debian-mirror-gitlab/spec/policies/environment_policy_spec.rb

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe EnvironmentPolicy do
  using RSpec::Parameterized::TableSyntax

  let(:user) { create(:user) }

  let(:policy) do
    described_class.new(user, environment)
  end

  describe '#rules' do
    shared_examples 'project permissions' do
      context 'with stop action' do
        let(:environment) do
          create(:environment, :with_review_app, project: project)
        end

        where(:access_level, :allowed?) do
          nil         | false
          :guest      | false
          :reporter   | false
          :developer  | true
          :maintainer | true
        end

        with_them do
          before do
            project.add_user(user, access_level) unless access_level.nil?
          end

          it { expect(policy.allowed?(:stop_environment)).to be allowed? }
        end

        context 'when an admin user' do
          let(:user) { create(:user, :admin) }

          context 'when admin mode is enabled', :enable_admin_mode do
            it { expect(policy).to be_allowed :stop_environment }
          end

          context 'when admin mode is disabled' do
            it { expect(policy).to be_disallowed :stop_environment }
          end
        end

        context 'with protected branch' do
          with_them do
            before do
              project.add_user(user, access_level) unless access_level.nil?
              create(:protected_branch, :no_one_can_push,
                     name: 'master', project: project)
            end

            it { expect(policy).to be_disallowed :stop_environment }
          end

          context 'when an admin user' do
            let(:user) { create(:user, :admin) }

            context 'when admin mode is enabled', :enable_admin_mode do
              it { expect(policy).to be_allowed :stop_environment }
            end

            context 'when admin mode is disabled' do
              it { expect(policy).to be_disallowed :stop_environment }
            end
          end
        end
      end

      context 'without stop action' do
        let(:environment) do
          create(:environment, project: project)
        end

        where(:access_level, :allowed?) do
          nil         | false
          :guest      | false
          :reporter   | false
          :developer  | true
          :maintainer | true
        end

        with_them do
          before do
            project.add_user(user, access_level) unless access_level.nil?
          end

          it { expect(policy.allowed?(:stop_environment)).to be allowed? }
        end

        context 'when an admin user' do
          let(:user) { create(:user, :admin) }

          context 'when admin mode is enabled', :enable_admin_mode do
            it { expect(policy).to be_allowed :stop_environment }
          end

          context 'when admin mode is disabled' do
            it { expect(policy).to be_disallowed :stop_environment }
          end
        end
      end

      describe '#destroy_environment' do
        let(:environment) do
          create(:environment, project: project)
        end

        where(:access_level, :allowed?) do
          nil         | false
          :guest      | false
          :reporter   | false
          :developer  | true
          :maintainer | true
        end

        with_them do
          before do
            project.add_user(user, access_level) unless access_level.nil?
          end

          it { expect(policy).to be_disallowed :destroy_environment }

          context 'when environment is stopped' do
            before do
              environment.stop!
            end

            it { expect(policy.allowed?(:destroy_environment)).to be allowed? }
          end
        end

        context 'when an admin user' do
          let(:user) { create(:user, :admin) }

          it { expect(policy).to be_disallowed :destroy_environment }

          context 'when environment is stopped' do
            before do
              environment.stop!
            end

            context 'when admin mode is enabled', :enable_admin_mode do
              it { expect(policy).to be_allowed :destroy_environment }
            end

            context 'when admin mode is disabled' do
              it { expect(policy).to be_disallowed :destroy_environment }
            end
          end
        end
      end
    end

    context 'when project is public' do
      let(:project) { create(:project, :public, :repository) }

      include_examples 'project permissions'
    end

    context 'when project is private' do
      let(:project) { create(:project, :private, :repository) }

      include_examples 'project permissions'
    end
  end
end
New upstream version 12.5.4 2019-12-26 22:10:19 +05:30			`# frozen_string_literal: true`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`require 'spec_helper'`

New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`RSpec.describe EnvironmentPolicy do`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`using RSpec::Parameterized::TableSyntax`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`let(:user) { create(:user) }`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`let(:policy) do`
			`described_class.new(user, environment)`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`

			`describe '#rules' do`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`shared_examples 'project permissions' do`
			`context 'with stop action' do`
			`let(:environment) do`
			`create(:environment, :with_review_app, project: project)`
			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`where(:access_level, :allowed?) do`
			`nil \| false`
			`:guest \| false`
			`:reporter \| false`
			`:developer \| true`
			`:maintainer \| true`
			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`with_them do`
			`before do`
			`project.add_user(user, access_level) unless access_level.nil?`
			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`it { expect(policy.allowed?(:stop_environment)).to be allowed? }`
			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`context 'when an admin user' do`
			`let(:user) { create(:user, :admin) }`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`context 'when admin mode is enabled', :enable_admin_mode do`
			`it { expect(policy).to be_allowed :stop_environment }`
			`end`

			`context 'when admin mode is disabled' do`
			`it { expect(policy).to be_disallowed :stop_environment }`
			`end`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`end`

			`context 'with protected branch' do`
			`with_them do`
			`before do`
			`project.add_user(user, access_level) unless access_level.nil?`
			`create(:protected_branch, :no_one_can_push,`
			`name: 'master', project: project)`
			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`it { expect(policy).to be_disallowed :stop_environment }`
			`end`

			`context 'when an admin user' do`
			`let(:user) { create(:user, :admin) }`

New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`context 'when admin mode is enabled', :enable_admin_mode do`
			`it { expect(policy).to be_allowed :stop_environment }`
			`end`

			`context 'when admin mode is disabled' do`
			`it { expect(policy).to be_disallowed :stop_environment }`
			`end`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`
			`end`

New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`context 'without stop action' do`
			`let(:environment) do`
			`create(:environment, project: project)`
			`end`

			`where(:access_level, :allowed?) do`
			`nil \| false`
			`:guest \| false`
			`:reporter \| false`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`:developer \| true`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`:maintainer \| true`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`

New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`with_them do`
			`before do`
			`project.add_user(user, access_level) unless access_level.nil?`
			`end`

			`it { expect(policy.allowed?(:stop_environment)).to be allowed? }`
			`end`

			`context 'when an admin user' do`
			`let(:user) { create(:user, :admin) }`

New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`context 'when admin mode is enabled', :enable_admin_mode do`
			`it { expect(policy).to be_allowed :stop_environment }`
			`end`

			`context 'when admin mode is disabled' do`
			`it { expect(policy).to be_disallowed :stop_environment }`
			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`
			`end`
New upstream version 12.10.0 2020-04-22 19:07:51 +05:30
			`describe '#destroy_environment' do`
			`let(:environment) do`
			`create(:environment, project: project)`
			`end`

			`where(:access_level, :allowed?) do`
			`nil \| false`
			`:guest \| false`
			`:reporter \| false`
			`:developer \| true`
			`:maintainer \| true`
			`end`

			`with_them do`
			`before do`
			`project.add_user(user, access_level) unless access_level.nil?`
			`end`

			`it { expect(policy).to be_disallowed :destroy_environment }`

			`context 'when environment is stopped' do`
			`before do`
			`environment.stop!`
			`end`

			`it { expect(policy.allowed?(:destroy_environment)).to be allowed? }`
			`end`
			`end`

			`context 'when an admin user' do`
			`let(:user) { create(:user, :admin) }`

			`it { expect(policy).to be_disallowed :destroy_environment }`

			`context 'when environment is stopped' do`
			`before do`
			`environment.stop!`
			`end`

New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`context 'when admin mode is enabled', :enable_admin_mode do`
			`it { expect(policy).to be_allowed :destroy_environment }`
			`end`

			`context 'when admin mode is disabled' do`
			`it { expect(policy).to be_disallowed :destroy_environment }`
			`end`
New upstream version 12.10.0 2020-04-22 19:07:51 +05:30			`end`
			`end`
			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30
			`context 'when project is public' do`
			`let(:project) { create(:project, :public, :repository) }`

			`include_examples 'project permissions'`
			`end`

			`context 'when project is private' do`
			`let(:project) { create(:project, :private, :repository) }`

			`include_examples 'project permissions'`
			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`
			`end`