mirror of
https://gitlab.com/gitlab-org/gitlab-foss.git
synced 2025-08-16 15:57:22 +00:00
Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
GitLab Bot
@ -11,8 +11,6 @@ RSpec.describe GroupPolicy do
|
||||
|
||||
it do
|
||||
expect_allowed(:read_group)
|
||||
expect_allowed(:read_crm_organization)
|
||||
expect_allowed(:read_crm_contact)
|
||||
expect_allowed(:read_counts)
|
||||
expect_allowed(*read_group_permissions)
|
||||
expect_disallowed(:upload_file)
|
||||
@ -21,11 +19,13 @@ RSpec.describe GroupPolicy do
|
||||
expect_disallowed(*maintainer_permissions)
|
||||
expect_disallowed(*owner_permissions)
|
||||
expect_disallowed(:read_namespace)
|
||||
expect_disallowed(:read_crm_organization)
|
||||
expect_disallowed(:read_crm_contact)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with no user and public project' do
|
||||
let(:project) { create(:project, :public) }
|
||||
let(:project) { create(:project, :public, group: create(:group, :crm_enabled)) }
|
||||
let(:current_user) { nil }
|
||||
|
||||
before do
|
||||
@ -41,7 +41,7 @@ RSpec.describe GroupPolicy do
|
||||
end
|
||||
|
||||
context 'with foreign user and public project' do
|
||||
let(:project) { create(:project, :public) }
|
||||
let(:project) { create(:project, :public, group: create(:group, :crm_enabled)) }
|
||||
let(:current_user) { create(:user) }
|
||||
|
||||
before do
|
||||
@ -67,7 +67,7 @@ RSpec.describe GroupPolicy do
|
||||
it { expect_allowed(*read_group_permissions) }
|
||||
|
||||
context 'in subgroups' do
|
||||
let(:subgroup) { create(:group, :private, parent: group) }
|
||||
let(:subgroup) { create(:group, :private, :crm_enabled, parent: group) }
|
||||
let(:project) { create(:project, namespace: subgroup) }
|
||||
|
||||
it { expect_allowed(*read_group_permissions) }
|
||||
@ -235,7 +235,7 @@ RSpec.describe GroupPolicy do
|
||||
|
||||
describe 'private nested group use the highest access level from the group and inherited permissions' do
|
||||
let_it_be(:nested_group) do
|
||||
create(:group, :private, :owner_subgroup_creation_only, parent: group)
|
||||
create(:group, :private, :owner_subgroup_creation_only, :crm_enabled, parent: group)
|
||||
end
|
||||
|
||||
before_all do
|
||||
@ -342,7 +342,7 @@ RSpec.describe GroupPolicy do
|
||||
let(:current_user) { owner }
|
||||
|
||||
context 'when the group share_with_group_lock is enabled' do
|
||||
let(:group) { create(:group, share_with_group_lock: true, parent: parent) }
|
||||
let(:group) { create(:group, :crm_enabled, share_with_group_lock: true, parent: parent) }
|
||||
|
||||
before do
|
||||
group.add_owner(owner)
|
||||
@ -350,10 +350,10 @@ RSpec.describe GroupPolicy do
|
||||
|
||||
context 'when the parent group share_with_group_lock is enabled' do
|
||||
context 'when the group has a grandparent' do
|
||||
let(:parent) { create(:group, share_with_group_lock: true, parent: grandparent) }
|
||||
let(:parent) { create(:group, :crm_enabled, share_with_group_lock: true, parent: grandparent) }
|
||||
|
||||
context 'when the grandparent share_with_group_lock is enabled' do
|
||||
let(:grandparent) { create(:group, share_with_group_lock: true) }
|
||||
let(:grandparent) { create(:group, :crm_enabled, share_with_group_lock: true) }
|
||||
|
||||
context 'when the current_user owns the parent' do
|
||||
before do
|
||||
@ -379,7 +379,7 @@ RSpec.describe GroupPolicy do
|
||||
end
|
||||
|
||||
context 'when the grandparent share_with_group_lock is disabled' do
|
||||
let(:grandparent) { create(:group) }
|
||||
let(:grandparent) { create(:group, :crm_enabled) }
|
||||
|
||||
context 'when the current_user owns the parent' do
|
||||
before do
|
||||
@ -396,7 +396,7 @@ RSpec.describe GroupPolicy do
|
||||
end
|
||||
|
||||
context 'when the group does not have a grandparent' do
|
||||
let(:parent) { create(:group, share_with_group_lock: true) }
|
||||
let(:parent) { create(:group, :crm_enabled, share_with_group_lock: true) }
|
||||
|
||||
context 'when the current_user owns the parent' do
|
||||
before do
|
||||
@ -413,7 +413,7 @@ RSpec.describe GroupPolicy do
|
||||
end
|
||||
|
||||
context 'when the parent group share_with_group_lock is disabled' do
|
||||
let(:parent) { create(:group) }
|
||||
let(:parent) { create(:group, :crm_enabled) }
|
||||
|
||||
it { expect_allowed(:change_share_with_group_lock) }
|
||||
end
|
||||
@ -698,7 +698,7 @@ RSpec.describe GroupPolicy do
|
||||
end
|
||||
|
||||
it_behaves_like 'clusterable policies' do
|
||||
let(:clusterable) { create(:group) }
|
||||
let(:clusterable) { create(:group, :crm_enabled) }
|
||||
let(:cluster) do
|
||||
create(:cluster,
|
||||
:provided_by_gcp,
|
||||
@ -708,7 +708,7 @@ RSpec.describe GroupPolicy do
|
||||
end
|
||||
|
||||
describe 'update_max_artifacts_size' do
|
||||
let(:group) { create(:group, :public) }
|
||||
let(:group) { create(:group, :public, :crm_enabled) }
|
||||
|
||||
context 'when no user' do
|
||||
let(:current_user) { nil }
|
||||
@ -738,7 +738,7 @@ RSpec.describe GroupPolicy do
|
||||
end
|
||||
|
||||
describe 'design activity' do
|
||||
let_it_be(:group) { create(:group, :public) }
|
||||
let_it_be(:group) { create(:group, :public, :crm_enabled) }
|
||||
|
||||
let(:current_user) { nil }
|
||||
|
||||
@ -935,8 +935,6 @@ RSpec.describe GroupPolicy do
|
||||
|
||||
it { is_expected.to be_allowed(:read_package) }
|
||||
it { is_expected.to be_allowed(:read_group) }
|
||||
it { is_expected.to be_allowed(:read_crm_organization) }
|
||||
it { is_expected.to be_allowed(:read_crm_contact) }
|
||||
it { is_expected.to be_disallowed(:create_package) }
|
||||
end
|
||||
|
||||
@ -946,8 +944,6 @@ RSpec.describe GroupPolicy do
|
||||
it { is_expected.to be_allowed(:create_package) }
|
||||
it { is_expected.to be_allowed(:read_package) }
|
||||
it { is_expected.to be_allowed(:read_group) }
|
||||
it { is_expected.to be_allowed(:read_crm_organization) }
|
||||
it { is_expected.to be_allowed(:read_crm_contact) }
|
||||
it { is_expected.to be_disallowed(:destroy_package) }
|
||||
end
|
||||
|
||||
@ -967,7 +963,7 @@ RSpec.describe GroupPolicy do
|
||||
it_behaves_like 'Self-managed Core resource access tokens'
|
||||
|
||||
context 'support bot' do
|
||||
let_it_be(:group) { create(:group, :private) }
|
||||
let_it_be(:group) { create(:group, :private, :crm_enabled) }
|
||||
let_it_be(:current_user) { User.support_bot }
|
||||
|
||||
before do
|
||||
@ -977,7 +973,7 @@ RSpec.describe GroupPolicy do
|
||||
it { expect_disallowed(:read_label) }
|
||||
|
||||
context 'when group hierarchy has a project with service desk enabled' do
|
||||
let_it_be(:subgroup) { create(:group, :private, parent: group) }
|
||||
let_it_be(:subgroup) { create(:group, :private, :crm_enabled, parent: group) }
|
||||
let_it_be(:project) { create(:project, group: subgroup, service_desk_enabled: true) }
|
||||
|
||||
it { expect_allowed(:read_label) }
|
||||
@ -1170,7 +1166,7 @@ RSpec.describe GroupPolicy do
|
||||
end
|
||||
|
||||
context 'when crm_enabled is false' do
|
||||
let(:group) { create(:group) }
|
||||
let(:group) { create(:group, :crm_enabled) }
|
||||
let(:current_user) { owner }
|
||||
|
||||
it { is_expected.to be_disallowed(:read_crm_contact) }
|
||||
|
||||
Reference in New Issue
Block a user