diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-03-09 21:09:41 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-03-09 21:09:41 +0300 |
commit | 72c331ebf56ba3d49a79ec799de84e790748adef (patch) | |
tree | ad23d8de3ff38f8d4fc95dca17d7aa4c8dce2923 /spec/policies | |
parent | 6f2b1c32f3ccf422575f591b42372534502dcd72 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/policies')
-rw-r--r-- | spec/policies/base_policy_spec.rb | 6 | ||||
-rw-r--r-- | spec/policies/group_policy_spec.rb | 38 |
2 files changed, 34 insertions, 10 deletions
diff --git a/spec/policies/base_policy_spec.rb b/spec/policies/base_policy_spec.rb index 226660dc955..44ff909872d 100644 --- a/spec/policies/base_policy_spec.rb +++ b/spec/policies/base_policy_spec.rb @@ -73,10 +73,14 @@ RSpec.describe BasePolicy do end end - describe 'full private access' do + describe 'full private access: read_all_resources' do it_behaves_like 'admin only access', :read_all_resources end + describe 'full private access: admin_all_resources' do + it_behaves_like 'admin only access', :admin_all_resources + end + describe 'change_repository_storage' do it_behaves_like 'admin only access', :change_repository_storage end diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb index 7cded27e449..1794934dd20 100644 --- a/spec/policies/group_policy_spec.rb +++ b/spec/policies/group_policy_spec.rb @@ -193,16 +193,24 @@ RSpec.describe GroupPolicy do let(:current_user) { admin } specify do - expect_allowed(*read_group_permissions) - expect_allowed(*guest_permissions) - expect_allowed(*reporter_permissions) - expect_allowed(*developer_permissions) - expect_allowed(*maintainer_permissions) - expect_allowed(*owner_permissions) + expect_disallowed(*read_group_permissions) + expect_disallowed(*guest_permissions) + expect_disallowed(*reporter_permissions) + expect_disallowed(*developer_permissions) + expect_disallowed(*maintainer_permissions) + expect_disallowed(*owner_permissions) end context 'with admin mode', :enable_admin_mode do - specify { expect_allowed(*admin_permissions) } + specify do + expect_allowed(*read_group_permissions) + expect_allowed(*guest_permissions) + expect_allowed(*reporter_permissions) + expect_allowed(*developer_permissions) + expect_allowed(*maintainer_permissions) + expect_allowed(*owner_permissions) + expect_allowed(*admin_permissions) + end end it_behaves_like 'deploy token does not get confused with user' do @@ -773,7 +781,13 @@ RSpec.describe GroupPolicy do context 'admin' do let(:current_user) { admin } - it { is_expected.to be_allowed(:create_jira_connect_subscription) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed(:create_jira_connect_subscription) } + end + + context 'when admin mode is disabled' do + it { is_expected.to be_disallowed(:create_jira_connect_subscription) } + end end context 'with owner' do @@ -817,7 +831,13 @@ RSpec.describe GroupPolicy do context 'admin' do let(:current_user) { admin } - it { is_expected.to be_allowed(:read_package) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed(:read_package) } + end + + context 'when admin mode is disabled' do + it { is_expected.to be_disallowed(:read_package) } + end end context 'with owner' do |