From 839c080dd0976f19c274eee1331c47985490cd41 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Fri, 29 Nov 2019 21:06:13 +0000
Subject: Add latest changes from gitlab-org/gitlab@master

---
 spec/controllers/snippets_controller_spec.rb       | 24 +++++++++++++++++++
 spec/features/snippets/show_spec.rb                | 17 +++++++++++++
 .../environments/environment_item_spec.js          | 28 ++++++++++++++++++++++
 spec/policies/global_policy_spec.rb                | 18 ++++++++++++++
 .../layouts/header/_new_dropdown.haml_spec.rb      | 10 ++++++++
 5 files changed, 97 insertions(+)

(limited to 'spec')

diff --git a/spec/controllers/snippets_controller_spec.rb b/spec/controllers/snippets_controller_spec.rb
index 054d448c28d..510db4374c0 100644
--- a/spec/controllers/snippets_controller_spec.rb
+++ b/spec/controllers/snippets_controller_spec.rb
@@ -53,6 +53,16 @@ describe SnippetsController do
 
         expect(response).to have_gitlab_http_status(200)
       end
+
+      context 'when user is not allowed to create a personal snippet' do
+        let(:user) { create(:user, :external) }
+
+        it 'responds with status 404' do
+          get :new
+
+          expect(response).to have_gitlab_http_status(404)
+        end
+      end
     end
 
     context 'when not signed in' do
@@ -215,6 +225,20 @@ describe SnippetsController do
       expect(snippet.description).to eq('Description')
     end
 
+    context 'when user is not allowed to create a personal snippet' do
+      let(:user) { create(:user, :external) }
+
+      it 'responds with status 404' do
+        aggregate_failures do
+          expect do
+            create_snippet(visibility_level: Snippet::PUBLIC)
+          end.not_to change { Snippet.count }
+
+          expect(response).to have_gitlab_http_status(404)
+        end
+      end
+    end
+
     context 'when the snippet description contains a file' do
       include FileMoverHelpers
 
diff --git a/spec/features/snippets/show_spec.rb b/spec/features/snippets/show_spec.rb
index edf7d37fd6d..450e520e293 100644
--- a/spec/features/snippets/show_spec.rb
+++ b/spec/features/snippets/show_spec.rb
@@ -158,4 +158,21 @@ describe 'Snippet', :js do
 
     subject { visit snippet_path(snippet) }
   end
+
+  context 'when user cannot create snippets' do
+    let(:user) { create(:user, :external) }
+    let(:snippet) { create(:personal_snippet, :public) }
+
+    before do
+      sign_in(user)
+
+      visit snippet_path(snippet)
+
+      wait_for_requests
+    end
+
+    it 'does not show the "New Snippet" button' do
+      expect(page).not_to have_link('New snippet')
+    end
+  end
 end
diff --git a/spec/javascripts/environments/environment_item_spec.js b/spec/javascripts/environments/environment_item_spec.js
index 4ab9a3998c0..09209ba2513 100644
--- a/spec/javascripts/environments/environment_item_spec.js
+++ b/spec/javascripts/environments/environment_item_spec.js
@@ -2,6 +2,32 @@ import { format } from 'timeago.js';
 import Vue from 'vue';
 import environmentItemComp from '~/environments/components/environment_item.vue';
 
+const tableData = {
+  name: {
+    title: 'Environment',
+    spacing: 'section-15',
+  },
+  deploy: {
+    title: 'Deployment',
+    spacing: 'section-10',
+  },
+  build: {
+    title: 'Job',
+    spacing: 'section-15',
+  },
+  commit: {
+    title: 'Commit',
+    spacing: 'section-20',
+  },
+  date: {
+    title: 'Updated',
+    spacing: 'section-10',
+  },
+  actions: {
+    spacing: 'section-25',
+  },
+};
+
 describe('Environment item', () => {
   let EnvironmentItem;
 
@@ -27,6 +53,7 @@ describe('Environment item', () => {
         propsData: {
           model: mockItem,
           canReadEnvironment: true,
+          tableData,
         },
       }).$mount();
     });
@@ -119,6 +146,7 @@ describe('Environment item', () => {
         propsData: {
           model: environment,
           canReadEnvironment: true,
+          tableData,
         },
       }).$mount();
     });
diff --git a/spec/policies/global_policy_spec.rb b/spec/policies/global_policy_spec.rb
index c18cc245468..f715ecae347 100644
--- a/spec/policies/global_policy_spec.rb
+++ b/spec/policies/global_policy_spec.rb
@@ -306,4 +306,22 @@ describe GlobalPolicy do
       it { is_expected.not_to be_allowed(:use_slash_commands) }
     end
   end
+
+  describe 'create_personal_snippet' do
+    context 'when anonymous' do
+      let(:current_user) { nil }
+
+      it { is_expected.not_to be_allowed(:create_personal_snippet) }
+    end
+
+    context 'regular user' do
+      it { is_expected.to be_allowed(:create_personal_snippet) }
+    end
+
+    context 'when external' do
+      let(:current_user) { build(:user, :external) }
+
+      it { is_expected.not_to be_allowed(:create_personal_snippet) }
+    end
+  end
 end
diff --git a/spec/views/layouts/header/_new_dropdown.haml_spec.rb b/spec/views/layouts/header/_new_dropdown.haml_spec.rb
index 26e429ac5d0..1a04ffed103 100644
--- a/spec/views/layouts/header/_new_dropdown.haml_spec.rb
+++ b/spec/views/layouts/header/_new_dropdown.haml_spec.rb
@@ -126,6 +126,16 @@ describe 'layouts/header/_new_dropdown' do
 
       expect(rendered).to have_link('New snippet', href: new_snippet_path)
     end
+
+    context 'when the user is not allowed to create snippets' do
+      let(:user) { create(:user, :external)}
+
+      it 'has no "New snippet" link' do
+        render
+
+        expect(rendered).not_to have_link('New snippet', href: new_snippet_path)
+      end
+    end
   end
 
   def stub_current_user(current_user)
-- 
cgit v1.2.3