Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-08-12 21:10:45 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-08-12 21:10:45 +0300
commit: bf1990164b801489b4475504701eefb66146e724 (patch)
tree: b21f9118116f413cdbde621048bd9b93c1388424 /spec/policies
parent: dc250651ab26bf7bce9205d5fa4a45dd58e2df81 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/spec/policies/issue_policy_spec.rb b/spec/policies/issue_policy_spec.rb
index 8ff936d5a35..d62271eedf6 100644
--- a/spec/policies/issue_policy_spec.rb
+++ b/spec/policies/issue_policy_spec.rb
@@ -360,6 +360,21 @@ RSpec.describe IssuePolicy do
         expect(permissions(assignee, confidential_issue_no_assignee)).to be_disallowed(:read_issue, :read_issue_iid, :update_issue, :admin_issue, :set_issue_metadata)
       end
     end
+
+    context 'with a hidden issue' do
+      let(:user) { create(:user) }
+      let(:banned_user) { create(:user, :banned) }
+      let(:admin) { create(:user, :admin)}
+      let(:hidden_issue) { create(:issue, project: project, author: banned_user) }
+
+      it 'does not allow non-admin user to read the issue' do
+        expect(permissions(user, hidden_issue)).not_to be_allowed(:read_issue)
+      end
+
+      it 'allows admin to read the issue', :enable_admin_mode do
+        expect(permissions(admin, hidden_issue)).to be_allowed(:read_issue)
+      end
+    end
   end
 
   context 'with external authorization enabled' do
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-08-12 21:10:45 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-08-12 21:10:45 +0300
commit	bf1990164b801489b4475504701eefb66146e724 (patch)
tree	b21f9118116f413cdbde621048bd9b93c1388424 /spec/policies
parent	dc250651ab26bf7bce9205d5fa4a45dd58e2df81 (diff)