3 files changed, 60 insertions, 2 deletions

diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index bb1b794c2b6..a6226fe903b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -76,6 +76,7 @@ RSpec.shared_context 'GroupPolicy context' do
       register_group_runners
       read_billing
       edit_billing
+      admin_member_access_request
     ]
   end
 
diff --git a/spec/support/shared_contexts/policies/project_policy_shared_context.rb b/spec/support/shared_contexts/policies/project_policy_shared_context.rb
index fc7255a4a20..6e2caa853f8 100644
--- a/spec/support/shared_contexts/policies/project_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/project_policy_shared_context.rb
@@ -68,7 +68,7 @@ RSpec.shared_context 'ProjectPolicy context' do
       admin_project admin_project_member admin_snippet admin_terraform_state
       admin_wiki create_deploy_token destroy_deploy_token
       push_to_delete_protected_branch read_deploy_token update_snippet
-      destroy_upload
+      destroy_upload admin_member_access_request rename_project
     ]
   end
 
@@ -83,7 +83,7 @@ RSpec.shared_context 'ProjectPolicy context' do
   let(:base_owner_permissions) do
     %i[
       archive_project change_namespace change_visibility_level destroy_issue
-      destroy_merge_request manage_owners remove_fork_project remove_project rename_project
+      destroy_merge_request manage_owners remove_fork_project remove_project
       set_issue_created_at set_issue_iid set_issue_updated_at
       set_note_created_at
     ]
diff --git a/spec/support/shared_contexts/policies/project_policy_table_shared_context.rb b/spec/support/shared_contexts/policies/project_policy_table_shared_context.rb
index b18ce14eba6..d9ea7bc7f82 100644
--- a/spec/support/shared_contexts/policies/project_policy_table_shared_context.rb
+++ b/spec/support/shared_contexts/policies/project_policy_table_shared_context.rb
@@ -126,6 +126,63 @@ RSpec.shared_context 'ProjectPolicyTable context' do
   end
 
   # This table is based on permission_table_for_guest_feature_access,
+  # but takes into account note confidentiality. It is required on the context
+  # to have one regular note and one confidential note.
+  #
+  # project_level, :feature_access_level, :membership, :admin_mode, :expected_count
+  def permission_table_for_notes_feature_access
+    :public   | :enabled  | :admin      | true  | 2
+    :public   | :enabled  | :admin      | false | 1
+    :public   | :enabled  | :reporter   | nil   | 2
+    :public   | :enabled  | :guest      | nil   | 1
+    :public   | :enabled  | :non_member | nil   | 1
+    :public   | :enabled  | :anonymous  | nil   | 1
+
+    :public   | :private  | :admin      | true  | 2
+    :public   | :private  | :admin      | false | 0
+    :public   | :private  | :reporter   | nil   | 2
+    :public   | :private  | :guest      | nil   | 1
+    :public   | :private  | :non_member | nil   | 0
+    :public   | :private  | :anonymous  | nil   | 0
+
+    :public   | :disabled | :reporter   | nil   | 0
+    :public   | :disabled | :guest      | nil   | 0
+    :public   | :disabled | :non_member | nil   | 0
+    :public   | :disabled | :anonymous  | nil   | 0
+
+    :internal | :enabled  | :admin      | true  | 2
+    :internal | :enabled  | :admin      | false | 1
+    :internal | :enabled  | :reporter   | nil   | 2
+    :internal | :enabled  | :guest      | nil   | 1
+    :internal | :enabled  | :non_member | nil   | 1
+    :internal | :enabled  | :anonymous  | nil   | 0
+
+    :internal | :private  | :admin      | true  | 2
+    :internal | :private  | :admin      | false | 0
+    :internal | :private  | :reporter   | nil   | 2
+    :internal | :private  | :guest      | nil   | 1
+    :internal | :private  | :non_member | nil   | 0
+    :internal | :private  | :anonymous  | nil   | 0
+
+    :internal | :disabled | :reporter   | nil   | 0
+    :internal | :disabled | :guest      | nil   | 0
+    :internal | :disabled | :non_member | nil   | 0
+    :internal | :disabled | :anonymous  | nil   | 0
+
+    :private  | :private  | :admin      | true  | 2
+    :private  | :private  | :admin      | false | 0
+    :private  | :private  | :reporter   | nil   | 2
+    :private  | :private  | :guest      | nil   | 1
+    :private  | :private  | :non_member | nil   | 0
+    :private  | :private  | :anonymous  | nil   | 0
+
+    :private  | :disabled | :reporter   | nil   | 0
+    :private  | :disabled | :guest      | nil   | 0
+    :private  | :disabled | :non_member | nil   | 0
+    :private  | :disabled | :anonymous  | nil   | 0
+  end
+
+  # This table is based on permission_table_for_guest_feature_access,
   # but with a slight twist.
   # Some features can be hidden away to GUEST, when project is private.
   # (see ProjectFeature::PRIVATE_FEATURES_MIN_ACCESS_LEVEL_FOR_PRIVATE_PROJECT)