diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-18 11:52:04 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-18 11:52:04 +0300 |
| commit | 7e2d89989a48ecd55d3f118d7bf8c3a00e1038cb (patch) | |
| tree | 11f24f04e0f11b451c84a224e0d1f07cfed25928 /spec/support | |
| parent | a12a8608e6160bef7f2edca1e20192b69a83ff54 (diff) | |
Add latest changes from gitlab-org/gitlab@13-2-stable-ee
Diffstat (limited to 'spec/support')
| -rw-r--r-- | spec/support/shared_examples/policies/project_policy_shared_examples.rb | 83 |
1 files changed, 81 insertions, 2 deletions
diff --git a/spec/support/shared_examples/policies/project_policy_shared_examples.rb b/spec/support/shared_examples/policies/project_policy_shared_examples.rb index f8526ec68dc..df8e4bc96dd 100644 --- a/spec/support/shared_examples/policies/project_policy_shared_examples.rb +++ b/spec/support/shared_examples/policies/project_policy_shared_examples.rb @@ -97,6 +97,28 @@ RSpec.shared_examples 'project policies as anonymous' do end end +RSpec.shared_examples 'deploy token does not get confused with user' do + before do + deploy_token.update!(id: user_id) + + # Project with public builds are available to all + project.update!(public_builds: false) + end + + let(:deploy_token) { create(:deploy_token) } + + subject { described_class.new(deploy_token, project) } + + it do + expect_disallowed(*guest_permissions) + expect_disallowed(*reporter_permissions) + expect_disallowed(*team_member_reporter_permissions) + expect_disallowed(*developer_permissions) + expect_disallowed(*maintainer_permissions) + expect_disallowed(*owner_permissions) + end +end + RSpec.shared_examples 'project policies as guest' do subject { described_class.new(guest, project) } @@ -115,6 +137,10 @@ RSpec.shared_examples 'project policies as guest' do expect_disallowed(*owner_permissions) end + it_behaves_like 'deploy token does not get confused with user' do + let(:user_id) { guest.id } + end + it_behaves_like 'archived project policies' do let(:regular_abilities) { guest_permissions } end @@ -128,7 +154,7 @@ RSpec.shared_examples 'project policies as guest' do context 'when public builds disabled' do before do - project.update(public_builds: false) + project.update!(public_builds: false) end it do @@ -139,7 +165,7 @@ RSpec.shared_examples 'project policies as guest' do context 'when builds are disabled' do before do - project.project_feature.update(builds_access_level: ProjectFeature::DISABLED) + project.project_feature.update!(builds_access_level: ProjectFeature::DISABLED) end it do @@ -165,6 +191,10 @@ RSpec.shared_examples 'project policies as reporter' do expect_disallowed(*owner_permissions) end + it_behaves_like 'deploy token does not get confused with user' do + let(:user_id) { reporter.id } + end + it_behaves_like 'archived project policies' do let(:regular_abilities) { reporter_permissions } end @@ -186,6 +216,10 @@ RSpec.shared_examples 'project policies as developer' do expect_disallowed(*owner_permissions) end + it_behaves_like 'deploy token does not get confused with user' do + let(:user_id) { developer.id } + end + it_behaves_like 'archived project policies' do let(:regular_abilities) { developer_permissions } end @@ -207,6 +241,10 @@ RSpec.shared_examples 'project policies as maintainer' do expect_disallowed(*owner_permissions) end + it_behaves_like 'deploy token does not get confused with user' do + let(:user_id) { maintainer.id } + end + it_behaves_like 'archived project policies' do let(:regular_abilities) { maintainer_permissions } end @@ -228,6 +266,10 @@ RSpec.shared_examples 'project policies as owner' do expect_allowed(*owner_permissions) end + it_behaves_like 'deploy token does not get confused with user' do + let(:user_id) { owner.id } + end + it_behaves_like 'archived project policies' do let(:regular_abilities) { owner_permissions } end @@ -249,6 +291,28 @@ RSpec.shared_examples 'project policies as admin with admin mode' do expect_allowed(*owner_permissions) end + context 'deploy token does not get confused with user' do + before do + allow(deploy_token).to receive(:id).and_return(admin.id) + + # Project with public builds are available to all + project.update!(public_builds: false) + end + + let(:deploy_token) { create(:deploy_token) } + + subject { described_class.new(deploy_token, project) } + + it do + expect_disallowed(*guest_permissions) + expect_disallowed(*reporter_permissions) + expect_disallowed(*team_member_reporter_permissions) + expect_disallowed(*developer_permissions) + expect_disallowed(*maintainer_permissions) + expect_disallowed(*owner_permissions) + end + end + it_behaves_like 'archived project policies' do let(:regular_abilities) { owner_permissions } end @@ -268,5 +332,20 @@ RSpec.shared_examples 'project policies as admin without admin mode' do subject { described_class.new(admin, project) } it { is_expected.to be_banned } + + context 'deploy token does not get confused with user' do + before do + allow(deploy_token).to receive(:id).and_return(admin.id) + + # Project with public builds are available to all + project.update!(public_builds: false) + end + + let(:deploy_token) { create(:deploy_token) } + + subject { described_class.new(deploy_token, project) } + + it { is_expected.to be_banned } + end end end |