diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-02-18 12:45:46 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-02-18 12:45:46 +0300 |
| commit | a7b3560714b4d9cc4ab32dffcd1f74a284b93580 (patch) | |
| tree | 7452bd5c3545c2fa67a28aa013835fb4fa071baf /spec/policies | |
| parent | ee9173579ae56a3dbfe5afe9f9410c65bb327ca7 (diff) | |
Add latest changes from gitlab-org/gitlab@14-8-stable-eev14.8.0-rc42
Diffstat (limited to 'spec/policies')
| -rw-r--r-- | spec/policies/ci/pipeline_policy_spec.rb | 6 | ||||
| -rw-r--r-- | spec/policies/clusters/agent_token_policy_spec.rb | 11 | ||||
| -rw-r--r-- | spec/policies/clusters/agents/activity_event_policy_spec.rb | 11 | ||||
| -rw-r--r-- | spec/policies/namespaces/project_namespace_policy_spec.rb | 2 | ||||
| -rw-r--r-- | spec/policies/project_member_policy_spec.rb | 2 | ||||
| -rw-r--r-- | spec/policies/project_policy_spec.rb | 4 |
6 files changed, 27 insertions, 9 deletions
diff --git a/spec/policies/ci/pipeline_policy_spec.rb b/spec/policies/ci/pipeline_policy_spec.rb index 9a65823c950..b68bb966820 100644 --- a/spec/policies/ci/pipeline_policy_spec.rb +++ b/spec/policies/ci/pipeline_policy_spec.rb @@ -89,7 +89,7 @@ RSpec.describe Ci::PipelinePolicy, :models do let(:project) { create(:project, :public) } context 'when user has owner access' do - let(:user) { project.owner } + let(:user) { project.first_owner } it 'is enabled' do expect(policy).to be_allowed :destroy_pipeline @@ -107,7 +107,7 @@ RSpec.describe Ci::PipelinePolicy, :models do let(:project) { create(:project, :public) } context 'when user has owner access' do - let(:user) { project.owner } + let(:user) { project.first_owner } it 'is enabled' do expect(policy).to be_allowed :read_pipeline_variable @@ -129,7 +129,7 @@ RSpec.describe Ci::PipelinePolicy, :models do end context 'when user is developer and it is not the creator of the pipeline' do - let(:pipeline) { create(:ci_empty_pipeline, project: project, user: project.owner) } + let(:pipeline) { create(:ci_empty_pipeline, project: project, user: project.first_owner) } before do project.add_developer(user) diff --git a/spec/policies/clusters/agent_token_policy_spec.rb b/spec/policies/clusters/agent_token_policy_spec.rb index 9ae99e66f59..f5ac8bd67e6 100644 --- a/spec/policies/clusters/agent_token_policy_spec.rb +++ b/spec/policies/clusters/agent_token_policy_spec.rb @@ -10,13 +10,22 @@ RSpec.describe Clusters::AgentTokenPolicy do let(:project) { token.agent.project } describe 'rules' do + context 'when reporter' do + before do + project.add_reporter(user) + end + + it { expect(policy).to be_disallowed :admin_cluster } + it { expect(policy).to be_disallowed :read_cluster } + end + context 'when developer' do before do project.add_developer(user) end it { expect(policy).to be_disallowed :admin_cluster } - it { expect(policy).to be_disallowed :read_cluster } + it { expect(policy).to be_allowed :read_cluster } end context 'when maintainer' do diff --git a/spec/policies/clusters/agents/activity_event_policy_spec.rb b/spec/policies/clusters/agents/activity_event_policy_spec.rb index 1262fcfd9f2..365168de79f 100644 --- a/spec/policies/clusters/agents/activity_event_policy_spec.rb +++ b/spec/policies/clusters/agents/activity_event_policy_spec.rb @@ -10,13 +10,22 @@ RSpec.describe Clusters::Agents::ActivityEventPolicy do let(:project) { event.agent.project } describe 'rules' do + context 'reporter' do + before do + project.add_reporter(user) + end + + it { expect(policy).to be_disallowed :admin_cluster } + it { expect(policy).to be_disallowed :read_cluster } + end + context 'developer' do before do project.add_developer(user) end it { expect(policy).to be_disallowed :admin_cluster } - it { expect(policy).to be_disallowed :read_cluster } + it { expect(policy).to be_allowed :read_cluster } end context 'maintainer' do diff --git a/spec/policies/namespaces/project_namespace_policy_spec.rb b/spec/policies/namespaces/project_namespace_policy_spec.rb index f6fe4ae552a..f1022747fab 100644 --- a/spec/policies/namespaces/project_namespace_policy_spec.rb +++ b/spec/policies/namespaces/project_namespace_policy_spec.rb @@ -28,7 +28,7 @@ RSpec.describe Namespaces::ProjectNamespacePolicy do end context 'parent owner' do - let_it_be(:current_user) { parent.owner } + let_it_be(:current_user) { parent.first_owner } it { is_expected.to be_disallowed(*permissions) } end diff --git a/spec/policies/project_member_policy_spec.rb b/spec/policies/project_member_policy_spec.rb index aebbe685bb3..12b3e60fdb2 100644 --- a/spec/policies/project_member_policy_spec.rb +++ b/spec/policies/project_member_policy_spec.rb @@ -24,7 +24,7 @@ RSpec.describe ProjectMemberPolicy do end context 'when user is project owner' do - let(:member_user) { project.owner } + let(:member_user) { project.first_owner } let(:member) { project.members.find_by!(user: member_user) } it { is_expected.to be_allowed(:read_project) } diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb index 38e4e18c894..793b1fffd5f 100644 --- a/spec/policies/project_policy_spec.rb +++ b/spec/policies/project_policy_spec.rb @@ -117,7 +117,7 @@ RSpec.describe ProjectPolicy do end describe 'for unconfirmed user' do - let(:current_user) { project.owner.tap { |u| u.update!(confirmed_at: nil) } } + let(:current_user) { project.first_owner.tap { |u| u.update!(confirmed_at: nil) } } it 'disallows to modify pipelines' do expect_disallowed(:create_pipeline) @@ -144,7 +144,7 @@ RSpec.describe ProjectPolicy do end describe 'for project owner' do - let(:current_user) { project.owner } + let(:current_user) { project.first_owner } it 'allows :destroy_pipeline' do expect(current_user.can?(:destroy_pipeline, pipeline)).to be_truthy |