2020-04-13 15:09:20 +00:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
RSpec.shared_examples 'model with wiki policies' do
|
2020-05-06 15:09:42 +00:00
|
|
|
include ProjectHelpers
|
2020-05-15 15:08:04 +00:00
|
|
|
include AdminModeHelper
|
2020-04-13 15:09:20 +00:00
|
|
|
|
2020-05-06 15:09:42 +00:00
|
|
|
let(:container) { raise NotImplementedError }
|
|
|
|
let(:user) { raise NotImplementedError }
|
2020-04-13 15:09:20 +00:00
|
|
|
|
2020-05-06 15:09:42 +00:00
|
|
|
subject { described_class.new(user, container) }
|
2020-04-13 15:09:20 +00:00
|
|
|
|
2020-05-06 15:09:42 +00:00
|
|
|
let_it_be(:wiki_permissions) do
|
|
|
|
{}.tap do |permissions|
|
|
|
|
permissions[:guest] = %i[read_wiki]
|
|
|
|
permissions[:reporter] = permissions[:guest] + %i[download_wiki_code]
|
|
|
|
permissions[:developer] = permissions[:reporter] + %i[create_wiki]
|
|
|
|
permissions[:maintainer] = permissions[:developer] + %i[admin_wiki]
|
|
|
|
permissions[:all] = permissions[:maintainer]
|
2020-04-13 15:09:20 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-05-06 15:09:42 +00:00
|
|
|
using RSpec::Parameterized::TableSyntax
|
|
|
|
|
|
|
|
where(:container_level, :access_level, :membership, :access) do
|
|
|
|
:public | :enabled | :admin | :all
|
|
|
|
:public | :enabled | :maintainer | :maintainer
|
|
|
|
:public | :enabled | :developer | :developer
|
|
|
|
:public | :enabled | :reporter | :reporter
|
|
|
|
:public | :enabled | :guest | :guest
|
|
|
|
:public | :enabled | :non_member | :guest
|
|
|
|
:public | :enabled | :anonymous | :guest
|
|
|
|
|
|
|
|
:public | :private | :admin | :all
|
|
|
|
:public | :private | :maintainer | :maintainer
|
|
|
|
:public | :private | :developer | :developer
|
|
|
|
:public | :private | :reporter | :reporter
|
|
|
|
:public | :private | :guest | :guest
|
|
|
|
:public | :private | :non_member | nil
|
|
|
|
:public | :private | :anonymous | nil
|
|
|
|
|
|
|
|
:public | :disabled | :admin | nil
|
|
|
|
:public | :disabled | :maintainer | nil
|
|
|
|
:public | :disabled | :developer | nil
|
|
|
|
:public | :disabled | :reporter | nil
|
|
|
|
:public | :disabled | :guest | nil
|
|
|
|
:public | :disabled | :non_member | nil
|
|
|
|
:public | :disabled | :anonymous | nil
|
|
|
|
|
|
|
|
:internal | :enabled | :admin | :all
|
|
|
|
:internal | :enabled | :maintainer | :maintainer
|
|
|
|
:internal | :enabled | :developer | :developer
|
|
|
|
:internal | :enabled | :reporter | :reporter
|
|
|
|
:internal | :enabled | :guest | :guest
|
|
|
|
:internal | :enabled | :non_member | :guest
|
|
|
|
:internal | :enabled | :anonymous | nil
|
|
|
|
|
|
|
|
:internal | :private | :admin | :all
|
|
|
|
:internal | :private | :maintainer | :maintainer
|
|
|
|
:internal | :private | :developer | :developer
|
|
|
|
:internal | :private | :reporter | :reporter
|
|
|
|
:internal | :private | :guest | :guest
|
|
|
|
:internal | :private | :non_member | nil
|
|
|
|
:internal | :private | :anonymous | nil
|
|
|
|
|
|
|
|
:internal | :disabled | :admin | nil
|
|
|
|
:internal | :disabled | :maintainer | nil
|
|
|
|
:internal | :disabled | :developer | nil
|
|
|
|
:internal | :disabled | :reporter | nil
|
|
|
|
:internal | :disabled | :guest | nil
|
|
|
|
:internal | :disabled | :non_member | nil
|
|
|
|
:internal | :disabled | :anonymous | nil
|
|
|
|
|
|
|
|
:private | :private | :admin | :all
|
|
|
|
:private | :private | :maintainer | :maintainer
|
|
|
|
:private | :private | :developer | :developer
|
|
|
|
:private | :private | :reporter | :reporter
|
|
|
|
:private | :private | :guest | :guest
|
|
|
|
:private | :private | :non_member | nil
|
|
|
|
:private | :private | :anonymous | nil
|
|
|
|
|
|
|
|
:private | :disabled | :admin | nil
|
|
|
|
:private | :disabled | :maintainer | nil
|
|
|
|
:private | :disabled | :developer | nil
|
|
|
|
:private | :disabled | :reporter | nil
|
|
|
|
:private | :disabled | :guest | nil
|
|
|
|
:private | :disabled | :non_member | nil
|
|
|
|
:private | :disabled | :anonymous | nil
|
|
|
|
end
|
2020-04-13 15:09:20 +00:00
|
|
|
|
2020-05-06 15:09:42 +00:00
|
|
|
with_them do
|
|
|
|
let(:user) { create_user_from_membership(container, membership) }
|
|
|
|
let(:allowed_permissions) { wiki_permissions[access].dup || [] }
|
|
|
|
let(:disallowed_permissions) { wiki_permissions[:all] - allowed_permissions }
|
2020-04-13 15:09:20 +00:00
|
|
|
|
|
|
|
before do
|
2020-05-06 15:09:42 +00:00
|
|
|
container.visibility = container_level.to_s
|
|
|
|
set_access_level(ProjectFeature.access_level_from_str(access_level.to_s))
|
2020-05-15 15:08:04 +00:00
|
|
|
enable_admin_mode!(user) if user&.admin?
|
2020-04-13 15:09:20 +00:00
|
|
|
|
2020-05-06 15:09:42 +00:00
|
|
|
if allowed_permissions.any? && [container_level, access_level, membership] != [:private, :private, :guest]
|
|
|
|
allowed_permissions << :download_wiki_code
|
2020-04-13 15:09:20 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-05-06 15:09:42 +00:00
|
|
|
it 'allows actions based on membership' do
|
|
|
|
expect_allowed(*allowed_permissions)
|
|
|
|
expect_disallowed(*disallowed_permissions)
|
2020-04-13 15:09:20 +00:00
|
|
|
end
|
2020-05-06 15:09:42 +00:00
|
|
|
end
|
2020-04-13 15:09:20 +00:00
|
|
|
|
2020-05-06 15:09:42 +00:00
|
|
|
# TODO: Remove this helper once we implement group features
|
|
|
|
# https://gitlab.com/gitlab-org/gitlab/-/issues/208412
|
|
|
|
def set_access_level(access_level)
|
|
|
|
raise NotImplementedError
|
2020-04-13 15:09:20 +00:00
|
|
|
end
|
|
|
|
end
|