Add latest changes from gitlab-org/security/gitlab@15-7-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-01-07 01:28:28 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-01-07 01:28:28 +0300
commit: e4a92d342784ccbb929e7d2b1faa42d6c2f591a3 (patch)
tree: 0e850cae1809a9224f5dcd773933777dbd4c17de /spec/policies
parent: 89e372068b3909b0e8cfb03af4da176357a1abbc (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index 9b2d10283f1..e370f536519 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -668,6 +668,35 @@ RSpec.describe ProjectPolicy do
     end
   end
 
+  describe 'read_grafana', feature_category: :metrics do
+    using RSpec::Parameterized::TableSyntax
+
+    let(:policy) { :read_grafana }
+
+    where(:project_visibility, :role, :allowed) do
+      :public   | :anonymous | false
+      :public   | :guest     | false
+      :public   | :reporter  | true
+      :internal | :anonymous | false
+      :internal | :guest     | true
+      :internal | :reporter  | true
+      :private  | :anonymous | false
+      :private  | :guest     | true
+      :private  | :reporter  | true
+    end
+
+    with_them do
+      let(:current_user) { public_send(role) }
+      let(:project) { public_send("#{project_visibility}_project") }
+
+      if params[:allowed]
+        it { is_expected.to be_allowed(policy) }
+      else
+        it { is_expected.not_to be_allowed(policy) }
+      end
+    end
+  end
+
   describe 'update_max_artifacts_size' do
     context 'when no user' do
       let(:current_user) { anonymous }
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-01-07 01:28:28 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-01-07 01:28:28 +0300
commit	e4a92d342784ccbb929e7d2b1faa42d6c2f591a3 (patch)
tree	0e850cae1809a9224f5dcd773933777dbd4c17de /spec/policies
parent	89e372068b3909b0e8cfb03af4da176357a1abbc (diff)