diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-08-30 22:43:18 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-08-30 22:43:18 +0300 |
| commit | 01ab84cac0d67be0e81d9c31216408dffc0ce369 (patch) | |
| tree | 439efb51b3818bd985b805fb8e1de9cd915badd1 /spec/support/shared_examples | |
| parent | 4432289851dcfc0bc030323f581866103fd12f66 (diff) | |
Add latest changes from gitlab-org/security/gitlab@16-2-stable-ee
Diffstat (limited to 'spec/support/shared_examples')
| -rw-r--r-- | spec/support/shared_examples/features/search/redacted_search_results_shared_examples.rb | 2 | ||||
| -rw-r--r-- | spec/support/shared_examples/requests/api/ml/mlflow/mlflow_shared_examples.rb | 15 |
2 files changed, 15 insertions, 2 deletions
diff --git a/spec/support/shared_examples/features/search/redacted_search_results_shared_examples.rb b/spec/support/shared_examples/features/search/redacted_search_results_shared_examples.rb index cbd0ffbab21..f2052f4202d 100644 --- a/spec/support/shared_examples/features/search/redacted_search_results_shared_examples.rb +++ b/spec/support/shared_examples/features/search/redacted_search_results_shared_examples.rb @@ -254,7 +254,7 @@ RSpec.shared_examples 'a redacted search results' do end context 'with :with_api_entity_associations' do - it_behaves_like "redaction limits N+1 queries", limit: 14 + it_behaves_like "redaction limits N+1 queries", limit: 15 end end diff --git a/spec/support/shared_examples/requests/api/ml/mlflow/mlflow_shared_examples.rb b/spec/support/shared_examples/requests/api/ml/mlflow/mlflow_shared_examples.rb index f2c38d70508..00e50b07909 100644 --- a/spec/support/shared_examples/requests/api/ml/mlflow/mlflow_shared_examples.rb +++ b/spec/support/shared_examples/requests/api/ml/mlflow/mlflow_shared_examples.rb @@ -8,12 +8,25 @@ RSpec.shared_examples 'MLflow|Not Found - Resource Does Not Exist' do end end -RSpec.shared_examples 'MLflow|Requires api scope' do +RSpec.shared_examples 'MLflow|Requires api scope and write permission' do context 'when user has access but token has wrong scope' do let(:access_token) { tokens[:read] } it { is_expected.to have_gitlab_http_status(:forbidden) } end + + context 'when user has access but is not allowed to write' do + before do + allow(Ability).to receive(:allowed?).and_call_original + allow(Ability).to receive(:allowed?) + .with(current_user, :write_model_experiments, project) + .and_return(false) + end + + it "is Unauthorized" do + is_expected.to have_gitlab_http_status(:unauthorized) + end + end end RSpec.shared_examples 'MLflow|Requires read_api scope' do |