diff options
| author | Douwe Maan <douwe@gitlab.com> | 2017-06-29 16:11:46 +0300 |
|---|---|---|
| committer | Douwe Maan <douwe@gitlab.com> | 2017-06-29 16:11:46 +0300 |
| commit | adf792f1f7288e8c10bf01efa0b78e30243889fe (patch) | |
| tree | f92b9ac9f70b927ea7aee0e3c5cd948fdd3f85dc /spec/support | |
| parent | 83ae38f6523c8628444de18e0a432349b6813909 (diff) | |
| parent | d9d5600711426d280cc1768820e809357293f14d (diff) | |
Merge branch '33082-use-update_pipeline_schedule-for-edit-and-take_ownership-in-pipelineschedulescontroller' into 'master'
Use authorize_update_pipeline_schedule in PipelineSchedulesController
Closes #33082
See merge request !11846
Diffstat (limited to 'spec/support')
| -rw-r--r-- | spec/support/matchers/access_matchers_for_controller.rb | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/spec/support/matchers/access_matchers_for_controller.rb b/spec/support/matchers/access_matchers_for_controller.rb new file mode 100644 index 00000000000..fb43f51c70c --- /dev/null +++ b/spec/support/matchers/access_matchers_for_controller.rb @@ -0,0 +1,84 @@ +# AccessMatchersForController +# +# For testing authorize_xxx in controller. +module AccessMatchersForController + extend RSpec::Matchers::DSL + include Warden::Test::Helpers + + EXPECTED_STATUS_CODE_ALLOWED = [200, 201, 302].freeze + EXPECTED_STATUS_CODE_DENIED = [401, 404].freeze + + def emulate_user(role, membership = nil) + case role + when :admin + user = create(:admin) + sign_in(user) + when :user + user = create(:user) + sign_in(user) + when :external + user = create(:user, external: true) + sign_in(user) + when :visitor + user = nil + when User + user = role + sign_in(user) + when *Gitlab::Access.sym_options_with_owner.keys # owner, master, developer, reporter, guest + raise ArgumentError, "cannot emulate #{role} without membership parent" unless membership + + user = create_user_by_membership(role, membership) + sign_in(user) + else + raise ArgumentError, "cannot emulate user #{role}" + end + + user + end + + def create_user_by_membership(role, membership) + if role == :owner && membership.owner + user = membership.owner + else + user = create(:user) + membership.public_send(:"add_#{role}", user) + end + user + end + + def description_for(role, type, expected, result) + "be #{type} for #{role}. Expected: #{expected.join(',')} Got: #{result}" + end + + matcher :be_allowed_for do |role| + match do |action| + emulate_user(role, @membership) + action.call + + EXPECTED_STATUS_CODE_ALLOWED.include?(response.status) + end + + chain :of do |membership| + @membership = membership + end + + description { description_for(role, 'allowed', EXPECTED_STATUS_CODE_ALLOWED, response.status) } + supports_block_expectations + end + + matcher :be_denied_for do |role| + match do |action| + emulate_user(role, @membership) + action.call + + EXPECTED_STATUS_CODE_DENIED.include?(response.status) + end + + chain :of do |membership| + @membership = membership + end + + description { description_for(role, 'denied', EXPECTED_STATUS_CODE_DENIED, response.status) } + supports_block_expectations + end +end |