gitlab-org--gitlab-foss/spec/policies/environment_policy_spec.rb

# frozen_string_literal: true

require 'spec_helper'

describe EnvironmentPolicy do
  using RSpec::Parameterized::TableSyntax

  let(:user) { create(:user) }

  let(:policy) do
    described_class.new(user, environment)
  end

  describe '#rules' do
    shared_examples 'project permissions' do
      context 'with stop action' do
        let(:environment) do
          create(:environment, :with_review_app, project: project)
        end

        where(:access_level, :allowed?) do
          nil         | false
          :guest      | false
          :reporter   | false
          :developer  | true
          :maintainer | true
        end

        with_them do
          before do
            project.add_user(user, access_level) unless access_level.nil?
          end

          it { expect(policy.allowed?(:stop_environment)).to be allowed? }
        end

        context 'when an admin user' do
          let(:user) { create(:user, :admin) }

          it { expect(policy).to be_allowed :stop_environment }
        end

        context 'with protected branch' do
          with_them do
            before do
              project.add_user(user, access_level) unless access_level.nil?
              create(:protected_branch, :no_one_can_push,
                     name: 'master', project: project)
            end

            it { expect(policy).to be_disallowed :stop_environment }
          end

          context 'when an admin user' do
            let(:user) { create(:user, :admin) }

            it { expect(policy).to be_allowed :stop_environment }
          end
        end
      end

      context 'without stop action' do
        let(:environment) do
          create(:environment, project: project)
        end

        where(:access_level, :allowed?) do
          nil         | false
          :guest      | false
          :reporter   | false
          :developer  | true
          :maintainer | true
        end

        with_them do
          before do
            project.add_user(user, access_level) unless access_level.nil?
          end

          it { expect(policy.allowed?(:stop_environment)).to be allowed? }
        end

        context 'when an admin user' do
          let(:user) { create(:user, :admin) }

          it { expect(policy).to be_allowed :stop_environment }
        end
      end

      describe '#destroy_environment' do
        let(:environment) do
          create(:environment, project: project)
        end

        where(:access_level, :allowed?) do
          nil         | false
          :guest      | false
          :reporter   | false
          :developer  | true
          :maintainer | true
        end

        with_them do
          before do
            project.add_user(user, access_level) unless access_level.nil?
          end

          it { expect(policy).to be_disallowed :destroy_environment }

          context 'when environment is stopped' do
            before do
              environment.stop!
            end

            it { expect(policy.allowed?(:destroy_environment)).to be allowed? }
          end
        end

        context 'when an admin user' do
          let(:user) { create(:user, :admin) }

          it { expect(policy).to be_disallowed :destroy_environment }

          context 'when environment is stopped' do
            before do
              environment.stop!
            end

            it { expect(policy).to be_allowed :destroy_environment }
          end
        end
      end
    end

    context 'when project is public' do
      let(:project) { create(:project, :public, :repository) }

      include_examples 'project permissions'
    end

    context 'when project is private' do
      let(:project) { create(:project, :private, :repository) }

      include_examples 'project permissions'
    end
  end
end
Add latest changes from gitlab-org/gitlab@master 2019-10-24 20:06:14 -04:00			`# frozen_string_literal: true`

Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00			`require 'spec_helper'`

Fix environment policy class name in specs 2017-05-02 05:27:10 -04:00			`describe EnvironmentPolicy do`
Support manually stopping any environment from the UI 2018-07-10 04:11:04 -04:00			`using RSpec::Parameterized::TableSyntax`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00
Support manually stopping any environment from the UI 2018-07-10 04:11:04 -04:00			`let(:user) { create(:user) }`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00
update the specs to not require a set to be returned 2017-04-06 17:09:58 -04:00			`let(:policy) do`
			`described_class.new(user, environment)`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00			`end`

			`describe '#rules' do`
Support manually stopping any environment from the UI 2018-07-10 04:11:04 -04:00			`shared_examples 'project permissions' do`
			`context 'with stop action' do`
			`let(:environment) do`
			`create(:environment, :with_review_app, project: project)`
			`end`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00
Support manually stopping any environment from the UI 2018-07-10 04:11:04 -04:00			`where(:access_level, :allowed?) do`
Resolve "Rename the `Master` role to `Maintainer`" Backend 2018-07-11 10:36:08 -04:00			`nil \| false`
			`:guest \| false`
			`:reporter \| false`
			`:developer \| true`
			`:maintainer \| true`
Support manually stopping any environment from the UI 2018-07-10 04:11:04 -04:00			`end`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00
Support manually stopping any environment from the UI 2018-07-10 04:11:04 -04:00			`with_them do`
			`before do`
			`project.add_user(user, access_level) unless access_level.nil?`
			`end`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00
Support manually stopping any environment from the UI 2018-07-10 04:11:04 -04:00			`it { expect(policy.allowed?(:stop_environment)).to be allowed? }`
			`end`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00
Support manually stopping any environment from the UI 2018-07-10 04:11:04 -04:00			`context 'when an admin user' do`
			`let(:user) { create(:user, :admin) }`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00
Support manually stopping any environment from the UI 2018-07-10 04:11:04 -04:00			`it { expect(policy).to be_allowed :stop_environment }`
			`end`

			`context 'with protected branch' do`
			`with_them do`
			`before do`
			`project.add_user(user, access_level) unless access_level.nil?`
			`create(:protected_branch, :no_one_can_push,`
			`name: 'master', project: project)`
			`end`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00
Support manually stopping any environment from the UI 2018-07-10 04:11:04 -04:00			`it { expect(policy).to be_disallowed :stop_environment }`
			`end`

			`context 'when an admin user' do`
			`let(:user) { create(:user, :admin) }`

			`it { expect(policy).to be_allowed :stop_environment }`
			`end`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00			`end`
			`end`

Support manually stopping any environment from the UI 2018-07-10 04:11:04 -04:00			`context 'without stop action' do`
			`let(:environment) do`
			`create(:environment, project: project)`
			`end`

			`where(:access_level, :allowed?) do`
Resolve "Rename the `Master` role to `Maintainer`" Backend 2018-07-11 10:36:08 -04:00			`nil \| false`
			`:guest \| false`
			`:reporter \| false`
Add latest changes from gitlab-org/gitlab@master 2019-12-10 02:53:40 -05:00			`:developer \| true`
Resolve "Rename the `Master` role to `Maintainer`" Backend 2018-07-11 10:36:08 -04:00			`:maintainer \| true`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00			`end`

Support manually stopping any environment from the UI 2018-07-10 04:11:04 -04:00			`with_them do`
			`before do`
			`project.add_user(user, access_level) unless access_level.nil?`
			`end`

			`it { expect(policy.allowed?(:stop_environment)).to be allowed? }`
			`end`

			`context 'when an admin user' do`
			`let(:user) { create(:user, :admin) }`

			`it { expect(policy).to be_allowed :stop_environment }`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00			`end`
			`end`
Add latest changes from gitlab-org/gitlab@master 2020-03-25 05:08:11 -04:00
			`describe '#destroy_environment' do`
			`let(:environment) do`
			`create(:environment, project: project)`
			`end`

			`where(:access_level, :allowed?) do`
			`nil \| false`
			`:guest \| false`
			`:reporter \| false`
			`:developer \| true`
			`:maintainer \| true`
			`end`

			`with_them do`
			`before do`
			`project.add_user(user, access_level) unless access_level.nil?`
			`end`

			`it { expect(policy).to be_disallowed :destroy_environment }`

			`context 'when environment is stopped' do`
			`before do`
			`environment.stop!`
			`end`

			`it { expect(policy.allowed?(:destroy_environment)).to be allowed? }`
			`end`
			`end`

			`context 'when an admin user' do`
			`let(:user) { create(:user, :admin) }`

			`it { expect(policy).to be_disallowed :destroy_environment }`

			`context 'when environment is stopped' do`
			`before do`
			`environment.stop!`
			`end`

			`it { expect(policy).to be_allowed :destroy_environment }`
			`end`
			`end`
			`end`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00			`end`
Support manually stopping any environment from the UI 2018-07-10 04:11:04 -04:00
			`context 'when project is public' do`
			`let(:project) { create(:project, :public, :repository) }`

			`include_examples 'project permissions'`
			`end`

			`context 'when project is private' do`
			`let(:project) { create(:project, :private, :repository) }`

			`include_examples 'project permissions'`
			`end`
Add new ability check for stopping environment 2017-05-01 07:38:57 -04:00			`end`
			`end`