debian-mirror-gitlab/spec/features/security/group/internal_access_spec.rb

126 lines
4.6 KiB
Ruby
Raw Normal View History

2019-10-12 21:52:04 +05:30
# frozen_string_literal: true
2019-12-04 20:38:33 +05:30
require 'spec_helper'
2016-06-02 11:05:42 +05:30
2020-06-23 00:09:42 +05:30
RSpec.describe 'Internal Group access' do
2016-06-02 11:05:42 +05:30
include AccessMatchers
2017-08-17 22:00:37 +05:30
let(:group) { create(:group, :internal) }
2016-06-02 11:05:42 +05:30
let(:project) { create(:project, :internal, group: group) }
2017-08-17 22:00:37 +05:30
let(:project_guest) do
create(:user) do |user|
project.add_guest(user)
end
2016-06-02 11:05:42 +05:30
end
describe "Group should be internal" do
describe '#internal?' do
subject { group.internal? }
2019-12-21 20:55:43 +05:30
2016-06-02 11:05:42 +05:30
it { is_expected.to be_truthy }
end
end
describe 'GET /groups/:path' do
subject { group_path(group) }
2021-04-17 20:07:23 +05:30
context 'when admin mode is enabled', :enable_admin_mode do
it { is_expected.to be_allowed_for(:admin) }
end
context 'when admin mode is disabled' do
it { is_expected.to be_allowed_for(:admin) }
end
2017-08-17 22:00:37 +05:30
it { is_expected.to be_allowed_for(:owner).of(group) }
2018-11-18 11:00:15 +05:30
it { is_expected.to be_allowed_for(:maintainer).of(group) }
2017-08-17 22:00:37 +05:30
it { is_expected.to be_allowed_for(:developer).of(group) }
it { is_expected.to be_allowed_for(:reporter).of(group) }
it { is_expected.to be_allowed_for(:guest).of(group) }
it { is_expected.to be_allowed_for(project_guest) }
it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for(:visitor) }
2016-06-02 11:05:42 +05:30
end
2020-03-13 15:44:24 +05:30
describe 'GET /groups/:path/-/issues' do
2016-06-02 11:05:42 +05:30
subject { issues_group_path(group) }
2021-04-17 20:07:23 +05:30
context 'when admin mode is enabled', :enable_admin_mode do
it { is_expected.to be_allowed_for(:admin) }
end
context 'when admin mode is disabled' do
it { is_expected.to be_allowed_for(:admin) }
end
2017-08-17 22:00:37 +05:30
it { is_expected.to be_allowed_for(:owner).of(group) }
2018-11-18 11:00:15 +05:30
it { is_expected.to be_allowed_for(:maintainer).of(group) }
2017-08-17 22:00:37 +05:30
it { is_expected.to be_allowed_for(:developer).of(group) }
it { is_expected.to be_allowed_for(:reporter).of(group) }
it { is_expected.to be_allowed_for(:guest).of(group) }
it { is_expected.to be_allowed_for(project_guest) }
it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for(:visitor) }
2016-06-02 11:05:42 +05:30
end
2020-03-13 15:44:24 +05:30
describe 'GET /groups/:path/-/merge_requests' do
2017-09-10 17:25:29 +05:30
let(:project) { create(:project, :internal, :repository, group: group) }
2020-01-01 13:55:28 +05:30
2016-06-02 11:05:42 +05:30
subject { merge_requests_group_path(group) }
2021-04-17 20:07:23 +05:30
context 'when admin mode is enabled', :enable_admin_mode do
it { is_expected.to be_allowed_for(:admin) }
end
context 'when admin mode is disabled' do
it { is_expected.to be_allowed_for(:admin) }
end
2017-08-17 22:00:37 +05:30
it { is_expected.to be_allowed_for(:owner).of(group) }
2018-11-18 11:00:15 +05:30
it { is_expected.to be_allowed_for(:maintainer).of(group) }
2017-08-17 22:00:37 +05:30
it { is_expected.to be_allowed_for(:developer).of(group) }
it { is_expected.to be_allowed_for(:reporter).of(group) }
it { is_expected.to be_allowed_for(:guest).of(group) }
it { is_expected.to be_allowed_for(project_guest) }
it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for(:visitor) }
2016-06-02 11:05:42 +05:30
end
2020-03-13 15:44:24 +05:30
describe 'GET /groups/:path/-/group_members' do
2016-06-02 11:05:42 +05:30
subject { group_group_members_path(group) }
2021-04-17 20:07:23 +05:30
context 'when admin mode is enabled', :enable_admin_mode do
it { is_expected.to be_allowed_for(:admin) }
end
context 'when admin mode is disabled' do
it { is_expected.to be_allowed_for(:admin) }
end
2017-08-17 22:00:37 +05:30
it { is_expected.to be_allowed_for(:owner).of(group) }
2018-11-18 11:00:15 +05:30
it { is_expected.to be_allowed_for(:maintainer).of(group) }
2017-08-17 22:00:37 +05:30
it { is_expected.to be_allowed_for(:developer).of(group) }
it { is_expected.to be_allowed_for(:reporter).of(group) }
it { is_expected.to be_allowed_for(:guest).of(group) }
it { is_expected.to be_allowed_for(project_guest) }
it { is_expected.to be_allowed_for(:user) }
it { is_expected.to be_denied_for(:external) }
it { is_expected.to be_denied_for(:visitor) }
2016-06-02 11:05:42 +05:30
end
2020-03-13 15:44:24 +05:30
describe 'GET /groups/:path/-/edit' do
2016-06-02 11:05:42 +05:30
subject { edit_group_path(group) }
2021-04-17 20:07:23 +05:30
context 'when admin mode is enabled', :enable_admin_mode do
it { is_expected.to be_allowed_for(:admin) }
end
context 'when admin mode is disabled' do
it { is_expected.to be_denied_for(:admin) }
end
2017-08-17 22:00:37 +05:30
it { is_expected.to be_allowed_for(:owner).of(group) }
2018-11-18 11:00:15 +05:30
it { is_expected.to be_denied_for(:maintainer).of(group) }
2017-08-17 22:00:37 +05:30
it { is_expected.to be_denied_for(:developer).of(group) }
it { is_expected.to be_denied_for(:reporter).of(group) }
it { is_expected.to be_denied_for(:guest).of(group) }
it { is_expected.to be_denied_for(project_guest) }
it { is_expected.to be_denied_for(:user) }
it { is_expected.to be_denied_for(:visitor) }
it { is_expected.to be_denied_for(:external) }
2016-06-02 11:05:42 +05:30
end
end