diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-27 12:16:21 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-27 12:16:21 +0300 |
| commit | ff3955ef8efc9582d14c0f684dc8e856475231bd (patch) | |
| tree | 95e751639d1f84093cf06e02c44ce473cfe8f4dd /spec/policies | |
| parent | bf360857d96de6ae8989af058a88ace9b94e90cc (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/policies')
| -rw-r--r-- | spec/policies/achievements/user_achievement_policy_spec.rb | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/spec/policies/achievements/user_achievement_policy_spec.rb b/spec/policies/achievements/user_achievement_policy_spec.rb new file mode 100644 index 00000000000..47f6188e178 --- /dev/null +++ b/spec/policies/achievements/user_achievement_policy_spec.rb @@ -0,0 +1,78 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Achievements::UserAchievementPolicy, feature_category: :user_profile do + let(:maintainer) { create(:user) } + + let(:group) { create(:group, :public) } + + let(:current_user) { create(:user) } + let(:achievement) { create(:achievement, namespace: group) } + let(:achievement_owner) { create(:user) } + let(:user_achievement) { create(:user_achievement, achievement: achievement, user: achievement_owner) } + + before do + group.add_maintainer(maintainer) + end + + subject { described_class.new(current_user, user_achievement) } + + it 'is readable to everyone when user has public profile' do + is_expected.to be_allowed(:read_user_achievement) + end + + context 'when user has private profile' do + before do + achievement_owner.update!(private_profile: true) + end + + context 'for achievement owner' do + let(:current_user) { achievement_owner } + + it 'is visible' do + is_expected.to be_allowed(:read_user_achievement) + end + end + + context 'for group maintainer' do + let(:current_user) { maintainer } + + it 'is visible' do + is_expected.to be_allowed(:read_user_achievement) + end + end + + context 'for others' do + it 'is hidden' do + is_expected.not_to be_allowed(:read_user_achievement) + end + end + end + + context 'when group is private' do + let(:group) { create(:group, :private) } + + context 'for achievement owner' do + let(:current_user) { achievement_owner } + + it 'is hidden' do + is_expected.not_to be_allowed(:read_user_achievement) + end + end + + context 'for group maintainer' do + let(:current_user) { maintainer } + + it 'is visible' do + is_expected.to be_allowed(:read_user_achievement) + end + end + + context 'for others' do + it 'is hidden' do + is_expected.not_to be_allowed(:read_user_achievement) + end + end + end +end |