diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-10-29 00:10:45 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-10-29 00:10:45 +0300 |
| commit | 71d6b9014bef64436bbd996667e6458ebde561c4 (patch) | |
| tree | 21b049d24b2d96be84904576e2b619f82d5d515d /spec/policies | |
| parent | 0076bbc67375ff1507e42ce479406daf92c0a6a2 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/policies')
| -rw-r--r-- | spec/policies/group_member_policy_spec.rb | 25 | ||||
| -rw-r--r-- | spec/policies/project_member_policy_spec.rb | 32 |
2 files changed, 54 insertions, 3 deletions
diff --git a/spec/policies/group_member_policy_spec.rb b/spec/policies/group_member_policy_spec.rb index 27ce683861c..24ffd9e5e39 100644 --- a/spec/policies/group_member_policy_spec.rb +++ b/spec/policies/group_member_policy_spec.rb @@ -83,6 +83,31 @@ RSpec.describe GroupMemberPolicy do specify { expect_allowed(:read_group) } end + context 'for access requests' do + let_it_be(:group) { create(:group, :public) } + let_it_be(:user) { create(:user) } + + let(:current_user) { user } + + context 'for own access request' do + let(:membership) { create(:group_member, :access_request, group: group, user: user) } + + specify { expect_allowed(:withdraw_member_access_request) } + end + + context "for another user's access request" do + let(:membership) { create(:group_member, :access_request, group: group, user: create(:user)) } + + specify { expect_disallowed(:withdraw_member_access_request) } + end + + context 'for own, valid membership' do + let(:membership) { create(:group_member, :developer, group: group, user: user) } + + specify { expect_disallowed(:withdraw_member_access_request) } + end + end + context 'with bot user' do let(:current_user) { create(:user, :project_bot) } diff --git a/spec/policies/project_member_policy_spec.rb b/spec/policies/project_member_policy_spec.rb index b19ab71fcb5..d7c155b39f5 100644 --- a/spec/policies/project_member_policy_spec.rb +++ b/spec/policies/project_member_policy_spec.rb @@ -4,13 +4,14 @@ require 'spec_helper' RSpec.describe ProjectMemberPolicy do let(:project) { create(:project) } - let(:maintainer_user) { create(:user) } + let(:maintainer) { create(:user) } let(:member) { create(:project_member, project: project, user: member_user) } + let(:current_user) { maintainer } - subject { described_class.new(maintainer_user, member) } + subject { described_class.new(current_user, member) } before do - create(:project_member, :maintainer, project: project, user: maintainer_user) + create(:project_member, :maintainer, project: project, user: maintainer) end context 'with regular member' do @@ -40,4 +41,29 @@ RSpec.describe ProjectMemberPolicy do it { is_expected.not_to be_allowed(:update_project_member) } it { is_expected.not_to be_allowed(:destroy_project_member) } end + + context 'for access requests' do + let_it_be(:project) { create(:project, :public) } + let_it_be(:user) { create(:user) } + + let(:current_user) { user } + + context 'for own access request' do + let(:member) { create(:project_member, :access_request, project: project, user: user) } + + specify { expect_allowed(:withdraw_member_access_request) } + end + + context "for another user's access request" do + let(:member) { create(:project_member, :access_request, project: project, user: create(:user)) } + + specify { expect_disallowed(:withdraw_member_access_request) } + end + + context 'for own, valid membership' do + let(:member) { create(:project_member, :developer, project: project, user: user) } + + specify { expect_disallowed(:withdraw_member_access_request) } + end + end end |