gitlab-org--gitlab-foss/spec/features/security/dashboard_access_spec.rb

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe "Dashboard access" do
  include AccessMatchers

  describe "GET /dashboard" do
    subject { dashboard_projects_path }

    it { is_expected.to be_allowed_for :admin }
    it { is_expected.to be_allowed_for :user }
    it { is_expected.to be_denied_for :visitor }
  end

  describe "GET /dashboard/issues" do
    subject { issues_dashboard_path }

    it { is_expected.to be_allowed_for :admin }
    it { is_expected.to be_allowed_for :user }
    it { is_expected.to be_denied_for :visitor }
  end

  describe "GET /dashboard/merge_requests" do
    subject { merge_requests_dashboard_path }

    it { is_expected.to be_allowed_for :admin }
    it { is_expected.to be_allowed_for :user }
    it { is_expected.to be_denied_for :visitor }
  end

  describe "GET /dashboard/projects/starred" do
    subject { starred_dashboard_projects_path }

    it { is_expected.to be_allowed_for :admin }
    it { is_expected.to be_allowed_for :user }
    it { is_expected.to be_denied_for :visitor }
  end

  describe "GET /help" do
    subject { help_path }

    it { is_expected.to be_allowed_for :admin }
    it { is_expected.to be_allowed_for :user }
    it { is_expected.to be_allowed_for :visitor }
  end

  describe "GET /projects/new" do
    it { expect(new_project_path).to be_allowed_for :admin }
    it { expect(new_project_path).to be_allowed_for :user }
    it { expect(new_project_path).to be_denied_for :visitor }
  end

  describe "GET /groups/new" do
    it { expect(new_group_path).to be_allowed_for :admin }
    it { expect(new_group_path).to be_allowed_for :user }
    it { expect(new_group_path).to be_denied_for :visitor }
  end

  describe "GET /dashboard/groups" do
    subject { dashboard_groups_path }

    it { is_expected.to be_allowed_for :admin }
    it { is_expected.to be_allowed_for :user }
    it { is_expected.to be_denied_for :visitor }
  end
end
Add frozen_string_literal to spec/features Using the sed script from https://gitlab.com/gitlab-org/gitlab-ce/issues/59758 2019-07-25 05:24:42 +00:00			`# frozen_string_literal: true`

Dashboard security specs 2013-09-25 11:04:16 +00:00			`require 'spec_helper'`

Add latest changes from gitlab-org/gitlab@master 2020-06-03 18:08:28 +00:00			`RSpec.describe "Dashboard access" do`
Move access-related matchers to their own module 2015-07-22 02:09:02 +00:00			`include AccessMatchers`

Dashboard security specs 2013-09-25 11:04:16 +00:00			`describe "GET /dashboard" do`
Use new routing helper 2015-09-08 16:14:02 +00:00			`subject { dashboard_projects_path }`
Dashboard security specs 2013-09-25 11:04:16 +00:00
Updated rspec to rspec 3.x syntax Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com> 2015-02-12 18:17:35 +00:00			`it { is_expected.to be_allowed_for :admin }`
			`it { is_expected.to be_allowed_for :user }`
			`it { is_expected.to be_denied_for :visitor }`
Dashboard security specs 2013-09-25 11:04:16 +00:00			`end`

			`describe "GET /dashboard/issues" do`
			`subject { issues_dashboard_path }`

Updated rspec to rspec 3.x syntax Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com> 2015-02-12 18:17:35 +00:00			`it { is_expected.to be_allowed_for :admin }`
			`it { is_expected.to be_allowed_for :user }`
			`it { is_expected.to be_denied_for :visitor }`
Dashboard security specs 2013-09-25 11:04:16 +00:00			`end`

			`describe "GET /dashboard/merge_requests" do`
			`subject { merge_requests_dashboard_path }`

Updated rspec to rspec 3.x syntax Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com> 2015-02-12 18:17:35 +00:00			`it { is_expected.to be_allowed_for :admin }`
			`it { is_expected.to be_allowed_for :user }`
			`it { is_expected.to be_denied_for :visitor }`
Dashboard security specs 2013-09-25 11:04:16 +00:00			`end`

Rename dashboard landing page to Your projects 2015-03-10 23:06:30 +00:00			`describe "GET /dashboard/projects/starred" do`
			`subject { starred_dashboard_projects_path }`
Dashboard security specs 2013-09-25 11:04:16 +00:00
Updated rspec to rspec 3.x syntax Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com> 2015-02-12 18:17:35 +00:00			`it { is_expected.to be_allowed_for :admin }`
			`it { is_expected.to be_allowed_for :user }`
			`it { is_expected.to be_denied_for :visitor }`
Dashboard security specs 2013-09-25 11:04:16 +00:00			`end`

			`describe "GET /help" do`
			`subject { help_path }`

Updated rspec to rspec 3.x syntax Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com> 2015-02-12 18:17:35 +00:00			`it { is_expected.to be_allowed_for :admin }`
			`it { is_expected.to be_allowed_for :user }`
Fix help access spec 2015-09-09 09:22:19 +00:00			`it { is_expected.to be_allowed_for :visitor }`
Dashboard security specs 2013-09-25 11:04:16 +00:00			`end`

			`describe "GET /projects/new" do`
Updated rspec to rspec 3.x syntax Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com> 2015-02-12 18:17:35 +00:00			`it { expect(new_project_path).to be_allowed_for :admin }`
			`it { expect(new_project_path).to be_allowed_for :user }`
			`it { expect(new_project_path).to be_denied_for :visitor }`
Dashboard security specs 2013-09-25 11:04:16 +00:00			`end`

			`describe "GET /groups/new" do`
Updated rspec to rspec 3.x syntax Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com> 2015-02-12 18:17:35 +00:00			`it { expect(new_group_path).to be_allowed_for :admin }`
			`it { expect(new_group_path).to be_allowed_for :user }`
			`it { expect(new_group_path).to be_denied_for :visitor }`
Dashboard security specs 2013-09-25 11:04:16 +00:00			`end`
Move Profile groups tests to Dashboard group tests 2015-03-09 03:52:22 +00:00
Add latest changes from gitlab-org/gitlab@master 2021-01-18 15:10:42 +00:00			`describe "GET /dashboard/groups" do`
Move Profile groups tests to Dashboard group tests 2015-03-09 03:52:22 +00:00			`subject { dashboard_groups_path }`

			`it { is_expected.to be_allowed_for :admin }`
			`it { is_expected.to be_allowed_for :user }`
			`it { is_expected.to be_denied_for :visitor }`
			`end`
Dashboard security specs 2013-09-25 11:04:16 +00:00			`end`