Allow admin to read_users_list even if it's restricted

author: Lin Jen-Shin <godfat@godfat.org> 2017-07-25 11:44:02 +0300
committer: Lin Jen-Shin <godfat@godfat.org> 2017-07-25 11:49:26 +0300
commit: 25e44edc30b5ca61267487248db9330da3e48a6c (patch)
tree: aed26c4fb1e0ac1fc9dd76d64bcf16318a49ba42 /spec/policies
parent: d95e6da0d582cd4b0d333b3b6a1bfa3a565b874e (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/spec/policies/global_policy_spec.rb b/spec/policies/global_policy_spec.rb
index bb0fa0c0e9c..c3e2b603c4b 100644
--- a/spec/policies/global_policy_spec.rb
+++ b/spec/policies/global_policy_spec.rb
@@ -30,5 +30,25 @@ describe GlobalPolicy, models: true do
         it { is_expected.to be_allowed(:read_users_list) }
       end
     end
+
+    context "for an admin" do
+      let(:current_user) { create(:admin) }
+
+      context "when the public level is restricted" do
+        before do
+          stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
+        end
+
+        it { is_expected.to be_allowed(:read_users_list) }
+      end
+
+      context "when the public level is not restricted" do
+        before do
+          stub_application_setting(restricted_visibility_levels: [])
+        end
+
+        it { is_expected.to be_allowed(:read_users_list) }
+      end
+    end
   end
 end
author	Lin Jen-Shin <godfat@godfat.org>	2017-07-25 11:44:02 +0300
committer	Lin Jen-Shin <godfat@godfat.org>	2017-07-25 11:49:26 +0300
commit	25e44edc30b5ca61267487248db9330da3e48a6c (patch)
tree	aed26c4fb1e0ac1fc9dd76d64bcf16318a49ba42 /spec/policies
parent	d95e6da0d582cd4b0d333b3b6a1bfa3a565b874e (diff)