Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-06-08 15:08:46 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-06-08 15:08:46 +0300
commit: cdda3d117c99cadf295f26abc92cb2456033b762 (patch)
tree: 30315b1ea79ee4639f44a407978ed719c62a1653 /spec/policies
parent: f4ea1f8998fd64bcd02280514b91f103f830d5ce (diff)
2 files changed, 12 insertions, 5 deletions
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index 23e4641e0d5..dfb625abc1b 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -32,7 +32,7 @@ RSpec.describe ProjectPolicy do
     end
   end
 
-  it 'does not include the read_issue permission when the issue author is not a member of the private project' do
+  it 'does not include the read permissions when the issue author is not a member of the private project' do
     project = create(:project, :private)
     issue   = create(:issue, project: project, author: create(:user))
     user    = issue.author
@@ -40,6 +40,7 @@ RSpec.describe ProjectPolicy do
     expect(project.team.member?(issue.author)).to be false
 
     expect(Ability).not_to be_allowed(user, :read_issue, project)
+    expect(Ability).not_to be_allowed(user, :read_work_item, project)
   end
 
   it_behaves_like 'model with wiki policies' do
@@ -61,7 +62,7 @@ RSpec.describe ProjectPolicy do
       end
 
       it 'does not include the issues permissions' do
-        expect_disallowed :read_issue, :read_issue_iid, :create_issue, :update_issue, :admin_issue, :create_incident, :create_work_item, :create_task
+        expect_disallowed :read_issue, :read_issue_iid, :create_issue, :update_issue, :admin_issue, :create_incident, :create_work_item, :create_task, :read_work_item
       end
 
       it 'disables boards and lists permissions' do
@@ -73,7 +74,7 @@ RSpec.describe ProjectPolicy do
         it 'does not include the issues permissions' do
           create(:jira_integration, project: project)
 
-          expect_disallowed :read_issue, :read_issue_iid, :create_issue, :update_issue, :admin_issue, :create_incident, :create_work_item, :create_task
+          expect_disallowed :read_issue, :read_issue_iid, :create_issue, :update_issue, :admin_issue, :create_incident, :create_work_item, :create_task, :read_work_item
         end
       end
     end
@@ -752,14 +753,14 @@ RSpec.describe ProjectPolicy do
         allow(project).to receive(:service_desk_enabled?).and_return(true)
       end
 
-      it { expect_allowed(:reporter_access, :create_note, :read_issue) }
+      it { expect_allowed(:reporter_access, :create_note, :read_issue, :read_work_item) }
 
       context 'when issues are protected members only' do
         before do
           project.project_feature.update!(issues_access_level: ProjectFeature::PRIVATE)
         end
 
-        it { expect_allowed(:reporter_access, :create_note, :read_issue) }
+        it { expect_allowed(:reporter_access, :create_note, :read_issue, :read_work_item) }
       end
     end
   end
diff --git a/spec/policies/work_item_policy_spec.rb b/spec/policies/work_item_policy_spec.rb
index b19f7d2557d..9cfc4455979 100644
--- a/spec/policies/work_item_policy_spec.rb
+++ b/spec/policies/work_item_policy_spec.rb
@@ -37,6 +37,12 @@ RSpec.describe WorkItemPolicy do
         let(:current_user) { guest_author }
 
         it { is_expected.to be_allowed(:read_work_item) }
+
+        context 'when work_item is confidential' do
+          let(:work_item_subject) { create(:work_item, confidential: true, project: project) }
+
+          it { is_expected.not_to be_allowed(:read_work_item) }
+        end
       end
     end
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-06-08 15:08:46 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-06-08 15:08:46 +0300
commit	cdda3d117c99cadf295f26abc92cb2456033b762 (patch)
tree	30315b1ea79ee4639f44a407978ed719c62a1653 /spec/policies
parent	f4ea1f8998fd64bcd02280514b91f103f830d5ce (diff)