diff options
Diffstat (limited to 'spec/policies/project_policy_spec.rb')
-rw-r--r-- | spec/policies/project_policy_spec.rb | 81 |
1 files changed, 0 insertions, 81 deletions
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb index 973ed66b8d8..9b2d10283f1 100644 --- a/spec/policies/project_policy_spec.rb +++ b/spec/policies/project_policy_spec.rb @@ -1965,87 +1965,6 @@ RSpec.describe ProjectPolicy do it_behaves_like 'Self-managed Core resource access tokens' - describe 'operations feature' do - using RSpec::Parameterized::TableSyntax - - let(:guest_permissions) { [:read_environment, :read_deployment] } - - let(:developer_permissions) do - guest_permissions + [ - :read_feature_flag, :read_sentry_issue, :read_alert_management_alert, :read_terraform_state, - :metrics_dashboard, :read_pod_logs, :read_prometheus, :create_feature_flag, - :create_environment, :create_deployment, :update_feature_flag, :update_environment, - :update_sentry_issue, :update_alert_management_alert, :update_deployment, - :destroy_feature_flag, :destroy_environment, :admin_feature_flag - ] - end - - let(:maintainer_permissions) do - developer_permissions + [ - :read_cluster, :create_cluster, :update_cluster, :admin_environment, - :admin_cluster, :admin_terraform_state, :admin_deployment - ] - end - - before do - stub_feature_flags(split_operations_visibility_permissions: false) - end - - where(:project_visibility, :access_level, :role, :allowed) do - :public | ProjectFeature::ENABLED | :maintainer | true - :public | ProjectFeature::ENABLED | :developer | true - :public | ProjectFeature::ENABLED | :guest | true - :public | ProjectFeature::ENABLED | :anonymous | true - :public | ProjectFeature::PRIVATE | :maintainer | true - :public | ProjectFeature::PRIVATE | :developer | true - :public | ProjectFeature::PRIVATE | :guest | true - :public | ProjectFeature::PRIVATE | :anonymous | false - :public | ProjectFeature::DISABLED | :maintainer | false - :public | ProjectFeature::DISABLED | :developer | false - :public | ProjectFeature::DISABLED | :guest | false - :public | ProjectFeature::DISABLED | :anonymous | false - :internal | ProjectFeature::ENABLED | :maintainer | true - :internal | ProjectFeature::ENABLED | :developer | true - :internal | ProjectFeature::ENABLED | :guest | true - :internal | ProjectFeature::ENABLED | :anonymous | false - :internal | ProjectFeature::PRIVATE | :maintainer | true - :internal | ProjectFeature::PRIVATE | :developer | true - :internal | ProjectFeature::PRIVATE | :guest | true - :internal | ProjectFeature::PRIVATE | :anonymous | false - :internal | ProjectFeature::DISABLED | :maintainer | false - :internal | ProjectFeature::DISABLED | :developer | false - :internal | ProjectFeature::DISABLED | :guest | false - :internal | ProjectFeature::DISABLED | :anonymous | false - :private | ProjectFeature::ENABLED | :maintainer | true - :private | ProjectFeature::ENABLED | :developer | true - :private | ProjectFeature::ENABLED | :guest | false - :private | ProjectFeature::ENABLED | :anonymous | false - :private | ProjectFeature::PRIVATE | :maintainer | true - :private | ProjectFeature::PRIVATE | :developer | true - :private | ProjectFeature::PRIVATE | :guest | false - :private | ProjectFeature::PRIVATE | :anonymous | false - :private | ProjectFeature::DISABLED | :maintainer | false - :private | ProjectFeature::DISABLED | :developer | false - :private | ProjectFeature::DISABLED | :guest | false - :private | ProjectFeature::DISABLED | :anonymous | false - end - - with_them do - let(:current_user) { user_subject(role) } - let(:project) { project_subject(project_visibility) } - - it 'allows/disallows the abilities based on the operation feature access level' do - project.project_feature.update!(operations_access_level: access_level) - - if allowed - expect_allowed(*permissions_abilities(role)) - else - expect_disallowed(*permissions_abilities(role)) - end - end - end - end - describe 'environments feature' do using RSpec::Parameterized::TableSyntax |