user) { admin } @@ -1113,7 +1156,7 @@ RSpec.describe GroupPolicy do end end - context 'with customer_relations feature flag disabled' do + context 'with customer relations feature flag disabled' do let(:current_user) { owner } before do @@ -1125,4 +1168,14 @@ RSpec.describe GroupPolicy do it { is_expected.to be_disallowed(:admin_crm_contact) } it { is_expected.to be_disallowed(:admin_crm_organization) } end + + context 'when crm_enabled is false' do + let(:group) { create(:group) } + let(:current_user) { owner } + + it { is_expected.to be_disallowed(:read_crm_contact) } + it { is_expected.to be_disallowed(:read_crm_organization) } + it { is_expected.to be_disallowed(:admin_crm_contact) } + it { is_expected.to be_disallowed(:admin_crm_organization) } + end end |