Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/policies
diff options
context:
space:
mode:
Diffstat (limited to 'spec/policies')
-rw-r--r--spec/policies/ci/build_policy_spec.rb80
-rw-r--r--spec/policies/ci/pipeline_policy_spec.rb47
2 files changed, 58 insertions, 69 deletions
diff --git a/spec/policies/ci/build_policy_spec.rb b/spec/policies/ci/build_policy_spec.rb
index 9f3212b1a63..86e57fdf607 100644
--- a/spec/policies/ci/build_policy_spec.rb
+++ b/spec/policies/ci/build_policy_spec.rb
@@ -96,87 +96,29 @@ describe Ci::BuildPolicy, :models do
end
end
- describe 'rules for manual actions' do
+ describe 'rules for protected branch' do
let(:project) { create(:project) }
before do
project.add_developer(user)
- end
-
- shared_examples 'protected ref' do
- context 'when build is a manual action' do
- let(:build) do
- create(:ci_build, :manual, ref: 'some-ref', pipeline: pipeline)
- end
-
- it 'does not include ability to update build' do
- expect(policy).to be_disallowed :update_build
- end
- end
-
- context 'when build is not a manual action' do
- let(:build) do
- create(:ci_build, ref: 'some-ref', pipeline: pipeline)
- end
- it 'includes ability to update build' do
- expect(policy).to be_allowed :update_build
- end
- end
- end
-
- context 'when build is against a protected branch' do
- before do
- create(:protected_branch, :no_one_can_push,
- name: 'some-ref', project: project)
- end
-
- it_behaves_like 'protected ref'
+ create(:protected_branch, branch_policy,
+ name: build.ref, project: project)
end
- context 'when build is against a protected tag' do
- before do
- create(:protected_tag, :no_one_can_create,
- name: 'some-ref', project: project)
+ context 'when no one can push or merge to the branch' do
+ let(:branch_policy) { :no_one_can_push }
- build.update(tag: true)
+ it 'does not include ability to update build' do
+ expect(policy).to be_disallowed :update_build
end
-
- it_behaves_like 'protected ref'
end
- context 'when build is against a protected tag but it is not a tag' do
- before do
- create(:protected_tag, :no_one_can_create,
- name: 'some-ref', project: project)
- end
-
- context 'when build is a manual action' do
- let(:build) do
- create(:ci_build, :manual, ref: 'some-ref', pipeline: pipeline)
- end
+ context 'when developers can push to the branch' do
+ let(:branch_policy) { :developers_can_merge }
- it 'includes ability to update build' do
- expect(policy).to be_allowed :update_build
- end
- end
- end
-
- context 'when branch build is assigned to is not protected' do
- context 'when build is a manual action' do
- let(:build) { create(:ci_build, :manual, pipeline: pipeline) }
-
- it 'includes ability to update build' do
- expect(policy).to be_allowed :update_build
- end
- end
-
- context 'when build is not a manual action' do
- let(:build) { create(:ci_build, pipeline: pipeline) }
-
- it 'includes ability to update build' do
- expect(policy).to be_allowed :update_build
- end
+ it 'includes ability to update build' do
+ expect(policy).to be_allowed :update_build
end
end
end
diff --git a/spec/policies/ci/pipeline_policy_spec.rb b/spec/policies/ci/pipeline_policy_spec.rb
new file mode 100644
index 00000000000..cc04230411f
--- /dev/null
+++ b/spec/policies/ci/pipeline_policy_spec.rb
@@ -0,0 +1,47 @@
+require 'spec_helper'
+
+describe Ci::PipelinePolicy, :models do
+ let(:user) { create(:user) }
+ let(:pipeline) { create(:ci_empty_pipeline, project: project) }
+
+ let(:policy) do
+ described_class.new(user, pipeline)
+ end
+
+ describe 'rules' do
+ describe 'rules for protected branch' do
+ let(:project) { create(:project) }
+
+ before do
+ project.add_developer(user)
+
+ create(:protected_branch, branch_policy,
+ name: pipeline.ref, project: project)
+ end
+
+ context 'when no one can push or merge to the branch' do
+ let(:branch_policy) { :no_one_can_push }
+
+ it 'does not include ability to update pipeline' do
+ expect(policy).to be_disallowed :update_pipeline
+ end
+ end
+
+ context 'when developers can push to the branch' do
+ let(:branch_policy) { :developers_can_push }
+
+ it 'includes ability to update pipeline' do
+ expect(policy).to be_allowed :update_pipeline
+ end
+ end
+
+ context 'when developers can push to the branch' do
+ let(:branch_policy) { :developers_can_merge }
+
+ it 'includes ability to update pipeline' do
+ expect(policy).to be_allowed :update_pipeline
+ end
+ end
+ end
+ end
+end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-02 15:15:28 +0300