diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-15 18:08:26 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-15 18:08:26 +0300 |
commit | 4279dbc29c63f614e6439e104204165ff0517a59 (patch) | |
tree | a2a2dc637398f9c66eeda39ee9e3e209370a84c4 /spec/policies | |
parent | 7912017a137da35c48071a048c99d27737c29f0f (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/policies')
-rw-r--r-- | spec/policies/group_member_policy_spec.rb | 105 |
1 files changed, 57 insertions, 48 deletions
diff --git a/spec/policies/group_member_policy_spec.rb b/spec/policies/group_member_policy_spec.rb index 24ffd9e5e39..6ae5e43def4 100644 --- a/spec/policies/group_member_policy_spec.rb +++ b/spec/policies/group_member_policy_spec.rb @@ -125,74 +125,83 @@ RSpec.describe GroupMemberPolicy do specify { expect_disallowed(:read_group, :destroy_project_bot_member) } end - context 'with one owner' do + context 'with owner' do let(:current_user) { owner } - specify { expect_disallowed(*member_related_permissions) } - specify { expect_allowed(:read_group) } - end + context 'with group with one owner' do + specify { expect_disallowed(*member_related_permissions) } + specify { expect_allowed(:read_group) } + end - context 'with one blocked owner' do - let(:owner) { create(:user, :blocked) } - let(:current_user) { owner } + context 'with group with bot user owner' do + before do + group.add_owner(create(:user, :project_bot)) + end - specify { expect_disallowed(*member_related_permissions) } - specify { expect_disallowed(:read_group) } - end + specify { expect_disallowed(*member_related_permissions) } + end - context 'with more than one owner' do - let(:current_user) { owner } + context 'with group with more than one owner' do + before do + group.add_owner(create(:user)) + end - before do - group.add_owner(create(:user)) + specify { expect_allowed(*member_related_permissions) } + specify { expect_disallowed(:destroy_project_bot_member) } end - specify { expect_allowed(*member_related_permissions) } - specify { expect_disallowed(:destroy_project_bot_member) } - end + context 'with group with owners from a parent' do + context 'when top-level group' do + context 'with group sharing' do + let!(:subgroup) { create(:group, :private, parent: group) } - context 'with the group parent' do - let(:current_user) { create :user } - let(:subgroup) { create(:group, :private, parent: group) } + before do + create(:group_group_link, :owner, shared_group: group, shared_with_group: subgroup) + create(:group_member, :owner, group: subgroup) + end - before do - group.add_owner(owner) - subgroup.add_owner(current_user) - end + specify { expect_disallowed(*member_related_permissions) } + specify { expect_allowed(:read_group) } + end + end - it do - expect_allowed(:destroy_group_member) - expect_allowed(:update_group_member) - end - end + context 'when subgroup' do + let(:current_user) { create :user } - context 'without group parent' do - let(:current_user) { create :user } - let(:subgroup) { create(:group, :private) } + let!(:subgroup) { create(:group, :private, parent: group) } - before do - subgroup.add_owner(current_user) - end + before do + subgroup.add_owner(current_user) + end - it do - expect_disallowed(:destroy_group_member) - expect_disallowed(:update_group_member) + specify { expect_allowed(*member_related_permissions) } + specify { expect_allowed(:read_group) } + end end end - context 'without group parent with two owners' do - let(:current_user) { create :user } - let(:other_user) { create :user } - let(:subgroup) { create(:group, :private) } + context 'with blocked owner' do + let(:owner) { create(:user, :blocked) } + let(:current_user) { owner } - before do - subgroup.add_owner(current_user) - subgroup.add_owner(other_user) + specify { expect_disallowed(*member_related_permissions) } + specify { expect_disallowed(:read_group) } + + context 'with group with bot user owner' do + before do + group.add_owner(create(:user, :project_bot)) + end + + specify { expect_disallowed(*member_related_permissions) } + specify { expect_disallowed(:read_group) } end - it do - expect_allowed(:destroy_group_member) - expect_allowed(:update_group_member) + context 'with group with more than one blocked owner' do + before do + group.add_owner(create(:user, :blocked)) + end + + specify { expect_allowed(:destroy_group_member) } end end end |