debian-mirror-gitlab/spec/features/security/profile_access_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

56 lines
1.5 KiB
Ruby
Raw Permalink Normal View History

2019-09-04 21:01:54 +05:30
# frozen_string_literal: true
2014-09-02 18:07:02 +05:30
require 'spec_helper'
2023-03-04 22:38:38 +05:30
RSpec.describe "Profile access", feature_category: :user_management do
2015-09-11 14:41:01 +05:30
include AccessMatchers
2014-09-02 18:07:02 +05:30
2021-03-08 18:12:59 +05:30
describe "GET /-/profile/keys" do
2015-04-26 12:48:37 +05:30
subject { profile_keys_path }
2014-09-02 18:07:02 +05:30
2015-04-26 12:48:37 +05:30
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for :user }
it { is_expected.to be_denied_for :visitor }
end
2014-09-02 18:07:02 +05:30
2021-03-08 18:12:59 +05:30
describe "GET /-/profile" do
2015-04-26 12:48:37 +05:30
subject { profile_path }
2014-09-02 18:07:02 +05:30
2015-04-26 12:48:37 +05:30
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for :user }
it { is_expected.to be_denied_for :visitor }
end
2014-09-02 18:07:02 +05:30
2021-03-08 18:12:59 +05:30
describe "GET /-/profile/account" do
2015-04-26 12:48:37 +05:30
subject { profile_account_path }
2014-09-02 18:07:02 +05:30
2015-04-26 12:48:37 +05:30
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for :user }
it { is_expected.to be_denied_for :visitor }
end
2014-09-02 18:07:02 +05:30
2021-03-08 18:12:59 +05:30
describe "GET /-/profile/preferences" do
2015-09-11 14:41:01 +05:30
subject { profile_preferences_path }
2014-09-02 18:07:02 +05:30
2015-04-26 12:48:37 +05:30
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for :user }
it { is_expected.to be_denied_for :visitor }
end
2014-09-02 18:07:02 +05:30
2021-03-08 18:12:59 +05:30
describe "GET /-/profile/audit_log" do
2015-09-11 14:41:01 +05:30
subject { audit_log_profile_path }
2014-09-02 18:07:02 +05:30
2015-04-26 12:48:37 +05:30
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for :user }
it { is_expected.to be_denied_for :visitor }
end
2014-09-02 18:07:02 +05:30
2021-03-08 18:12:59 +05:30
describe "GET /-/profile/notifications" do
2015-04-26 12:48:37 +05:30
subject { profile_notifications_path }
2014-09-02 18:07:02 +05:30
2015-04-26 12:48:37 +05:30
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for :user }
it { is_expected.to be_denied_for :visitor }
2014-09-02 18:07:02 +05:30
end
end