private_access_spec.rb 4.56 KB
Newer Older
Felipe Artur's avatar
Felipe Artur committed
1 2
require 'rails_helper'

3
describe 'Private Group access' do
Felipe Artur's avatar
Felipe Artur committed
4 5
  include AccessMatchers

6
  let(:group)   { create(:group, :private) }
7
  let(:project) { create(:project, :private, group: group) }
8 9 10 11
  let(:project_guest) do
    create(:user) do |user|
      project.add_guest(user)
    end
Felipe Artur's avatar
Felipe Artur committed
12 13
  end

Douwe Maan's avatar
Douwe Maan committed
14 15 16 17
  describe "Group should be private" do
    describe '#private?' do
      subject { group.private? }
      it { is_expected.to be_truthy }
Felipe Artur's avatar
Felipe Artur committed
18
    end
Douwe Maan's avatar
Douwe Maan committed
19
  end
Felipe Artur's avatar
Felipe Artur committed
20

Douwe Maan's avatar
Douwe Maan committed
21 22 23
  describe 'GET /groups/:path' do
    subject { group_path(group) }

24 25
    it { is_expected.to be_allowed_for(:admin) }
    it { is_expected.to be_allowed_for(:owner).of(group) }
26
    it { is_expected.to be_allowed_for(:maintainer).of(group) }
27 28 29
    it { is_expected.to be_allowed_for(:developer).of(group) }
    it { is_expected.to be_allowed_for(:reporter).of(group) }
    it { is_expected.to be_allowed_for(:guest).of(group) }
30
    it { is_expected.to be_denied_for(project_guest) }
31 32 33
    it { is_expected.to be_denied_for(:user) }
    it { is_expected.to be_denied_for(:external) }
    it { is_expected.to be_denied_for(:visitor) }
Felipe Artur's avatar
Felipe Artur committed
34 35
  end

Douwe Maan's avatar
Douwe Maan committed
36 37 38
  describe 'GET /groups/:path/issues' do
    subject { issues_group_path(group) }

39 40
    it { is_expected.to be_allowed_for(:admin) }
    it { is_expected.to be_allowed_for(:owner).of(group) }
41
    it { is_expected.to be_allowed_for(:maintainer).of(group) }
42 43 44
    it { is_expected.to be_allowed_for(:developer).of(group) }
    it { is_expected.to be_allowed_for(:reporter).of(group) }
    it { is_expected.to be_allowed_for(:guest).of(group) }
45
    it { is_expected.to be_denied_for(project_guest) }
46 47 48
    it { is_expected.to be_denied_for(:user) }
    it { is_expected.to be_denied_for(:external) }
    it { is_expected.to be_denied_for(:visitor) }
Douwe Maan's avatar
Douwe Maan committed
49
  end
Felipe Artur's avatar
Felipe Artur committed
50

Douwe Maan's avatar
Douwe Maan committed
51
  describe 'GET /groups/:path/merge_requests' do
52
    let(:project) { create(:project, :private, :repository, group: group) }
Douwe Maan's avatar
Douwe Maan committed
53 54
    subject { merge_requests_group_path(group) }

55 56
    it { is_expected.to be_allowed_for(:admin) }
    it { is_expected.to be_allowed_for(:owner).of(group) }
57
    it { is_expected.to be_allowed_for(:maintainer).of(group) }
58 59 60
    it { is_expected.to be_allowed_for(:developer).of(group) }
    it { is_expected.to be_allowed_for(:reporter).of(group) }
    it { is_expected.to be_allowed_for(:guest).of(group) }
61
    it { is_expected.to be_denied_for(project_guest) }
62 63 64
    it { is_expected.to be_denied_for(:user) }
    it { is_expected.to be_denied_for(:external) }
    it { is_expected.to be_denied_for(:visitor) }
Felipe Artur's avatar
Felipe Artur committed
65 66 67
  end

  describe 'GET /groups/:path/group_members' do
Douwe Maan's avatar
Douwe Maan committed
68 69
    subject { group_group_members_path(group) }

70 71
    it { is_expected.to be_allowed_for(:admin) }
    it { is_expected.to be_allowed_for(:owner).of(group) }
72
    it { is_expected.to be_allowed_for(:maintainer).of(group) }
73 74 75
    it { is_expected.to be_allowed_for(:developer).of(group) }
    it { is_expected.to be_allowed_for(:reporter).of(group) }
    it { is_expected.to be_allowed_for(:guest).of(group) }
76
    it { is_expected.to be_denied_for(project_guest) }
77 78 79
    it { is_expected.to be_denied_for(:user) }
    it { is_expected.to be_denied_for(:external) }
    it { is_expected.to be_denied_for(:visitor) }
Felipe Artur's avatar
Felipe Artur committed
80 81 82
  end

  describe 'GET /groups/:path/edit' do
Douwe Maan's avatar
Douwe Maan committed
83 84
    subject { edit_group_path(group) }

85 86
    it { is_expected.to be_allowed_for(:admin) }
    it { is_expected.to be_allowed_for(:owner).of(group) }
87
    it { is_expected.to be_denied_for(:maintainer).of(group) }
88 89 90 91 92 93 94
    it { is_expected.to be_denied_for(:developer).of(group) }
    it { is_expected.to be_denied_for(:reporter).of(group) }
    it { is_expected.to be_denied_for(:guest).of(group) }
    it { is_expected.to be_denied_for(project_guest) }
    it { is_expected.to be_denied_for(:user) }
    it { is_expected.to be_denied_for(:visitor) }
    it { is_expected.to be_denied_for(:external) }
Felipe Artur's avatar
Felipe Artur committed
95
  end
96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119

  describe 'GET /groups/:path for shared projects' do
    let(:project) { create(:project, :public) }
    before do
      Projects::GroupLinks::CreateService.new(
        project,
        create(:user),
        link_group_access: ProjectGroupLink::DEVELOPER
      ).execute(group)
    end

    subject { group_path(group) }

    it { is_expected.to be_allowed_for(:admin) }
    it { is_expected.to be_allowed_for(:owner).of(group) }
    it { is_expected.to be_allowed_for(:maintainer).of(group) }
    it { is_expected.to be_allowed_for(:developer).of(group) }
    it { is_expected.to be_allowed_for(:reporter).of(group) }
    it { is_expected.to be_allowed_for(:guest).of(group) }
    it { is_expected.to be_denied_for(project_guest) }
    it { is_expected.to be_denied_for(:user) }
    it { is_expected.to be_denied_for(:external) }
    it { is_expected.to be_denied_for(:visitor) }
  end
Felipe Artur's avatar
Felipe Artur committed
120
end