Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-12-07 03:08:34 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-12-07 03:08:34 +0300
commit: 7e89568aa1b1c531aa34860fbd9e77d9e988b9b2 (patch)
tree: 9d644d947b75594d969f040ef046541c769e0dc3 /spec/policies
parent: f2143c9986ad7b6206b8a41cc9aeb419e543d3f5 (diff)
1 files changed, 99 insertions, 3 deletions
diff --git a/spec/policies/merge_request_policy_spec.rb b/spec/policies/merge_request_policy_spec.rb
index 7e1af132b1d..741a0db3009 100644
--- a/spec/policies/merge_request_policy_spec.rb
+++ b/spec/policies/merge_request_policy_spec.rb
@@ -10,6 +10,7 @@ RSpec.describe MergeRequestPolicy do
   let_it_be(:reporter) { create(:user) }
   let_it_be(:developer) { create(:user) }
   let_it_be(:non_team_member) { create(:user) }
+  let_it_be(:bot) { create(:user, :project_bot) }
 
   def permissions(user, merge_request)
     described_class.new(user, merge_request)
@@ -72,6 +73,7 @@ RSpec.describe MergeRequestPolicy do
       project.add_guest(guest)
       project.add_guest(author)
       project.add_developer(developer)
+      project.add_developer(bot)
     end
 
     context 'when merge request is public' do
@@ -95,6 +97,18 @@ RSpec.describe MergeRequestPolicy do
           it do
             is_expected.to be_allowed(:approve_merge_request)
           end
+
+          it do
+            is_expected.to be_disallowed(:reset_merge_request_approvals)
+          end
+        end
+
+        context 'and the user is a bot' do
+          let(:user) { bot }
+
+          it do
+            is_expected.to be_allowed(:reset_merge_request_approvals)
+          end
         end
       end
     end
@@ -123,6 +137,14 @@ RSpec.describe MergeRequestPolicy do
 
         it_behaves_like 'a denied user'
       end
+
+      describe 'a bot' do
+        let(:subject) { permissions(bot, merge_request) }
+
+        it do
+          is_expected.to be_disallowed(:reset_merge_request_approvals)
+        end
+      end
     end
 
     context 'when merge requests are private' do
@@ -144,6 +166,14 @@ RSpec.describe MergeRequestPolicy do
 
         it_behaves_like 'a user with full access'
       end
+
+      describe 'a bot' do
+        let(:subject) { permissions(bot, merge_request) }
+
+        it do
+          is_expected.to be_allowed(:reset_merge_request_approvals)
+        end
+      end
     end
 
     context 'when merge request is unlocked' do
@@ -214,6 +244,7 @@ RSpec.describe MergeRequestPolicy do
       group.add_guest(author)
       group.add_reporter(reporter)
       group.add_developer(developer)
+      group.add_developer(bot)
     end
 
     context 'when project is public' do
@@ -222,9 +253,25 @@ RSpec.describe MergeRequestPolicy do
       describe 'the merge request author' do
         subject { permissions(author, merge_request) }
 
-        specify do
+        it do
           is_expected.to be_allowed(:approve_merge_request)
         end
+
+        it do
+          is_expected.to be_disallowed(:reset_merge_request_approvals)
+        end
+      end
+
+      describe 'a bot' do
+        subject { permissions(bot, merge_request) }
+
+        it do
+          is_expected.to be_allowed(:approve_merge_request)
+        end
+
+        it do
+          is_expected.to be_allowed(:reset_merge_request_approvals)
+        end
       end
 
       context 'and merge requests are private' do
@@ -250,6 +297,14 @@ RSpec.describe MergeRequestPolicy do
 
           it_behaves_like 'a user with full access'
         end
+
+        describe 'a bot' do
+          let(:subject) { permissions(bot, merge_request) }
+
+          it do
+            is_expected.to be_allowed(:reset_merge_request_approvals)
+          end
+        end
       end
     end
 
@@ -273,6 +328,14 @@ RSpec.describe MergeRequestPolicy do
 
         it_behaves_like 'a user with full access'
       end
+
+      describe 'a bot' do
+        let(:subject) { permissions(bot, merge_request) }
+
+        it do
+          is_expected.to be_allowed(:reset_merge_request_approvals)
+        end
+      end
     end
   end
 
@@ -297,11 +360,28 @@ RSpec.describe MergeRequestPolicy do
           group_access: Gitlab::Access::DEVELOPER)
 
         group.add_guest(non_team_member)
+        group.add_guest(bot)
       end
 
-      specify do
+      it do
         is_expected.to be_allowed(:approve_merge_request)
       end
+
+      it do
+        is_expected.to be_disallowed(:reset_merge_request_approvals)
+      end
+
+      context 'and the user is a bot' do
+        let(:user) { bot }
+
+        it do
+          is_expected.to be_allowed(:approve_merge_request)
+        end
+
+        it do
+          is_expected.to be_allowed(:reset_merge_request_approvals)
+        end
+      end
     end
   end
 
@@ -313,9 +393,25 @@ RSpec.describe MergeRequestPolicy do
 
       subject { permissions(non_team_member, merge_request) }
 
-      specify do
+      it do
         is_expected.not_to be_allowed(:approve_merge_request)
       end
+
+      it do
+        is_expected.not_to be_allowed(:reset_merge_request_approvals)
+      end
+
+      context 'and the user is a bot' do
+        subject { permissions(bot, merge_request) }
+
+        it do
+          is_expected.not_to be_allowed(:approve_merge_request)
+        end
+
+        it do
+          is_expected.not_to be_allowed(:reset_merge_request_approvals)
+        end
+      end
     end
 
     context 'when merge requests are disabled' do
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-12-07 03:08:34 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-12-07 03:08:34 +0300
commit	7e89568aa1b1c531aa34860fbd9e77d9e988b9b2 (patch)
tree	9d644d947b75594d969f040ef046541c769e0dc3 /spec/policies
parent	f2143c9986ad7b6206b8a41cc9aeb419e543d3f5 (diff)