diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-07-07 21:09:40 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-07-07 21:09:40 +0300 |
commit | 17b492274d1071f9dce56d1a3f2d57c94c38e709 (patch) | |
tree | fd1721c199f670220c4706094b3de5407f01107e /spec/policies | |
parent | 427451410d11193ef3b2638fc37a70f259839f6d (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/policies')
-rw-r--r-- | spec/policies/merge_request_policy_spec.rb | 62 |
1 files changed, 53 insertions, 9 deletions
diff --git a/spec/policies/merge_request_policy_spec.rb b/spec/policies/merge_request_policy_spec.rb index e05de25f182..dd42e1b9313 100644 --- a/spec/policies/merge_request_policy_spec.rb +++ b/spec/policies/merge_request_policy_spec.rb @@ -51,7 +51,8 @@ RSpec.describe MergeRequestPolicy do end context 'when merge request is public' do - let(:merge_request) { create(:merge_request, source_project: project, target_project: project, author: author) } + let(:merge_request) { create(:merge_request, source_project: project, target_project: project, author: user) } + let(:user) { author } context 'and user is anonymous' do subject { permissions(nil, merge_request) } @@ -61,19 +62,62 @@ RSpec.describe MergeRequestPolicy do end end - describe 'the author, who became a guest' do - subject { permissions(author, merge_request) } + context 'and user is author' do + subject { permissions(user, merge_request) } - it do - is_expected.to be_allowed(:update_merge_request) + context 'and the user is a guest' do + let(:user) { guest } + + it do + is_expected.to be_allowed(:update_merge_request) + end + + it do + is_expected.to be_allowed(:reopen_merge_request) + end + + it do + is_expected.to be_allowed(:approve_merge_request) + end end - it do - is_expected.to be_allowed(:reopen_merge_request) + context 'and the user is a group member' do + let(:project) { create(:project, :public, group: group) } + let(:group) { create(:group) } + let(:user) { non_team_member } + + before do + group.add_guest(non_team_member) + end + + it do + is_expected.to be_allowed(:approve_merge_request) + end end - it do - is_expected.to be_allowed(:approve_merge_request) + context 'and the user is a member of a shared group' do + let(:user) { non_team_member } + + before do + group = create(:group) + project.project_group_links.create!( + group: group, + group_access: Gitlab::Access::DEVELOPER) + + group.add_guest(non_team_member) + end + + it do + is_expected.to be_allowed(:approve_merge_request) + end + end + + context 'and the user is not a project member' do + let(:user) { non_team_member } + + it do + is_expected.not_to be_allowed(:approve_merge_request) + end end end end |