Instance level kubernetes clusters admin

Instance level clusters were already mostly supported, this change adds
admin area controllers for cluster CRUD

2 files changed, 39 insertions, 0 deletions

diff --git a/spec/policies/clusters/cluster_policy_spec.rb b/spec/policies/clusters/cluster_policy_spec.rb
index b2f0ca1bc30..cc3dde154dc 100644
--- a/spec/policies/clusters/cluster_policy_spec.rb
+++ b/spec/policies/clusters/cluster_policy_spec.rb
@@ -66,5 +66,21 @@ describe Clusters::ClusterPolicy, :models do
         it { expect(policy).to be_disallowed :admin_cluster }
       end
     end
+
+    context 'instance cluster' do
+      let(:cluster) { create(:cluster, :instance) }
+
+      context 'when user' do
+        it { expect(policy).to be_disallowed :update_cluster }
+        it { expect(policy).to be_disallowed :admin_cluster }
+      end
+
+      context 'when admin' do
+        let(:user) { create(:admin) }
+
+        it { expect(policy).to be_allowed :update_cluster }
+        it { expect(policy).to be_allowed :admin_cluster }
+      end
+    end
   end
 end
diff --git a/spec/policies/clusters/instance_policy_spec.rb b/spec/policies/clusters/instance_policy_spec.rb
new file mode 100644
index 00000000000..ac0f9da5d19
--- /dev/null
+++ b/spec/policies/clusters/instance_policy_spec.rb
@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Clusters::InstancePolicy do
+  let(:cluster) { create(:cluster, :instance) }
+  let(:user) { create(:user) }
+  let(:policy) { described_class.new(user, cluster) }
+
+  describe 'rules' do
+    context 'when user' do
+      it { expect(policy).to be_disallowed :update_cluster }
+      it { expect(policy).to be_disallowed :admin_cluster }
+    end
+
+    context 'when admin' do
+      let(:user) { create(:admin) }
+
+      it { expect(policy).to be_allowed :update_cluster }
+      it { expect(policy).to be_allowed :admin_cluster }
+    end
+  end
+end