diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-11-11 18:14:04 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-11-11 18:14:04 +0000 |
| commit | 11c2b8eff6ca5360fb0f732b23b764d2a0b81be5 (patch) | |
| tree | 7f92622462127ff24023283133f81d9c4b2f6842 /spec/policies | |
| parent | e40f19ef830c5863089bc6a7a73e6695efa60a13 (diff) | |
| download | gitlab-ce-11c2b8eff6ca5360fb0f732b23b764d2a0b81be5.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/policies')
| -rw-r--r-- | spec/policies/project_policy_spec.rb | 62 |
1 files changed, 52 insertions, 10 deletions
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb index 67d7e49f8db..2953c198af6 100644 --- a/spec/policies/project_policy_spec.rb +++ b/spec/policies/project_policy_spec.rb @@ -104,29 +104,71 @@ RSpec.describe ProjectPolicy do end context 'pipeline feature' do - let(:project) { private_project } + let(:project) { private_project } + let(:current_user) { developer } + let(:pipeline) { create(:ci_pipeline, project: project) } - before do - private_project.add_developer(current_user) + describe 'for confirmed user' do + it 'allows modify pipelines' do + expect_allowed(:create_pipeline) + expect_allowed(:update_pipeline) + expect_allowed(:create_pipeline_schedule) + end end describe 'for unconfirmed user' do - let(:current_user) { create(:user, confirmed_at: nil) } + let(:current_user) { project.owner.tap { |u| u.update!(confirmed_at: nil) } } it 'disallows to modify pipelines' do expect_disallowed(:create_pipeline) expect_disallowed(:update_pipeline) + expect_disallowed(:destroy_pipeline) expect_disallowed(:create_pipeline_schedule) end end - describe 'for confirmed user' do - let(:current_user) { developer } + describe 'destroy permission' do + describe 'for developers' do + it 'prevents :destroy_pipeline' do + expect(current_user.can?(:destroy_pipeline, pipeline)).to be_falsey + end + end - it 'allows modify pipelines' do - expect_allowed(:create_pipeline) - expect_allowed(:update_pipeline) - expect_allowed(:create_pipeline_schedule) + describe 'for maintainers' do + let(:current_user) { maintainer } + + it 'prevents :destroy_pipeline' do + project.add_maintainer(maintainer) + expect(current_user.can?(:destroy_pipeline, pipeline)).to be_falsey + end + end + + describe 'for project owner' do + let(:current_user) { project.owner } + + it 'allows :destroy_pipeline' do + expect(current_user.can?(:destroy_pipeline, pipeline)).to be_truthy + end + + context 'on archived projects' do + before do + project.update!(archived: true) + end + + it 'prevents :destroy_pipeline' do + expect(current_user.can?(:destroy_pipeline, pipeline)).to be_falsey + end + end + + context 'on archived pending_delete projects' do + before do + project.update!(archived: true, pending_delete: true) + end + + it 'allows :destroy_pipeline' do + expect(current_user.can?(:destroy_pipeline, pipeline)).to be_truthy + end + end end end end |