PageRenderTime 40ms CodeModel.GetById 1ms app.highlight 35ms RepoModel.GetById 1ms app.codeStats 0ms

/spec/features/security/group/private_access_spec.rb

https://gitlab.com/tnir/gitlab-ce
Ruby | 121 lines | 100 code | 20 blank | 1 comment | 0 complexity | 4c88260dad0e0129c88537d6b6ebb4de MD5 | raw file
  1# frozen_string_literal: true
  2
  3require 'spec_helper'
  4
  5describe 'Private Group access' do
  6  include AccessMatchers
  7
  8  let(:group)   { create(:group, :private) }
  9  let(:project) { create(:project, :private, group: group) }
 10  let(:project_guest) do
 11    create(:user) do |user|
 12      project.add_guest(user)
 13    end
 14  end
 15
 16  describe "Group should be private" do
 17    describe '#private?' do
 18      subject { group.private? }
 19
 20      it { is_expected.to be_truthy }
 21    end
 22  end
 23
 24  describe 'GET /groups/:path' do
 25    subject { group_path(group) }
 26
 27    it { is_expected.to be_allowed_for(:admin) }
 28    it { is_expected.to be_allowed_for(:owner).of(group) }
 29    it { is_expected.to be_allowed_for(:maintainer).of(group) }
 30    it { is_expected.to be_allowed_for(:developer).of(group) }
 31    it { is_expected.to be_allowed_for(:reporter).of(group) }
 32    it { is_expected.to be_allowed_for(:guest).of(group) }
 33    it { is_expected.to be_allowed_for(project_guest) }
 34    it { is_expected.to be_denied_for(:user) }
 35    it { is_expected.to be_denied_for(:external) }
 36    it { is_expected.to be_denied_for(:visitor) }
 37  end
 38
 39  describe 'GET /groups/:path/-/issues' do
 40    subject { issues_group_path(group) }
 41
 42    it { is_expected.to be_allowed_for(:admin) }
 43    it { is_expected.to be_allowed_for(:owner).of(group) }
 44    it { is_expected.to be_allowed_for(:maintainer).of(group) }
 45    it { is_expected.to be_allowed_for(:developer).of(group) }
 46    it { is_expected.to be_allowed_for(:reporter).of(group) }
 47    it { is_expected.to be_allowed_for(:guest).of(group) }
 48    it { is_expected.to be_allowed_for(project_guest) }
 49    it { is_expected.to be_denied_for(:user) }
 50    it { is_expected.to be_denied_for(:external) }
 51    it { is_expected.to be_denied_for(:visitor) }
 52  end
 53
 54  describe 'GET /groups/:path/-/merge_requests' do
 55    let(:project) { create(:project, :private, :repository, group: group) }
 56
 57    subject { merge_requests_group_path(group) }
 58
 59    it { is_expected.to be_allowed_for(:admin) }
 60    it { is_expected.to be_allowed_for(:owner).of(group) }
 61    it { is_expected.to be_allowed_for(:maintainer).of(group) }
 62    it { is_expected.to be_allowed_for(:developer).of(group) }
 63    it { is_expected.to be_allowed_for(:reporter).of(group) }
 64    it { is_expected.to be_allowed_for(:guest).of(group) }
 65    it { is_expected.to be_allowed_for(project_guest) }
 66    it { is_expected.to be_denied_for(:user) }
 67    it { is_expected.to be_denied_for(:external) }
 68    it { is_expected.to be_denied_for(:visitor) }
 69  end
 70
 71  describe 'GET /groups/:path/-/group_members' do
 72    subject { group_group_members_path(group) }
 73
 74    it { is_expected.to be_allowed_for(:admin) }
 75    it { is_expected.to be_allowed_for(:owner).of(group) }
 76    it { is_expected.to be_allowed_for(:maintainer).of(group) }
 77    it { is_expected.to be_allowed_for(:developer).of(group) }
 78    it { is_expected.to be_allowed_for(:reporter).of(group) }
 79    it { is_expected.to be_allowed_for(:guest).of(group) }
 80    it { is_expected.to be_allowed_for(project_guest) }
 81    it { is_expected.to be_denied_for(:user) }
 82    it { is_expected.to be_denied_for(:external) }
 83    it { is_expected.to be_denied_for(:visitor) }
 84  end
 85
 86  describe 'GET /groups/:path/-/edit' do
 87    subject { edit_group_path(group) }
 88
 89    it { is_expected.to be_allowed_for(:admin) }
 90    it { is_expected.to be_allowed_for(:owner).of(group) }
 91    it { is_expected.to be_denied_for(:maintainer).of(group) }
 92    it { is_expected.to be_denied_for(:developer).of(group) }
 93    it { is_expected.to be_denied_for(:reporter).of(group) }
 94    it { is_expected.to be_denied_for(:guest).of(group) }
 95    it { is_expected.to be_denied_for(project_guest) }
 96    it { is_expected.to be_denied_for(:user) }
 97    it { is_expected.to be_denied_for(:visitor) }
 98    it { is_expected.to be_denied_for(:external) }
 99  end
100
101  describe 'GET /groups/:path for shared projects' do
102    let(:project) { create(:project, :public) }
103
104    before do
105      create(:project_group_link, project: project, group: group)
106    end
107
108    subject { group_path(group) }
109
110    it { is_expected.to be_allowed_for(:admin) }
111    it { is_expected.to be_allowed_for(:owner).of(group) }
112    it { is_expected.to be_allowed_for(:maintainer).of(group) }
113    it { is_expected.to be_allowed_for(:developer).of(group) }
114    it { is_expected.to be_allowed_for(:reporter).of(group) }
115    it { is_expected.to be_allowed_for(:guest).of(group) }
116    it { is_expected.to be_denied_for(project_guest) }
117    it { is_expected.to be_denied_for(:user) }
118    it { is_expected.to be_denied_for(:external) }
119    it { is_expected.to be_denied_for(:visitor) }
120  end
121end