Extract EE specific files/lines for spec/features/security/project/snippet
We have the following files containing EE specific code. We should move them to ee/
spec/features/security/project/internal_access_spec.rb
diff --git a/spec/features/security/project/internal_access_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/security/project/internal_access_spec.rb
index e23000fa676..75f3ac25eea 100644
--- a/spec/features/security/project/internal_access_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/security/project/internal_access_spec.rb
@@ -16,6 +16,7 @@ describe "Internal Project Access" do
subject { project_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -30,6 +31,7 @@ describe "Internal Project Access" do
subject { project_tree_path(project, project.repository.root_ref) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -44,6 +46,7 @@ describe "Internal Project Access" do
subject { project_commits_path(project, project.repository.root_ref, limit: 1) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -58,6 +61,7 @@ describe "Internal Project Access" do
subject { project_commit_path(project, project.repository.commit) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -72,6 +76,7 @@ describe "Internal Project Access" do
subject { project_compare_index_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -86,6 +91,7 @@ describe "Internal Project Access" do
subject { project_settings_members_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -114,6 +120,7 @@ describe "Internal Project Access" do
subject { project_settings_repository_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_denied_for(:developer).of(project) }
@@ -129,6 +136,7 @@ describe "Internal Project Access" do
subject { project_blob_path(project, File.join(commit.id, '.gitignore')) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -143,6 +151,7 @@ describe "Internal Project Access" do
subject { edit_project_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_denied_for(:developer).of(project) }
@@ -157,6 +166,7 @@ describe "Internal Project Access" do
subject { project_deploy_keys_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_denied_for(:developer).of(project) }
@@ -171,6 +181,7 @@ describe "Internal Project Access" do
subject { project_issues_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -200,6 +211,7 @@ describe "Internal Project Access" do
subject { project_snippets_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -214,6 +226,7 @@ describe "Internal Project Access" do
subject { new_project_snippet_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -228,6 +241,7 @@ describe "Internal Project Access" do
subject { project_merge_requests_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -242,6 +256,7 @@ describe "Internal Project Access" do
subject { project_new_merge_request_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -261,6 +276,7 @@ describe "Internal Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -280,6 +296,7 @@ describe "Internal Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -294,6 +311,7 @@ describe "Internal Project Access" do
subject { project_settings_integrations_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_denied_for(:developer).of(project) }
@@ -308,6 +326,7 @@ describe "Internal Project Access" do
subject { project_pipelines_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -323,6 +342,7 @@ describe "Internal Project Access" do
subject { project_pipeline_path(project, pipeline) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -342,6 +362,7 @@ describe "Internal Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -358,6 +379,7 @@ describe "Internal Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -380,6 +402,7 @@ describe "Internal Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -396,6 +419,7 @@ describe "Internal Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -463,6 +487,7 @@ describe "Internal Project Access" do
subject { project_environments_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -478,6 +503,7 @@ describe "Internal Project Access" do
subject { project_environment_path(project, environment) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -507,6 +533,7 @@ describe "Internal Project Access" do
subject { new_project_environment_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -517,6 +544,36 @@ describe "Internal Project Access" do
it { is_expected.to be_denied_for(:visitor) }
end
+ context "when license blocks changes" do
+ before do
+ allow(License).to receive(:block_changes?).and_return(true)
+ end
+
+ describe "GET /:project_path/issues/new" do
+ subject { new_project_issue_path(project) }
+
+ it { is_expected.to be_denied_for(:maintainer).of(project) }
+ it { is_expected.to be_denied_for(:reporter).of(project) }
+ it { is_expected.to be_denied_for(:admin) }
+ it { is_expected.to be_denied_for(:guest).of(project) }
+ it { is_expected.to be_denied_for(:user) }
+ it { is_expected.to be_denied_for(:auditor) }
+ it { is_expected.to be_denied_for(:visitor) }
+ end
+
+ describe "GET /:project_path/merge_requests/new" do
+ subject { project_new_merge_request_path(project) }
+
+ it { is_expected.to be_denied_for(:maintainer).of(project) }
+ it { is_expected.to be_denied_for(:reporter).of(project) }
+ it { is_expected.to be_denied_for(:admin) }
+ it { is_expected.to be_denied_for(:guest).of(project) }
+ it { is_expected.to be_denied_for(:user) }
+ it { is_expected.to be_denied_for(:auditor) }
+ it { is_expected.to be_denied_for(:visitor) }
+ end
+ end
+
describe "GET /:project_path/container_registry" do
let(:container_repository) { create(:container_repository) }
@@ -529,6 +586,7 @@ describe "Internal Project Access" do
subject { project_container_registry_index_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
spec/features/security/project/private_access_spec.rb
diff --git a/spec/features/security/project/private_access_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/security/project/private_access_spec.rb
index f380bc122a7..1e10ded14e8 100644
--- a/spec/features/security/project/private_access_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/security/project/private_access_spec.rb
@@ -16,6 +16,7 @@ describe "Private Project Access" do
subject { project_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -30,6 +31,7 @@ describe "Private Project Access" do
subject { project_tree_path(project, project.repository.root_ref) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -44,6 +46,7 @@ describe "Private Project Access" do
subject { project_commits_path(project, project.repository.root_ref, limit: 1) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -58,6 +61,7 @@ describe "Private Project Access" do
subject { project_commit_path(project, project.repository.commit) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -72,6 +76,7 @@ describe "Private Project Access" do
subject { project_compare_index_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -86,6 +91,7 @@ describe "Private Project Access" do
subject { project_settings_members_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -129,6 +135,7 @@ describe "Private Project Access" do
subject { project_blob_path(project, File.join(commit.id, '.gitignore'))}
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -143,6 +150,7 @@ describe "Private Project Access" do
subject { edit_project_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_denied_for(:developer).of(project) }
@@ -157,6 +165,7 @@ describe "Private Project Access" do
subject { project_deploy_keys_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_denied_for(:developer).of(project) }
@@ -171,6 +180,7 @@ describe "Private Project Access" do
subject { project_issues_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -200,6 +210,7 @@ describe "Private Project Access" do
subject { project_snippets_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -214,6 +225,7 @@ describe "Private Project Access" do
subject { project_merge_requests_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -233,6 +245,7 @@ describe "Private Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -252,6 +265,7 @@ describe "Private Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -266,6 +280,7 @@ describe "Private Project Access" do
subject { project_settings_integrations_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_denied_for(:developer).of(project) }
@@ -280,6 +295,7 @@ describe "Private Project Access" do
subject { project_pipelines_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -307,6 +323,7 @@ describe "Private Project Access" do
subject { project_pipeline_path(project, pipeline) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -333,6 +350,7 @@ describe "Private Project Access" do
subject { project_jobs_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -361,6 +379,7 @@ describe "Private Project Access" do
subject { project_job_path(project, build.id) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -424,6 +443,7 @@ describe "Private Project Access" do
subject { project_environments_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -439,6 +459,7 @@ describe "Private Project Access" do
subject { project_environment_path(project, environment) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -468,6 +489,7 @@ describe "Private Project Access" do
subject { new_project_environment_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -520,6 +542,36 @@ describe "Private Project Access" do
it { is_expected.to be_denied_for(:visitor) }
end
+ context "when license blocks changes" do
+ before do
+ allow(License).to receive(:block_changes?).and_return(true)
+ end
+
+ describe "GET /:project_path/issues/new" do
+ subject { new_project_issue_path(project) }
+
+ it { is_expected.to be_denied_for(:maintainer).of(project) }
+ it { is_expected.to be_denied_for(:reporter).of(project) }
+ it { is_expected.to be_denied_for(:admin) }
+ it { is_expected.to be_denied_for(:guest).of(project) }
+ it { is_expected.to be_denied_for(:user) }
+ it { is_expected.to be_denied_for(:auditor) }
+ it { is_expected.to be_denied_for(:visitor) }
+ end
+
+ describe "GET /:project_path/merge_requests/new" do
+ subject { project_new_merge_request_path(project) }
+
+ it { is_expected.to be_denied_for(:maintainer).of(project) }
+ it { is_expected.to be_denied_for(:reporter).of(project) }
+ it { is_expected.to be_denied_for(:admin) }
+ it { is_expected.to be_denied_for(:guest).of(project) }
+ it { is_expected.to be_denied_for(:user) }
+ it { is_expected.to be_denied_for(:auditor) }
+ it { is_expected.to be_denied_for(:visitor) }
+ end
+ end
+
describe "GET /:project_path/container_registry" do
let(:container_repository) { create(:container_repository) }
@@ -532,6 +584,7 @@ describe "Private Project Access" do
subject { project_container_registry_index_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
spec/features/security/project/public_access_spec.rb
diff --git a/spec/features/security/project/public_access_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/security/project/public_access_spec.rb
index 57d56371719..babcf6dcdb9 100644
--- a/spec/features/security/project/public_access_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/security/project/public_access_spec.rb
@@ -16,6 +16,7 @@ describe "Public Project Access" do
subject { project_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -30,6 +31,7 @@ describe "Public Project Access" do
subject { project_tree_path(project, project.repository.root_ref) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -44,6 +46,7 @@ describe "Public Project Access" do
subject { project_commits_path(project, project.repository.root_ref, limit: 1) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -58,6 +61,7 @@ describe "Public Project Access" do
subject { project_commit_path(project, project.repository.commit) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -72,6 +76,7 @@ describe "Public Project Access" do
subject { project_compare_index_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -86,6 +91,7 @@ describe "Public Project Access" do
subject { project_settings_members_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -128,6 +134,7 @@ describe "Public Project Access" do
subject { project_pipelines_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -143,6 +150,7 @@ describe "Public Project Access" do
subject { project_pipeline_path(project, pipeline) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -162,6 +170,7 @@ describe "Public Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -178,6 +187,7 @@ describe "Public Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -200,6 +210,7 @@ describe "Public Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -216,6 +227,7 @@ describe "Public Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -283,6 +295,7 @@ describe "Public Project Access" do
subject { project_environments_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -298,6 +311,7 @@ describe "Public Project Access" do
subject { project_environment_path(project, environment) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -327,6 +341,7 @@ describe "Public Project Access" do
subject { new_project_environment_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -343,6 +358,7 @@ describe "Public Project Access" do
subject { project_blob_path(project, File.join(commit.id, '.gitignore')) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -356,6 +372,7 @@ describe "Public Project Access" do
subject { edit_project_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_denied_for(:developer).of(project) }
@@ -370,6 +387,7 @@ describe "Public Project Access" do
subject { project_deploy_keys_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_denied_for(:developer).of(project) }
@@ -384,6 +402,7 @@ describe "Public Project Access" do
subject { project_issues_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -413,6 +432,7 @@ describe "Public Project Access" do
subject { project_snippets_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -427,6 +447,7 @@ describe "Public Project Access" do
subject { new_project_snippet_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -441,6 +462,7 @@ describe "Public Project Access" do
subject { project_merge_requests_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -455,6 +477,7 @@ describe "Public Project Access" do
subject { project_new_merge_request_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -474,6 +497,7 @@ describe "Public Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -493,6 +517,7 @@ describe "Public Project Access" do
end
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -507,6 +532,7 @@ describe "Public Project Access" do
subject { project_settings_integrations_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_denied_for(:developer).of(project) }
@@ -517,6 +543,36 @@ describe "Public Project Access" do
it { is_expected.to be_denied_for(:visitor) }
end
+ context "when license blocks changes" do
+ before do
+ allow(License).to receive(:block_changes?).and_return(true)
+ end
+
+ describe "GET /:project_path/issues/new" do
+ subject { new_project_issue_path(project) }
+
+ it { is_expected.to be_denied_for(:maintainer).of(project) }
+ it { is_expected.to be_denied_for(:reporter).of(project) }
+ it { is_expected.to be_denied_for(:admin) }
+ it { is_expected.to be_denied_for(:guest).of(project) }
+ it { is_expected.to be_denied_for(:user) }
+ it { is_expected.to be_denied_for(:auditor) }
+ it { is_expected.to be_denied_for(:visitor) }
+ end
+
+ describe "GET /:project_path/merge_requests/new" do
+ subject { project_new_merge_request_path(project) }
+
+ it { is_expected.to be_denied_for(:maintainer).of(project) }
+ it { is_expected.to be_denied_for(:reporter).of(project) }
+ it { is_expected.to be_denied_for(:admin) }
+ it { is_expected.to be_denied_for(:guest).of(project) }
+ it { is_expected.to be_denied_for(:user) }
+ it { is_expected.to be_denied_for(:auditor) }
+ it { is_expected.to be_denied_for(:visitor) }
+ end
+ end
+
describe "GET /:project_path/container_registry" do
let(:container_repository) { create(:container_repository) }
@@ -529,6 +585,7 @@ describe "Public Project Access" do
subject { project_container_registry_index_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
spec/features/security/project/snippet/internal_access_spec.rb
diff --git a/spec/features/security/project/snippet/internal_access_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/security/project/snippet/internal_access_spec.rb
index 0c58fdf2f12..1dcb7d6448c 100644
--- a/spec/features/security/project/snippet/internal_access_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/security/project/snippet/internal_access_spec.rb
@@ -12,6 +12,7 @@ describe "Internal Project Snippets Access" do
subject { project_snippets_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -26,6 +27,7 @@ describe "Internal Project Snippets Access" do
subject { new_project_snippet_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -41,6 +43,7 @@ describe "Internal Project Snippets Access" do
subject { project_snippet_path(project, internal_snippet) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -55,6 +58,7 @@ describe "Internal Project Snippets Access" do
subject { project_snippet_path(project, private_snippet) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -71,6 +75,7 @@ describe "Internal Project Snippets Access" do
subject { raw_project_snippet_path(project, internal_snippet) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -85,6 +90,7 @@ describe "Internal Project Snippets Access" do
subject { raw_project_snippet_path(project, private_snippet) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
spec/features/security/project/snippet/private_access_spec.rb
diff --git a/spec/features/security/project/snippet/private_access_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/security/project/snippet/private_access_spec.rb
index 420f1938763..979e4c93c2e 100644
--- a/spec/features/security/project/snippet/private_access_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/security/project/snippet/private_access_spec.rb
@@ -11,6 +11,7 @@ describe "Private Project Snippets Access" do
subject { project_snippets_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -25,6 +26,7 @@ describe "Private Project Snippets Access" do
subject { new_project_snippet_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -39,6 +41,7 @@ describe "Private Project Snippets Access" do
subject { project_snippet_path(project, private_snippet) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -53,6 +56,7 @@ describe "Private Project Snippets Access" do
subject { raw_project_snippet_path(project, private_snippet) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
spec/features/security/project/snippet/public_access_spec.rb
diff --git a/spec/features/security/project/snippet/public_access_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/security/project/snippet/public_access_spec.rb
index 6c75902c6e9..88d64fa0e30 100644
--- a/spec/features/security/project/snippet/public_access_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/security/project/snippet/public_access_spec.rb
@@ -13,6 +13,7 @@ describe "Public Project Snippets Access" do
subject { project_snippets_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -27,6 +28,7 @@ describe "Public Project Snippets Access" do
subject { new_project_snippet_path(project) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_denied_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -42,6 +44,7 @@ describe "Public Project Snippets Access" do
subject { project_snippet_path(project, public_snippet) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -56,6 +59,7 @@ describe "Public Project Snippets Access" do
subject { project_snippet_path(project, internal_snippet) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -70,6 +74,7 @@ describe "Public Project Snippets Access" do
subject { project_snippet_path(project, private_snippet) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -86,6 +91,7 @@ describe "Public Project Snippets Access" do
subject { raw_project_snippet_path(project, public_snippet) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -100,6 +106,7 @@ describe "Public Project Snippets Access" do
subject { raw_project_snippet_path(project, internal_snippet) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
@@ -114,6 +121,7 @@ describe "Public Project Snippets Access" do
subject { raw_project_snippet_path(project, private_snippet) }
it { is_expected.to be_allowed_for(:admin) }
+ it { is_expected.to be_allowed_for(:auditor) }
it { is_expected.to be_allowed_for(:owner).of(project) }
it { is_expected.to be_allowed_for(:maintainer).of(project) }
it { is_expected.to be_allowed_for(:developer).of(project) }
Edited by Yorick Peterse