diff options
| author | Fabio Papa <fabtheman@gmail.com> | 2019-07-01 00:40:23 +0300 |
|---|---|---|
| committer | Fabio Papa <fabtheman@gmail.com> | 2019-07-19 21:55:48 +0300 |
| commit | 81662f7b9fae45689b9291427fd9b192ef88be4b (patch) | |
| tree | 161b452c8e6caa6d800f0779151bed7176208810 /spec/policies | |
| parent | e962ffbc90b797cc9f1eb922e918c093dac7d4a1 (diff) | |
Make subgroup_creation_level default to maintainer at SQL level
- Migration updates existing groups to "owner", then sets default to
"maintainer" so that new groups will default to that
- Update spec examples
Diffstat (limited to 'spec/policies')
| -rw-r--r-- | spec/policies/group_policy_spec.rb | 43 |
1 files changed, 36 insertions, 7 deletions
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb index da186f63eca..7fba62d2aa8 100644 --- a/spec/policies/group_policy_spec.rb +++ b/spec/policies/group_policy_spec.rb @@ -98,12 +98,38 @@ describe GroupPolicy do context 'maintainer' do let(:current_user) { maintainer } - it do - expect_allowed(*guest_permissions) - expect_allowed(*reporter_permissions) - expect_allowed(*developer_permissions) - expect_allowed(*maintainer_permissions) - expect_disallowed(*owner_permissions) + context 'with subgroup_creation level set to maintainer' do + let(:group) { create(:group, + :private, + subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) } + + it do + allow(Group).to receive(:supports_nested_objects?).and_return(true) + + create_subgroup_permission = [:create_subgroup] + updated_maintainer_permissions = + maintainer_permissions + create_subgroup_permission + updated_owner_permissions = + owner_permissions - create_subgroup_permission + + expect_allowed(*guest_permissions) + expect_allowed(*reporter_permissions) + expect_allowed(*developer_permissions) + expect_allowed(*updated_maintainer_permissions) + expect_disallowed(*updated_owner_permissions) + end + end + + context 'with subgroup_creation_level set to owner' do + it do + allow(Group).to receive(:supports_nested_objects?).and_return(true) + + expect_allowed(*guest_permissions) + expect_allowed(*reporter_permissions) + expect_allowed(*developer_permissions) + expect_allowed(*maintainer_permissions) + expect_disallowed(*owner_permissions) + end end end @@ -181,7 +207,10 @@ describe GroupPolicy do end describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do - let(:nested_group) { create(:group, :private, parent: group) } + let(:nested_group) { create(:group, + :private, + :owner_subgroup_creation_only, + parent: group) } before do nested_group.add_guest(guest) |