Support Deploy Tokens properly without hacking abilities

author: Kamil Trzciński <ayufan@ayufan.eu> 2018-04-05 15:49:18 +0200
committer: Mayra Cabrera <mcabrera@gitlab.com> 2018-04-06 21:20:16 -0500
commit: 72220a99d1cdbcf8a914f9e765c43e63eaee2548 (patch)
tree: 314df7454174092bee8f1ea83d6bda53d760959e /spec
parent: 171b2625b128e5954ce0a150a4fc923a22164e4e (diff)
download: gitlab-ce-72220a99d1cdbcf8a914f9e765c43e63eaee2548.tar.gz
3 files changed, 6 insertions, 6 deletions
diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb
index f704c20f598..4ed554f06ec 100644
--- a/spec/lib/gitlab/auth_spec.rb
+++ b/spec/lib/gitlab/auth_spec.rb
@@ -195,7 +195,7 @@ describe Gitlab::Auth do
           personal_access_token = create(:personal_access_token, scopes: ['read_registry'])
 
           expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: '')
-          expect(gl_auth.find_for_git_client('', personal_access_token.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(personal_access_token.user, nil, :personal_access_token, [:read_project, :build_download_code, :project_read_container_image]))
+          expect(gl_auth.find_for_git_client('', personal_access_token.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(personal_access_token.user, nil, :personal_access_token, [:read_project, :build_download_code, :build_read_container_image]))
         end
       end
 
@@ -310,7 +310,7 @@ describe Gitlab::Auth do
           end
 
           it 'succeeds if deploy token does have read_registry as scope' do
-            abilities = %i(read_project build_download_code project_read_container_image)
+            abilities = %i(read_project build_download_code build_read_container_image)
             auth_success = Gitlab::Auth::Result.new(deploy_token, project, :deploy_token, abilities)
 
             expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: '')
@@ -477,7 +477,7 @@ describe Gitlab::Auth do
     [
       :read_project,
       :build_download_code,
-      :project_read_container_image,
+      :build_read_container_image,
       :build_create_container_image
     ]
   end
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index f5d9a58f83c..905d82b3bb1 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -28,7 +28,7 @@ describe ProjectPolicy do
   end
 
   let(:team_member_reporter_permissions) do
-    %i[build_download_code project_read_container_image]
+    %i[build_download_code build_read_container_image]
   end
 
   let(:developer_permissions) do
@@ -54,7 +54,7 @@ describe ProjectPolicy do
   let(:public_permissions) do
     %i[
       download_code fork_project read_commit_status read_pipeline
-      read_container_image build_download_code project_read_container_image
+      read_container_image build_download_code build_read_container_image
       download_wiki_code
     ]
   end
diff --git a/spec/services/auth/container_registry_authentication_service_spec.rb b/spec/services/auth/container_registry_authentication_service_spec.rb
index 1cb0508cdf5..290eeae828e 100644
--- a/spec/services/auth/container_registry_authentication_service_spec.rb
+++ b/spec/services/auth/container_registry_authentication_service_spec.rb
@@ -373,7 +373,7 @@ describe Auth::ContainerRegistryAuthenticationService do
     let(:current_user) { create(:user) }
 
     let(:authentication_abilities) do
-      [:project_read_container_image, :build_create_container_image]
+      [:build_read_container_image, :build_create_container_image]
     end
 
     before do
author	Kamil Trzciński <ayufan@ayufan.eu>	2018-04-05 15:49:18 +0200
committer	Mayra Cabrera <mcabrera@gitlab.com>	2018-04-06 21:20:16 -0500
commit	72220a99d1cdbcf8a914f9e765c43e63eaee2548 (patch)
tree	314df7454174092bee8f1ea83d6bda53d760959e /spec
parent	171b2625b128e5954ce0a150a4fc923a22164e4e (diff)
download	gitlab-ce-72220a99d1cdbcf8a914f9e765c43e63eaee2548.tar.gz