/spec/features/security/group/public_access_spec.rb

https://gitlab.com/tnir/gitlab-ce · Ruby · 100 lines · 83 code · 16 blank · 1 comment · 0 complexity · 96ce04ab8902e9e80846d1833eb8cde6 MD5 · raw file

  1. # frozen_string_literal: true
  2. require 'spec_helper'
  3. describe 'Public Group access' do
  4. include AccessMatchers
  5. let(:group) { create(:group, :public) }
  6. let(:project) { create(:project, :public, group: group) }
  7. let(:project_guest) do
  8. create(:user) do |user|
  9. project.add_guest(user)
  10. end
  11. end
  12. describe "Group should be public" do
  13. describe '#public?' do
  14. subject { group.public? }
  15. it { is_expected.to be_truthy }
  16. end
  17. end
  18. describe 'GET /groups/:path' do
  19. subject { group_path(group) }
  20. it { is_expected.to be_allowed_for(:admin) }
  21. it { is_expected.to be_allowed_for(:owner).of(group) }
  22. it { is_expected.to be_allowed_for(:maintainer).of(group) }
  23. it { is_expected.to be_allowed_for(:developer).of(group) }
  24. it { is_expected.to be_allowed_for(:reporter).of(group) }
  25. it { is_expected.to be_allowed_for(:guest).of(group) }
  26. it { is_expected.to be_allowed_for(project_guest) }
  27. it { is_expected.to be_allowed_for(:user) }
  28. it { is_expected.to be_allowed_for(:external) }
  29. it { is_expected.to be_allowed_for(:visitor) }
  30. end
  31. describe 'GET /groups/:path/-/issues' do
  32. subject { issues_group_path(group) }
  33. it { is_expected.to be_allowed_for(:admin) }
  34. it { is_expected.to be_allowed_for(:owner).of(group) }
  35. it { is_expected.to be_allowed_for(:maintainer).of(group) }
  36. it { is_expected.to be_allowed_for(:developer).of(group) }
  37. it { is_expected.to be_allowed_for(:reporter).of(group) }
  38. it { is_expected.to be_allowed_for(:guest).of(group) }
  39. it { is_expected.to be_allowed_for(project_guest) }
  40. it { is_expected.to be_allowed_for(:user) }
  41. it { is_expected.to be_allowed_for(:external) }
  42. it { is_expected.to be_allowed_for(:visitor) }
  43. end
  44. describe 'GET /groups/:path/-/merge_requests' do
  45. let(:project) { create(:project, :public, :repository, group: group) }
  46. subject { merge_requests_group_path(group) }
  47. it { is_expected.to be_allowed_for(:admin) }
  48. it { is_expected.to be_allowed_for(:owner).of(group) }
  49. it { is_expected.to be_allowed_for(:maintainer).of(group) }
  50. it { is_expected.to be_allowed_for(:developer).of(group) }
  51. it { is_expected.to be_allowed_for(:reporter).of(group) }
  52. it { is_expected.to be_allowed_for(:guest).of(group) }
  53. it { is_expected.to be_allowed_for(project_guest) }
  54. it { is_expected.to be_allowed_for(:user) }
  55. it { is_expected.to be_allowed_for(:external) }
  56. it { is_expected.to be_allowed_for(:visitor) }
  57. end
  58. describe 'GET /groups/:path/-/group_members' do
  59. subject { group_group_members_path(group) }
  60. it { is_expected.to be_allowed_for(:admin) }
  61. it { is_expected.to be_allowed_for(:owner).of(group) }
  62. it { is_expected.to be_allowed_for(:maintainer).of(group) }
  63. it { is_expected.to be_allowed_for(:developer).of(group) }
  64. it { is_expected.to be_allowed_for(:reporter).of(group) }
  65. it { is_expected.to be_allowed_for(:guest).of(group) }
  66. it { is_expected.to be_allowed_for(project_guest) }
  67. it { is_expected.to be_allowed_for(:user) }
  68. it { is_expected.to be_allowed_for(:external) }
  69. it { is_expected.to be_allowed_for(:visitor) }
  70. end
  71. describe 'GET /groups/:path/-/edit' do
  72. subject { edit_group_path(group) }
  73. it { is_expected.to be_allowed_for(:admin) }
  74. it { is_expected.to be_allowed_for(:owner).of(group) }
  75. it { is_expected.to be_denied_for(:maintainer).of(group) }
  76. it { is_expected.to be_denied_for(:developer).of(group) }
  77. it { is_expected.to be_denied_for(:reporter).of(group) }
  78. it { is_expected.to be_denied_for(:guest).of(group) }
  79. it { is_expected.to be_denied_for(project_guest) }
  80. it { is_expected.to be_denied_for(:user) }
  81. it { is_expected.to be_denied_for(:visitor) }
  82. it { is_expected.to be_denied_for(:external) }
  83. end
  84. end