diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-14 18:09:48 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-14 18:09:48 +0300 |
| commit | 81f257d72ef398933453d215019c850f57dae252 (patch) | |
| tree | e7236ae76f96afb207d3ea85164b88c429b6f43c /spec/policies | |
| parent | b82c4935ecc86d1429710163287f5bd7d75bf226 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/policies')
| -rw-r--r-- | spec/policies/global_policy_spec.rb | 30 | ||||
| -rw-r--r-- | spec/policies/group_policy_spec.rb | 50 | ||||
| -rw-r--r-- | spec/policies/project_policy_spec.rb | 36 |
3 files changed, 116 insertions, 0 deletions
diff --git a/spec/policies/global_policy_spec.rb b/spec/policies/global_policy_spec.rb index bbbc5d08c07..9e995366c17 100644 --- a/spec/policies/global_policy_spec.rb +++ b/spec/policies/global_policy_spec.rb @@ -565,4 +565,34 @@ RSpec.describe GlobalPolicy do it { is_expected.not_to be_allowed(:log_in) } end end + + describe 'update_runners_registration_token' do + context 'when anonymous' do + let(:current_user) { nil } + + it { is_expected.not_to be_allowed(:update_runners_registration_token) } + end + + context 'regular user' do + it { is_expected.not_to be_allowed(:update_runners_registration_token) } + end + + context 'when external' do + let(:current_user) { build(:user, :external) } + + it { is_expected.not_to be_allowed(:update_runners_registration_token) } + end + + context 'admin' do + let(:current_user) { create(:admin) } + + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed(:update_runners_registration_token) } + end + + context 'when admin mode is disabled' do + it { is_expected.to be_disallowed(:update_runners_registration_token) } + end + end + end end diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb index ee87a2da189..9fac5521aa6 100644 --- a/spec/policies/group_policy_spec.rb +++ b/spec/policies/group_policy_spec.rb @@ -923,4 +923,54 @@ RSpec.describe GroupPolicy do it { expect(described_class.new(current_user, subgroup)).to be_allowed(:read_label) } end end + + describe 'update_runners_registration_token' do + context 'admin' do + let(:current_user) { admin } + + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed(:update_runners_registration_token) } + end + + context 'when admin mode is disabled' do + it { is_expected.to be_disallowed(:update_runners_registration_token) } + end + end + + context 'with owner' do + let(:current_user) { owner } + + it { is_expected.to be_allowed(:update_runners_registration_token) } + end + + context 'with maintainer' do + let(:current_user) { maintainer } + + it { is_expected.to be_allowed(:update_runners_registration_token) } + end + + context 'with reporter' do + let(:current_user) { reporter } + + it { is_expected.to be_disallowed(:update_runners_registration_token) } + end + + context 'with guest' do + let(:current_user) { guest } + + it { is_expected.to be_disallowed(:update_runners_registration_token) } + end + + context 'with non member' do + let(:current_user) { create(:user) } + + it { is_expected.to be_disallowed(:update_runners_registration_token) } + end + + context 'with anonymous' do + let(:current_user) { nil } + + it { is_expected.to be_disallowed(:update_runners_registration_token) } + end + end end diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb index 2b4501a71a5..d0fe0cca8a1 100644 --- a/spec/policies/project_policy_spec.rb +++ b/spec/policies/project_policy_spec.rb @@ -1595,4 +1595,40 @@ RSpec.describe ProjectPolicy do end end end + + describe 'update_runners_registration_token' do + context 'when anonymous' do + let(:current_user) { anonymous } + + it { is_expected.not_to be_allowed(:update_runners_registration_token) } + end + + context 'admin' do + let(:current_user) { create(:admin) } + + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed(:update_runners_registration_token) } + end + + context 'when admin mode is disabled' do + it { is_expected.to be_disallowed(:update_runners_registration_token) } + end + end + + %w(guest reporter developer).each do |role| + context role do + let(:current_user) { send(role) } + + it { is_expected.to be_disallowed(:update_runners_registration_token) } + end + end + + %w(maintainer owner).each do |role| + context role do + let(:current_user) { send(role) } + + it { is_expected.to be_allowed(:update_runners_registration_token) } + end + end + end end |