From 72c331ebf56ba3d49a79ec799de84e790748adef Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Tue, 9 Mar 2021 18:09:41 +0000 Subject: Add latest changes from gitlab-org/gitlab@master --- .../security/group/internal_access_spec.rb | 35 +++++++++++++++--- .../features/security/group/private_access_spec.rb | 42 ++++++++++++++++++---- spec/features/security/group/public_access_spec.rb | 35 +++++++++++++++--- 3 files changed, 96 insertions(+), 16 deletions(-) (limited to 'spec/features/security') diff --git a/spec/features/security/group/internal_access_spec.rb b/spec/features/security/group/internal_access_spec.rb index c146ac1e8ee..755f170a93e 100644 --- a/spec/features/security/group/internal_access_spec.rb +++ b/spec/features/security/group/internal_access_spec.rb @@ -24,7 +24,12 @@ RSpec.describe 'Internal Group access' do describe 'GET /groups/:path' do subject { group_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_allowed_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_allowed_for(:maintainer).of(group) } it { is_expected.to be_allowed_for(:developer).of(group) } @@ -39,7 +44,12 @@ RSpec.describe 'Internal Group access' do describe 'GET /groups/:path/-/issues' do subject { issues_group_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_allowed_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_allowed_for(:maintainer).of(group) } it { is_expected.to be_allowed_for(:developer).of(group) } @@ -56,7 +66,12 @@ RSpec.describe 'Internal Group access' do subject { merge_requests_group_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_allowed_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_allowed_for(:maintainer).of(group) } it { is_expected.to be_allowed_for(:developer).of(group) } @@ -71,7 +86,12 @@ RSpec.describe 'Internal Group access' do describe 'GET /groups/:path/-/group_members' do subject { group_group_members_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_allowed_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_allowed_for(:maintainer).of(group) } it { is_expected.to be_allowed_for(:developer).of(group) } @@ -86,7 +106,12 @@ RSpec.describe 'Internal Group access' do describe 'GET /groups/:path/-/edit' do subject { edit_group_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_denied_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_denied_for(:maintainer).of(group) } it { is_expected.to be_denied_for(:developer).of(group) } diff --git a/spec/features/security/group/private_access_spec.rb b/spec/features/security/group/private_access_spec.rb index de05b4d3d16..fc1fb3e3848 100644 --- a/spec/features/security/group/private_access_spec.rb +++ b/spec/features/security/group/private_access_spec.rb @@ -24,7 +24,12 @@ RSpec.describe 'Private Group access' do describe 'GET /groups/:path' do subject { group_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_denied_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_allowed_for(:maintainer).of(group) } it { is_expected.to be_allowed_for(:developer).of(group) } @@ -39,7 +44,12 @@ RSpec.describe 'Private Group access' do describe 'GET /groups/:path/-/issues' do subject { issues_group_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_denied_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_allowed_for(:maintainer).of(group) } it { is_expected.to be_allowed_for(:developer).of(group) } @@ -56,7 +66,12 @@ RSpec.describe 'Private Group access' do subject { merge_requests_group_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_denied_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_allowed_for(:maintainer).of(group) } it { is_expected.to be_allowed_for(:developer).of(group) } @@ -71,7 +86,12 @@ RSpec.describe 'Private Group access' do describe 'GET /groups/:path/-/group_members' do subject { group_group_members_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_denied_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_allowed_for(:maintainer).of(group) } it { is_expected.to be_allowed_for(:developer).of(group) } @@ -86,7 +106,12 @@ RSpec.describe 'Private Group access' do describe 'GET /groups/:path/-/edit' do subject { edit_group_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_denied_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_denied_for(:maintainer).of(group) } it { is_expected.to be_denied_for(:developer).of(group) } @@ -107,7 +132,12 @@ RSpec.describe 'Private Group access' do subject { group_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_denied_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_allowed_for(:maintainer).of(group) } it { is_expected.to be_allowed_for(:developer).of(group) } diff --git a/spec/features/security/group/public_access_spec.rb b/spec/features/security/group/public_access_spec.rb index ee72b84616a..90de2b58044 100644 --- a/spec/features/security/group/public_access_spec.rb +++ b/spec/features/security/group/public_access_spec.rb @@ -24,7 +24,12 @@ RSpec.describe 'Public Group access' do describe 'GET /groups/:path' do subject { group_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_allowed_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_allowed_for(:maintainer).of(group) } it { is_expected.to be_allowed_for(:developer).of(group) } @@ -39,7 +44,12 @@ RSpec.describe 'Public Group access' do describe 'GET /groups/:path/-/issues' do subject { issues_group_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_allowed_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_allowed_for(:maintainer).of(group) } it { is_expected.to be_allowed_for(:developer).of(group) } @@ -56,7 +66,12 @@ RSpec.describe 'Public Group access' do subject { merge_requests_group_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_allowed_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_allowed_for(:maintainer).of(group) } it { is_expected.to be_allowed_for(:developer).of(group) } @@ -71,7 +86,12 @@ RSpec.describe 'Public Group access' do describe 'GET /groups/:path/-/group_members' do subject { group_group_members_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_allowed_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_allowed_for(:maintainer).of(group) } it { is_expected.to be_allowed_for(:developer).of(group) } @@ -86,7 +106,12 @@ RSpec.describe 'Public Group access' do describe 'GET /groups/:path/-/edit' do subject { edit_group_path(group) } - it { is_expected.to be_allowed_for(:admin) } + context 'when admin mode is enabled', :enable_admin_mode do + it { is_expected.to be_allowed_for(:admin) } + end + context 'when admin mode is disabled' do + it { is_expected.to be_denied_for(:admin) } + end it { is_expected.to be_allowed_for(:owner).of(group) } it { is_expected.to be_denied_for(:maintainer).of(group) } it { is_expected.to be_denied_for(:developer).of(group) } -- cgit v1.2.3