From 5064bf8c5647d4c4430cbb4d097cf1592416de29 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Wed, 25 Mar 2020 09:08:11 +0000
Subject: Add latest changes from gitlab-org/gitlab@master

---
 spec/policies/environment_policy_spec.rb | 44 ++++++++++++++++++++++++++++++
 spec/policies/project_policy_spec.rb     | 46 ++++++++++++++++++++++++++++++++
 2 files changed, 90 insertions(+)

(limited to 'spec/policies')

diff --git a/spec/policies/environment_policy_spec.rb b/spec/policies/environment_policy_spec.rb
index 63a9512afcd..a098b52023d 100644
--- a/spec/policies/environment_policy_spec.rb
+++ b/spec/policies/environment_policy_spec.rb
@@ -86,6 +86,50 @@ describe EnvironmentPolicy do
           it { expect(policy).to be_allowed :stop_environment }
         end
       end
+
+      describe '#destroy_environment' do
+        let(:environment) do
+          create(:environment, project: project)
+        end
+
+        where(:access_level, :allowed?) do
+          nil         | false
+          :guest      | false
+          :reporter   | false
+          :developer  | true
+          :maintainer | true
+        end
+
+        with_them do
+          before do
+            project.add_user(user, access_level) unless access_level.nil?
+          end
+
+          it { expect(policy).to be_disallowed :destroy_environment }
+
+          context 'when environment is stopped' do
+            before do
+              environment.stop!
+            end
+
+            it { expect(policy.allowed?(:destroy_environment)).to be allowed? }
+          end
+        end
+
+        context 'when an admin user' do
+          let(:user) { create(:user, :admin) }
+
+          it { expect(policy).to be_disallowed :destroy_environment }
+
+          context 'when environment is stopped' do
+            before do
+              environment.stop!
+            end
+
+            it { expect(policy).to be_allowed :destroy_environment }
+          end
+        end
+      end
     end
 
     context 'when project is public' do
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index e7d49377b78..a729da5afad 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -573,4 +573,50 @@ describe ProjectPolicy do
       it { is_expected.to be_allowed(:admin_issue) }
     end
   end
+
+  describe 'read_prometheus_alerts' do
+    subject { described_class.new(current_user, project) }
+
+    context 'with admin' do
+      let(:current_user) { admin }
+
+      it { is_expected.to be_allowed(:read_prometheus_alerts) }
+    end
+
+    context 'with owner' do
+      let(:current_user) { owner }
+
+      it { is_expected.to be_allowed(:read_prometheus_alerts) }
+    end
+
+    context 'with maintainer' do
+      let(:current_user) { maintainer }
+
+      it { is_expected.to be_allowed(:read_prometheus_alerts) }
+    end
+
+    context 'with developer' do
+      let(:current_user) { developer }
+
+      it { is_expected.to be_disallowed(:read_prometheus_alerts) }
+    end
+
+    context 'with reporter' do
+      let(:current_user) { reporter }
+
+      it { is_expected.to be_disallowed(:read_prometheus_alerts) }
+    end
+
+    context 'with guest' do
+      let(:current_user) { guest }
+
+      it { is_expected.to be_disallowed(:read_prometheus_alerts) }
+    end
+
+    context 'with anonymous' do
+      let(:current_user) { nil }
+
+      it { is_expected.to be_disallowed(:read_prometheus_alerts) }
+    end
+  end
 end
-- 
cgit v1.2.3