#465: Added specs for RepositoryPolicy
This commit is contained in:
parent
09a7b4c700
commit
0c35d117fa
|
@ -1,7 +1,7 @@
|
|||
class RepositoryPolicy < ApplicationPolicy
|
||||
|
||||
def show?
|
||||
PlatformPolicy.new(user, record.platform).show?
|
||||
is_admin? || PlatformPolicy.new(user, record.platform).show?
|
||||
end
|
||||
alias_method :projects?, :show?
|
||||
alias_method :projects_list?, :show?
|
||||
|
@ -41,11 +41,6 @@ class RepositoryPolicy < ApplicationPolicy
|
|||
end
|
||||
alias_method :remove_project?, :add_project?
|
||||
|
||||
def destroy?
|
||||
return false if record.platform.personal? && record.name == 'main'
|
||||
is_admin? || owner?(record.platform) || local_admin?(record.platform)
|
||||
end
|
||||
|
||||
def settings?
|
||||
is_admin? || owner?(record.platform) || local_admin?(record.platform)
|
||||
end
|
||||
|
|
|
@ -0,0 +1,205 @@
|
|||
require 'spec_helper'
|
||||
|
||||
RSpec.describe RepositoryPolicy, type: :policy do
|
||||
let(:repository) { FactoryGirl.build(:repository) }
|
||||
subject { described_class }
|
||||
|
||||
%i(show? projects? projects_list? read?).each do |perm|
|
||||
permissions perm do
|
||||
it "denies access if user can not show a platform" do
|
||||
allow_any_instance_of(PlatformPolicy).to receive(:show?).and_return(false)
|
||||
expect(subject).to_not permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access if user can show a platform" do
|
||||
allow_any_instance_of(PlatformPolicy).to receive(:show?).and_return(true)
|
||||
expect(subject).to permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for to global admin" do
|
||||
expect(subject).to permit(FactoryGirl.build(:admin), repository)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
permissions :reader? do
|
||||
it "denies access to user" do
|
||||
expect(subject).to_not permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for reader of platform" do
|
||||
allow_any_instance_of(RepositoryPolicy).to receive(:local_reader?).
|
||||
with(repository.platform).and_return(true)
|
||||
expect(subject).to permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for to global admin" do
|
||||
expect(subject).to permit(FactoryGirl.build(:admin), repository)
|
||||
end
|
||||
end
|
||||
|
||||
permissions :write? do
|
||||
it "denies access to user" do
|
||||
expect(subject).to_not permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for writer of platform" do
|
||||
allow_any_instance_of(RepositoryPolicy).to receive(:local_writer?).
|
||||
with(repository.platform).and_return(true)
|
||||
expect(subject).to permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for to global admin" do
|
||||
expect(subject).to permit(FactoryGirl.build(:admin), repository)
|
||||
end
|
||||
end
|
||||
|
||||
%i(update? manage_members? regenerate_metadata? signatures?).each do |perm|
|
||||
permissions perm do
|
||||
it "denies access to user" do
|
||||
expect(subject).to_not permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for admin of platform" do
|
||||
allow_any_instance_of(RepositoryPolicy).to receive(:local_admin?).
|
||||
with(repository.platform).and_return(true)
|
||||
expect(subject).to permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for to global admin" do
|
||||
expect(subject).to permit(FactoryGirl.build(:admin), repository)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
%i(create? destroy?).each do |perm|
|
||||
permissions perm do
|
||||
it "denies access to user" do
|
||||
expect(subject).to_not permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for admin of platform" do
|
||||
allow_any_instance_of(RepositoryPolicy).to receive(:local_admin?).
|
||||
with(repository.platform).and_return(true)
|
||||
expect(subject).to permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for to global admin" do
|
||||
expect(subject).to permit(FactoryGirl.build(:admin), repository)
|
||||
end
|
||||
|
||||
it "denies access for personal platform and repository with 'main' name" do
|
||||
repository.platform = FactoryGirl.build(:personal_platform)
|
||||
repository.name = 'main'
|
||||
expect(subject).to_not permit(FactoryGirl.build(:admin), repository)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
%i(packages? remove_member? remove_members? add_member? sync_lock_file?).each do |perm|
|
||||
permissions perm do
|
||||
it "denies access to user" do
|
||||
expect(subject).to_not permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for admin of platform" do
|
||||
allow_any_instance_of(RepositoryPolicy).to receive(:local_admin?).
|
||||
with(repository.platform).and_return(true)
|
||||
expect(subject).to permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for to global admin" do
|
||||
expect(subject).to permit(FactoryGirl.build(:admin), repository)
|
||||
end
|
||||
|
||||
it "denies access for personal platform" do
|
||||
repository.platform = FactoryGirl.build(:personal_platform)
|
||||
expect(subject).to_not permit(FactoryGirl.build(:admin), repository)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
%i(add_project? remove_project?).each do |perm|
|
||||
permissions perm do
|
||||
it "denies access to user" do
|
||||
expect(subject).to_not permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for admin of platform" do
|
||||
allow_any_instance_of(RepositoryPolicy).to receive(:local_admin?).
|
||||
with(repository.platform).and_return(true)
|
||||
expect(subject).to permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for member of repository" do
|
||||
user = FactoryGirl.build(:user, id: 123)
|
||||
allow_any_instance_of(RepositoryPolicy).to receive(:repository_user_ids).and_return([123])
|
||||
expect(subject).to permit(user, repository)
|
||||
end
|
||||
|
||||
it "grants access for to global admin" do
|
||||
expect(subject).to permit(FactoryGirl.build(:admin), repository)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
permissions :settings? do
|
||||
it "denies access to user" do
|
||||
expect(subject).to_not permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for admin of platform" do
|
||||
allow_any_instance_of(RepositoryPolicy).to receive(:local_admin?).
|
||||
with(repository.platform).and_return(true)
|
||||
expect(subject).to permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for to global admin" do
|
||||
expect(subject).to permit(FactoryGirl.build(:admin), repository)
|
||||
end
|
||||
end
|
||||
|
||||
permissions :key_pair? do
|
||||
it "denies access to user" do
|
||||
expect(subject).to_not permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "denies access for to global admin" do
|
||||
expect(subject).to_not permit(FactoryGirl.build(:admin), repository)
|
||||
end
|
||||
|
||||
it "grants access to system user" do
|
||||
expect(subject).to permit(FactoryGirl.build(:user, role: 'system'), repository)
|
||||
end
|
||||
end
|
||||
|
||||
%i(add_repo_lock_file? remove_repo_lock_file?).each do |perm|
|
||||
permissions perm do
|
||||
it "denies access to user" do
|
||||
expect(subject).to_not permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for admin of platform" do
|
||||
allow_any_instance_of(RepositoryPolicy).to receive(:local_admin?).
|
||||
with(repository.platform).and_return(true)
|
||||
expect(subject).to permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "denies access for admin of personal platform" do
|
||||
allow(repository.platform).to receive(:main?).and_return(false)
|
||||
allow_any_instance_of(RepositoryPolicy).to receive(:local_admin?).
|
||||
with(repository.platform).and_return(true)
|
||||
expect(subject).to_not permit(User.new, repository)
|
||||
end
|
||||
|
||||
it "grants access for to global admin" do
|
||||
expect(subject).to permit(FactoryGirl.build(:admin), repository)
|
||||
end
|
||||
|
||||
it "grants access to system user" do
|
||||
expect(subject).to permit(FactoryGirl.build(:user, role: 'system'), repository)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
end
|
Loading…
Reference in New Issue