diff options
| -rw-r--r-- | app/policies/project_snippet_policy.rb | 1 | ||||
| -rw-r--r-- | spec/policies/personal_snippet_policy_spec.rb | 14 | ||||
| -rw-r--r-- | spec/policies/project_snippet_policy_spec.rb | 3 |
3 files changed, 18 insertions, 0 deletions
diff --git a/app/policies/project_snippet_policy.rb b/app/policies/project_snippet_policy.rb index e5e005cee6d..03af719e750 100644 --- a/app/policies/project_snippet_policy.rb +++ b/app/policies/project_snippet_policy.rb @@ -45,4 +45,5 @@ class ProjectSnippetPolicy < BasePolicy end rule { ~can?(:read_project_snippet) }.prevent :create_note + rule { external_user }.prevent :create_project_snippet end diff --git a/spec/policies/personal_snippet_policy_spec.rb b/spec/policies/personal_snippet_policy_spec.rb index 097000ceb6a..8fcedef64c3 100644 --- a/spec/policies/personal_snippet_policy_spec.rb +++ b/spec/policies/personal_snippet_policy_spec.rb @@ -43,6 +43,18 @@ describe PersonalSnippetPolicy do end end + context 'external user' do + subject { permissions(external_user) } + + it do + is_expected.to be_allowed(:read_personal_snippet) + is_expected.to be_disallowed(:create_personal_snippet) + is_expected.to be_allowed(:create_note) + is_expected.to be_allowed(:award_emoji) + is_expected.to be_disallowed(*author_permissions) + end + end + context 'author' do subject { permissions(snippet.author) } @@ -85,6 +97,7 @@ describe PersonalSnippetPolicy do it do is_expected.to be_disallowed(:read_personal_snippet) + is_expected.to be_disallowed(:create_personal_snippet) is_expected.to be_disallowed(:create_note) is_expected.to be_disallowed(:award_emoji) is_expected.to be_disallowed(*author_permissions) @@ -144,6 +157,7 @@ describe PersonalSnippetPolicy do it do is_expected.to be_disallowed(:read_personal_snippet) + is_expected.to be_disallowed(:create_personal_snippet) is_expected.to be_disallowed(:create_note) is_expected.to be_disallowed(:award_emoji) is_expected.to be_disallowed(*author_permissions) diff --git a/spec/policies/project_snippet_policy_spec.rb b/spec/policies/project_snippet_policy_spec.rb index 2e9ef1e89fd..fab654223f8 100644 --- a/spec/policies/project_snippet_policy_spec.rb +++ b/spec/policies/project_snippet_policy_spec.rb @@ -41,6 +41,7 @@ describe ProjectSnippetPolicy do it do expect_allowed(:read_project_snippet, :create_note) + expect_disallowed(:create_project_snippet) expect_disallowed(*author_permissions) end end @@ -72,6 +73,7 @@ describe ProjectSnippetPolicy do it do expect_disallowed(:read_project_snippet, :create_note) + expect_disallowed(:create_project_snippet) expect_disallowed(*author_permissions) end @@ -139,6 +141,7 @@ describe ProjectSnippetPolicy do it do expect_allowed(:read_project_snippet, :create_note) + expect_disallowed(:create_project_snippet) expect_disallowed(*author_permissions) end end |