diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-10-21 18:11:29 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-10-21 18:11:29 +0300 |
commit | 68613feb1d0df32fae0c1960368e517defc2b67d (patch) | |
tree | 1d0d68e3bf080567035323ee292097d16d5c836c /spec/policies | |
parent | 559b1da28e46a9969315beb11ee2d2056f75b06d (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/policies')
-rw-r--r-- | spec/policies/issuable_policy_spec.rb | 8 | ||||
-rw-r--r-- | spec/policies/note_policy_spec.rb | 24 |
2 files changed, 15 insertions, 17 deletions
diff --git a/spec/policies/issuable_policy_spec.rb b/spec/policies/issuable_policy_spec.rb index 2bedcf60539..c8c322b02db 100644 --- a/spec/policies/issuable_policy_spec.rb +++ b/spec/policies/issuable_policy_spec.rb @@ -31,8 +31,8 @@ RSpec.describe IssuablePolicy, models: true do expect(policies).to be_allowed(:resolve_note) end - it 'allows reading internal notes' do - expect(policies).to be_allowed(:read_internal_note) + it 'does not allow reading internal notes' do + expect(policies).to be_disallowed(:read_internal_note) end context 'when user is able to read project' do @@ -94,8 +94,8 @@ RSpec.describe IssuablePolicy, models: true do let(:issue) { create(:issue, project: project, assignees: [user]) } let(:policies) { described_class.new(user, issue) } - it 'allows reading internal notes' do - expect(policies).to be_allowed(:read_internal_note) + it 'does not allow reading internal notes' do + expect(policies).to be_disallowed(:read_internal_note) end end diff --git a/spec/policies/note_policy_spec.rb b/spec/policies/note_policy_spec.rb index eeaa77a4589..6a261b4ff5b 100644 --- a/spec/policies/note_policy_spec.rb +++ b/spec/policies/note_policy_spec.rb @@ -309,42 +309,41 @@ RSpec.describe NotePolicy do shared_examples_for 'confidential notes permissions' do it 'does not allow non members to read confidential notes and replies' do - expect(permissions(non_member, confidential_note)).to be_disallowed(:read_note, :admin_note, :reposition_note, :resolve_note, :award_emoji) + expect(permissions(non_member, confidential_note)).to be_disallowed(:read_note, :admin_note, :reposition_note, :resolve_note, :award_emoji, :mark_note_as_confidential) end it 'does not allow guests to read confidential notes and replies' do - expect(permissions(guest, confidential_note)).to be_disallowed(:read_note, :admin_note, :reposition_note, :resolve_note, :award_emoji) + expect(permissions(guest, confidential_note)).to be_disallowed(:read_note, :admin_note, :reposition_note, :resolve_note, :award_emoji, :mark_note_as_confidential) end it 'allows reporter to read all notes but not resolve and admin them' do - expect(permissions(reporter, confidential_note)).to be_allowed(:read_note, :award_emoji) + expect(permissions(reporter, confidential_note)).to be_allowed(:read_note, :award_emoji, :mark_note_as_confidential) expect(permissions(reporter, confidential_note)).to be_disallowed(:admin_note, :reposition_note, :resolve_note) end it 'allows developer to read and resolve all notes' do - expect(permissions(developer, confidential_note)).to be_allowed(:read_note, :award_emoji, :resolve_note) + expect(permissions(developer, confidential_note)).to be_allowed(:read_note, :award_emoji, :resolve_note, :mark_note_as_confidential) expect(permissions(developer, confidential_note)).to be_disallowed(:admin_note, :reposition_note) end it 'allows maintainers to read all notes and admin them' do - expect(permissions(maintainer, confidential_note)).to be_allowed(:read_note, :admin_note, :reposition_note, :resolve_note, :award_emoji) + expect(permissions(maintainer, confidential_note)).to be_allowed(:read_note, :admin_note, :reposition_note, :resolve_note, :award_emoji, :mark_note_as_confidential) end context 'when admin mode is enabled', :enable_admin_mode do it 'allows admins to read all notes and admin them' do - expect(permissions(admin, confidential_note)).to be_allowed(:read_note, :admin_note, :reposition_note, :resolve_note, :award_emoji) + expect(permissions(admin, confidential_note)).to be_allowed(:read_note, :admin_note, :reposition_note, :resolve_note, :award_emoji, :mark_note_as_confidential) end end context 'when admin mode is disabled' do it 'does not allow non members to read confidential notes and replies' do - expect(permissions(admin, confidential_note)).to be_disallowed(:read_note, :admin_note, :reposition_note, :resolve_note, :award_emoji) + expect(permissions(admin, confidential_note)).to be_disallowed(:read_note, :admin_note, :reposition_note, :resolve_note, :award_emoji, :mark_note_as_confidential) end end - it 'allows noteable author to read and resolve all notes' do - expect(permissions(author, confidential_note)).to be_allowed(:read_note, :resolve_note, :award_emoji) - expect(permissions(author, confidential_note)).to be_disallowed(:admin_note, :reposition_note) + it 'disallows noteable author to read and resolve all notes' do + expect(permissions(author, confidential_note)).to be_disallowed(:read_note, :resolve_note, :award_emoji, :mark_note_as_confidential, :admin_note, :reposition_note) end end @@ -354,9 +353,8 @@ RSpec.describe NotePolicy do it_behaves_like 'confidential notes permissions' - it 'allows noteable assignees to read all notes' do - expect(permissions(assignee, confidential_note)).to be_allowed(:read_note, :award_emoji) - expect(permissions(assignee, confidential_note)).to be_disallowed(:admin_note, :reposition_note, :resolve_note) + it 'disallows noteable assignees to read all notes' do + expect(permissions(assignee, confidential_note)).to be_disallowed(:read_note, :award_emoji, :mark_note_as_confidential, :admin_note, :reposition_note, :resolve_note) end end end |