gitlab-org--gitlab-foss/spec/features/security/group/internal_group_access_spec.rb

require 'spec_helper'

describe "Group with internal project access", feature: true  do
  describe "Group" do
    let(:group) { create(:group) }

    let(:owner)   { create(:owner) }
    let(:master)   { create(:user) }
    let(:reporter) { create(:user) }
    let(:guest)    { create(:user) }
    let(:nonmember)  { create(:user) }

    before do
      group.add_user(owner, Gitlab::Access::OWNER)
      group.add_user(master, Gitlab::Access::MASTER)
      group.add_user(reporter, Gitlab::Access::REPORTER)
      group.add_user(guest, Gitlab::Access::GUEST)

      create(:project, :internal, group: group)
    end

    describe "GET /groups/:path" do
      subject { group_path(group) }

      it { should be_allowed_for owner }
      it { should be_allowed_for master }
      it { should be_allowed_for reporter }
      it { should be_allowed_for :admin }
      it { should be_allowed_for guest }
      it { should be_allowed_for :user }
      it { should be_denied_for :visitor }
    end

    describe "GET /groups/:path/issues" do
      subject { issues_group_path(group) }

      it { should be_allowed_for owner }
      it { should be_allowed_for master }
      it { should be_allowed_for reporter }
      it { should be_allowed_for :admin }
      it { should be_allowed_for guest }
      it { should be_allowed_for :user }
      it { should be_denied_for :visitor }
    end

    describe "GET /groups/:path/merge_requests" do
      subject { merge_requests_group_path(group) }

      it { should be_allowed_for owner }
      it { should be_allowed_for master }
      it { should be_allowed_for reporter }
      it { should be_allowed_for :admin }
      it { should be_allowed_for guest }
      it { should be_allowed_for :user }
      it { should be_denied_for :visitor }
    end

    describe "GET /groups/:path/members" do
      subject { members_group_path(group) }

      it { should be_allowed_for owner }
      it { should be_allowed_for master }
      it { should be_allowed_for reporter }
      it { should be_allowed_for :admin }
      it { should be_allowed_for guest }
      it { should be_allowed_for :user }
      it { should be_denied_for :visitor }
    end

    describe "GET /groups/:path/edit" do
      subject { edit_group_path(group) }

      it { should be_allowed_for owner }
      it { should be_denied_for master }
      it { should be_denied_for reporter }
      it { should be_allowed_for :admin }
      it { should be_denied_for guest }
      it { should be_denied_for :user }
      it { should be_denied_for :visitor }
    end
  end
end
Group security tests 2013-09-25 10:27:16 +00:00			`require 'spec_helper'`

Split feature tests out to different build job 2014-04-12 08:56:37 +00:00			`describe "Group with internal project access", feature: true do`
Group security tests 2013-09-25 10:27:16 +00:00			`describe "Group" do`
			`let(:group) { create(:group) }`

Ignore owner_id for Group in tests 2013-09-26 11:52:17 +00:00			`let(:owner) { create(:owner) }`
Group security tests 2013-09-25 10:27:16 +00:00			`let(:master) { create(:user) }`
			`let(:reporter) { create(:user) }`
			`let(:guest) { create(:user) }`
Allow access to groups with public projects. Fixed Group avatars to only display when user has read permissions to at least one project in the group. 2014-02-13 20:45:51 +00:00			`let(:nonmember) { create(:user) }`
Group security tests 2013-09-25 10:27:16 +00:00
			`before do`
Ignore owner_id for Group in tests 2013-09-26 11:52:17 +00:00			`group.add_user(owner, Gitlab::Access::OWNER)`
Group security tests 2013-09-25 10:27:16 +00:00			`group.add_user(master, Gitlab::Access::MASTER)`
			`group.add_user(reporter, Gitlab::Access::REPORTER)`
			`group.add_user(guest, Gitlab::Access::GUEST)`
Dont test models methods in security specs Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-02-25 15:14:03 +00:00
Make use of project factory traits 2014-03-19 09:15:24 +00:00			`create(:project, :internal, group: group)`
Allow access to groups with public projects. Fixed Group avatars to only display when user has read permissions to at least one project in the group. 2014-02-13 20:45:51 +00:00			`end`
Group security tests 2013-09-25 10:27:16 +00:00
			`describe "GET /groups/:path" do`
			`subject { group_path(group) }`

Ignore owner_id for Group in tests 2013-09-26 11:52:17 +00:00			`it { should be_allowed_for owner }`
Group security tests 2013-09-25 10:27:16 +00:00			`it { should be_allowed_for master }`
			`it { should be_allowed_for reporter }`
			`it { should be_allowed_for :admin }`
			`it { should be_allowed_for guest }`
Allow access to groups with public projects. Fixed Group avatars to only display when user has read permissions to at least one project in the group. 2014-02-13 20:45:51 +00:00			`it { should be_allowed_for :user }`
Group security tests 2013-09-25 10:27:16 +00:00			`it { should be_denied_for :visitor }`
			`end`

			`describe "GET /groups/:path/issues" do`
			`subject { issues_group_path(group) }`

Ignore owner_id for Group in tests 2013-09-26 11:52:17 +00:00			`it { should be_allowed_for owner }`
Group security tests 2013-09-25 10:27:16 +00:00			`it { should be_allowed_for master }`
			`it { should be_allowed_for reporter }`
			`it { should be_allowed_for :admin }`
			`it { should be_allowed_for guest }`
Allow access to groups with public projects. Fixed Group avatars to only display when user has read permissions to at least one project in the group. 2014-02-13 20:45:51 +00:00			`it { should be_allowed_for :user }`
Group security tests 2013-09-25 10:27:16 +00:00			`it { should be_denied_for :visitor }`
			`end`

			`describe "GET /groups/:path/merge_requests" do`
			`subject { merge_requests_group_path(group) }`

Ignore owner_id for Group in tests 2013-09-26 11:52:17 +00:00			`it { should be_allowed_for owner }`
Group security tests 2013-09-25 10:27:16 +00:00			`it { should be_allowed_for master }`
			`it { should be_allowed_for reporter }`
			`it { should be_allowed_for :admin }`
			`it { should be_allowed_for guest }`
Allow access to groups with public projects. Fixed Group avatars to only display when user has read permissions to at least one project in the group. 2014-02-13 20:45:51 +00:00			`it { should be_allowed_for :user }`
Group security tests 2013-09-25 10:27:16 +00:00			`it { should be_denied_for :visitor }`
			`end`

			`describe "GET /groups/:path/members" do`
			`subject { members_group_path(group) }`

Ignore owner_id for Group in tests 2013-09-26 11:52:17 +00:00			`it { should be_allowed_for owner }`
Group security tests 2013-09-25 10:27:16 +00:00			`it { should be_allowed_for master }`
			`it { should be_allowed_for reporter }`
			`it { should be_allowed_for :admin }`
			`it { should be_allowed_for guest }`
Allow access to groups with public projects. Fixed Group avatars to only display when user has read permissions to at least one project in the group. 2014-02-13 20:45:51 +00:00			`it { should be_allowed_for :user }`
Group security tests 2013-09-25 10:27:16 +00:00			`it { should be_denied_for :visitor }`
			`end`

			`describe "GET /groups/:path/edit" do`
			`subject { edit_group_path(group) }`

Ignore owner_id for Group in tests 2013-09-26 11:52:17 +00:00			`it { should be_allowed_for owner }`
Group security tests 2013-09-25 10:27:16 +00:00			`it { should be_denied_for master }`
			`it { should be_denied_for reporter }`
			`it { should be_allowed_for :admin }`
			`it { should be_denied_for guest }`
			`it { should be_denied_for :user }`
			`it { should be_denied_for :visitor }`
			`end`
			`end`
			`end`