private_access_spec.rb 4.42 KB
Newer Older
Felipe Artur's avatar
Felipe Artur committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
require 'rails_helper'

describe 'Private group access', feature: true do
  include AccessMatchers
  include GroupAccessHelper



  describe 'GET /groups/:path' do
    subject { group_path(group(Gitlab::VisibilityLevel::PRIVATE)) }

    context "when user not in group project" do
      it { is_expected.to be_allowed_for group_member(:owner) }
      it { is_expected.to be_allowed_for group_member(:master) }
      it { is_expected.to be_allowed_for group_member(:reporter) }
      it { is_expected.to be_allowed_for group_member(:guest) }
Felipe Artur's avatar
Felipe Artur committed
17
      it { is_expected.to be_allowed_for external_guest }
Felipe Artur's avatar
Felipe Artur committed
18
      it { is_expected.to be_allowed_for :admin }
Felipe Artur's avatar
Felipe Artur committed
19 20 21
      it { is_expected.to be_denied_for :user }
      it { is_expected.to be_denied_for :visitor }
      it { is_expected.to be_denied_for :external }
Felipe Artur's avatar
Felipe Artur committed
22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
    end

    context "when user in group project" do
      it { is_expected.to be_allowed_for project_group_member(:user) }
      it { is_expected.to_not be_allowed_for :visitor }
    end
  end

  describe 'GET /groups/:path/issues' do
    subject { issues_group_path(group(Gitlab::VisibilityLevel::PRIVATE)) }

    context "when user not in group project" do
      it { is_expected.to be_allowed_for group_member(:owner) }
      it { is_expected.to be_allowed_for group_member(:master) }
      it { is_expected.to be_allowed_for group_member(:reporter) }
      it { is_expected.to be_allowed_for group_member(:guest) }
Felipe Artur's avatar
Felipe Artur committed
38
      it { is_expected.to be_allowed_for external_guest }
Felipe Artur's avatar
Felipe Artur committed
39
      it { is_expected.to be_allowed_for :admin }
Felipe Artur's avatar
Felipe Artur committed
40 41 42
      it { is_expected.to be_denied_for :user }
      it { is_expected.to be_denied_for :visitor }
      it { is_expected.to be_denied_for :external }
Felipe Artur's avatar
Felipe Artur committed
43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58
    end

    context "when user in group project" do
      it { is_expected.to be_allowed_for project_group_member(:user) }
      it { is_expected.to_not be_allowed_for :visitor }
    end
  end

  describe 'GET /groups/:path/merge_requests' do
    subject { issues_group_path(group(Gitlab::VisibilityLevel::PRIVATE)) }

    context "when user not in group project" do
      it { is_expected.to be_allowed_for group_member(:owner) }
      it { is_expected.to be_allowed_for group_member(:master) }
      it { is_expected.to be_allowed_for group_member(:reporter) }
      it { is_expected.to be_allowed_for group_member(:guest) }
Felipe Artur's avatar
Felipe Artur committed
59
      it { is_expected.to be_allowed_for external_guest }
Felipe Artur's avatar
Felipe Artur committed
60
      it { is_expected.to be_allowed_for :admin }
Felipe Artur's avatar
Felipe Artur committed
61 62 63
      it { is_expected.to be_denied_for :user }
      it { is_expected.to be_denied_for :visitor }
      it { is_expected.to be_denied_for :external }
Felipe Artur's avatar
Felipe Artur committed
64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80
    end

    context "when user in group project" do
      it { is_expected.to be_allowed_for project_group_member(:user) }
      it { is_expected.to_not be_allowed_for :visitor }
    end
  end


  describe 'GET /groups/:path/group_members' do
    subject { issues_group_path(group(Gitlab::VisibilityLevel::PRIVATE)) }

    context "when user not in group project" do
      it { is_expected.to be_allowed_for group_member(:owner) }
      it { is_expected.to be_allowed_for group_member(:master) }
      it { is_expected.to be_allowed_for group_member(:reporter) }
      it { is_expected.to be_allowed_for group_member(:guest) }
Felipe Artur's avatar
Felipe Artur committed
81
      it { is_expected.to be_allowed_for external_guest }
Felipe Artur's avatar
Felipe Artur committed
82
      it { is_expected.to be_allowed_for :admin }
Felipe Artur's avatar
Felipe Artur committed
83 84 85
      it { is_expected.to be_denied_for :user }
      it { is_expected.to be_denied_for :visitor }
      it { is_expected.to be_denied_for :external }
Felipe Artur's avatar
Felipe Artur committed
86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101
    end

    context "when user in group project" do
      it { is_expected.to be_allowed_for project_group_member(:user) }
      it { is_expected.to_not be_allowed_for :visitor }
    end
  end

  describe 'GET /groups/:path/edit' do
    subject { issues_group_path(group(Gitlab::VisibilityLevel::PRIVATE)) }

    context "when user not in group project" do
      it { is_expected.to be_allowed_for group_member(:owner) }
      it { is_expected.to be_allowed_for group_member(:master) }
      it { is_expected.to be_allowed_for group_member(:reporter) }
      it { is_expected.to be_allowed_for group_member(:guest) }
Felipe Artur's avatar
Felipe Artur committed
102
      it { is_expected.to be_allowed_for external_guest }
Felipe Artur's avatar
Felipe Artur committed
103
      it { is_expected.to be_allowed_for :admin }
Felipe Artur's avatar
Felipe Artur committed
104 105 106
      it { is_expected.to be_denied_for :user }
      it { is_expected.to be_denied_for :visitor }
      it { is_expected.to be_denied_for :external }
Felipe Artur's avatar
Felipe Artur committed
107 108 109 110 111 112 113 114
    end

    context "when user in group project" do
      it { is_expected.to be_allowed_for project_group_member(:user) }
      it { is_expected.to_not be_allowed_for :visitor }
    end
  end
end