5 files changed, 141 insertions, 24 deletions

diff --git a/spec/features/projects/settings/access_tokens_spec.rb b/spec/features/projects/settings/access_tokens_spec.rb
index 122bf267021..88f9a50b093 100644
--- a/spec/features/projects/settings/access_tokens_spec.rb
+++ b/spec/features/projects/settings/access_tokens_spec.rb
@@ -3,6 +3,8 @@
 require 'spec_helper'
 
 RSpec.describe 'Project > Settings > Access Tokens', :js do
+  include Spec::Support::Helpers::ModalHelpers
+
   let_it_be(:user) { create(:user) }
   let_it_be(:bot_user) { create(:user, :project_bot) }
   let_it_be(:group) { create(:group) }
@@ -14,7 +16,6 @@ RSpec.describe 'Project > Settings > Access Tokens', :js do
   end
 
   before do
-    stub_feature_flags(bootstrap_confirmation_modals: false)
     sign_in(user)
   end
 
@@ -24,6 +25,11 @@ RSpec.describe 'Project > Settings > Access Tokens', :js do
     create(:personal_access_token, user: bot_user)
   end
 
+  def role_dropdown_options
+    role_dropdown = page.find_by_id('resource_access_token_access_level')
+    role_dropdown.all('option').map(&:text)
+  end
+
   context 'when user is not a project maintainer' do
     before do
       project.add_developer(user)
@@ -33,37 +39,68 @@ RSpec.describe 'Project > Settings > Access Tokens', :js do
   end
 
   describe 'token creation' do
-    it_behaves_like 'resource access tokens creation', 'project'
+    context 'when user is a project owner' do
+      before do
+        project.add_owner(user)
+      end
 
-    context 'when token creation is not allowed' do
-      it_behaves_like 'resource access tokens creation disallowed', 'Project access token creation is disabled in this group. You can still use and manage existing tokens.'
+      it_behaves_like 'resource access tokens creation', 'project'
 
-      context 'with a project in a personal namespace' do
-        let(:personal_project) { create(:project) }
+      it 'shows Owner option' do
+        visit resource_settings_access_tokens_path
 
-        before do
-          personal_project.add_maintainer(user)
-        end
+        expect(role_dropdown_options).to include('Owner')
+      end
+    end
 
-        it 'shows access token creation form and text' do
-          visit project_settings_access_tokens_path(personal_project)
+    context 'when user is a project maintainer' do
+      before_all do
+        project.add_maintainer(user)
+      end
+
+      it_behaves_like 'resource access tokens creation', 'project'
+
+      it 'does not show Owner option for a maintainer' do
+        visit resource_settings_access_tokens_path
 
-          expect(page).to have_selector('#new_resource_access_token')
-          expect(page).to have_text('Generate project access tokens scoped to this project for your applications that need access to the GitLab API.')
-        end
+        expect(role_dropdown_options).not_to include('Owner')
       end
     end
   end
 
-  describe 'active tokens' do
-    let!(:resource_access_token) { create_resource_access_token }
+  context 'when token creation is not allowed' do
+    it_behaves_like 'resource access tokens creation disallowed', 'Project access token creation is disabled in this group. You can still use and manage existing tokens.'
 
-    it_behaves_like 'active resource access tokens'
+    context 'with a project in a personal namespace' do
+      let(:personal_project) { create(:project) }
+
+      before do
+        personal_project.add_maintainer(user)
+      end
+
+      it 'shows access token creation form and text' do
+        visit project_settings_access_tokens_path(personal_project)
+
+        expect(page).to have_selector('#js-new-access-token-form')
+      end
+    end
   end
 
-  describe 'inactive tokens' do
-    let!(:resource_access_token) { create_resource_access_token }
+  describe 'viewing tokens' do
+    before_all do
+      project.add_maintainer(user)
+    end
+
+    describe 'active tokens' do
+      let!(:resource_access_token) { create_resource_access_token }
+
+      it_behaves_like 'active resource access tokens'
+    end
 
-    it_behaves_like 'inactive resource access tokens', 'This project has no active access tokens.'
+    describe 'inactive tokens' do
+      let!(:resource_access_token) { create_resource_access_token }
+
+      it_behaves_like 'inactive resource access tokens', 'This project has no active access tokens.'
+    end
   end
 end
diff --git a/spec/features/projects/settings/branch_rules_settings_spec.rb b/spec/features/projects/settings/branch_rules_settings_spec.rb
new file mode 100644
index 00000000000..5cc35f108b5
--- /dev/null
+++ b/spec/features/projects/settings/branch_rules_settings_spec.rb
@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'Projects > Settings > Repository > Branch rules settings' do
+  let(:project) { create(:project_empty_repo) }
+  let(:user) { create(:user) }
+  let(:role) { :developer }
+
+  subject(:request) { visit project_settings_repository_branch_rules_path(project) }
+
+  before do
+    project.add_role(user, role)
+    sign_in(user)
+  end
+
+  context 'for developer' do
+    let(:role) { :developer }
+
+    it 'is not allowed to view' do
+      request
+
+      expect(page).to have_gitlab_http_status(:not_found)
+    end
+  end
+
+  context 'for maintainer' do
+    let(:role) { :maintainer }
+
+    context 'Branch rules', :js do
+      it 'renders branch rules page' do
+        request
+
+        expect(page).to have_content('Branch rules')
+      end
+    end
+
+    context 'branch_rules feature flag disabled' do
+      it 'does not render branch rules content' do
+        stub_feature_flags(branch_rules: false)
+        request
+
+        expect(page).to have_gitlab_http_status(:not_found)
+      end
+    end
+  end
+end
diff --git a/spec/features/projects/settings/packages_settings_spec.rb b/spec/features/projects/settings/packages_settings_spec.rb
index 057e6b635fe..1c2b0faa215 100644
--- a/spec/features/projects/settings/packages_settings_spec.rb
+++ b/spec/features/projects/settings/packages_settings_spec.rb
@@ -11,6 +11,7 @@ RSpec.describe 'Projects > Settings > Packages', :js do
     sign_in(user)
 
     stub_config(packages: { enabled: packages_enabled })
+    stub_feature_flags(package_registry_access_level: package_registry_access_level)
 
     visit edit_project_path(project)
   end
@@ -18,14 +19,31 @@ RSpec.describe 'Projects > Settings > Packages', :js do
   context 'Packages enabled in config' do
     let(:packages_enabled) { true }
 
-    it 'displays the packages toggle button' do
-      expect(page).to have_selector('[data-testid="toggle-label"]', text: 'Packages')
-      expect(page).to have_selector('input[name="project[packages_enabled]"] + button', visible: true)
+    context 'with feature flag disabled' do
+      let(:package_registry_access_level) { false }
+
+      it 'displays the packages toggle button' do
+        expect(page).to have_selector('[data-testid="toggle-label"]', text: 'Packages')
+        expect(page).to have_selector('input[name="project[packages_enabled]"] + button', visible: true)
+      end
+    end
+
+    context 'with feature flag enabled' do
+      let(:package_registry_access_level) { true }
+
+      it 'displays the packages access level setting' do
+        expect(page).to have_selector('[data-testid="package-registry-access-level"] > label', text: 'Package registry')
+        expect(page).to have_selector(
+          'input[name="project[project_feature_attributes][package_registry_access_level]"]',
+          visible: false
+        )
+      end
     end
   end
 
   context 'Packages disabled in config' do
     let(:packages_enabled) { false }
+    let(:package_registry_access_level) { false }
 
     it 'does not show up in UI' do
       expect(page).not_to have_selector('[data-testid="toggle-label"]', text: 'Packages')
diff --git a/spec/features/projects/settings/repository_settings_spec.rb b/spec/features/projects/settings/repository_settings_spec.rb
index 4e1b55d3d70..cfdd3d9224d 100644
--- a/spec/features/projects/settings/repository_settings_spec.rb
+++ b/spec/features/projects/settings/repository_settings_spec.rb
@@ -39,6 +39,22 @@ RSpec.describe 'Projects > Settings > Repository settings' do
       end
     end
 
+    context 'Branch rules', :js do
+      it 'renders branch rules settings' do
+        visit project_settings_repository_path(project)
+        expect(page).to have_content('Branch rules')
+      end
+
+      context 'branch_rules feature flag disabled', :js do
+        it 'does not render branch rules settings' do
+          stub_feature_flags(branch_rules: false)
+          visit project_settings_repository_path(project)
+
+          expect(page).not_to have_content('Branch rules')
+        end
+      end
+    end
+
     context 'Deploy Keys', :js do
       let_it_be(:private_deploy_key) { create(:deploy_key, title: 'private_deploy_key', public: false) }
       let_it_be(:public_deploy_key) { create(:another_deploy_key, title: 'public_deploy_key', public: true) }
diff --git a/spec/features/projects/settings/user_searches_in_settings_spec.rb b/spec/features/projects/settings/user_searches_in_settings_spec.rb
index 44b5464a1b0..7ed96d01189 100644
--- a/spec/features/projects/settings/user_searches_in_settings_spec.rb
+++ b/spec/features/projects/settings/user_searches_in_settings_spec.rb
@@ -7,7 +7,6 @@ RSpec.describe 'User searches project settings', :js do
   let_it_be(:project) { create(:project, :repository, namespace: user.namespace, pages_https_only: false) }
 
   before do
-    stub_feature_flags(bootstrap_confirmation_modals: false)
     sign_in(user)
   end