From 6954d50fd3307f25f16ac06f21aebe37cb7059db Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Wed, 25 Sep 2013 14:04:16 +0300 Subject: [PATCH] Dashboard security specs --- .../security/dashboard_access_spec.rb | 55 +++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 spec/features/security/dashboard_access_spec.rb diff --git a/spec/features/security/dashboard_access_spec.rb b/spec/features/security/dashboard_access_spec.rb new file mode 100644 index 00000000000..adec5926c6f --- /dev/null +++ b/spec/features/security/dashboard_access_spec.rb @@ -0,0 +1,55 @@ +require 'spec_helper' + +describe "Dashboard access" do + describe "GET /dashboard" do + subject { dashboard_path } + + it { should be_allowed_for :admin } + it { should be_allowed_for :user } + it { should be_denied_for :visitor } + end + + describe "GET /dashboard/issues" do + subject { issues_dashboard_path } + + it { should be_allowed_for :admin } + it { should be_allowed_for :user } + it { should be_denied_for :visitor } + end + + describe "GET /dashboard/merge_requests" do + subject { merge_requests_dashboard_path } + + it { should be_allowed_for :admin } + it { should be_allowed_for :user } + it { should be_denied_for :visitor } + end + + describe "GET /dashboard/projects" do + subject { projects_dashboard_path } + + it { should be_allowed_for :admin } + it { should be_allowed_for :user } + it { should be_denied_for :visitor } + end + + describe "GET /help" do + subject { help_path } + + it { should be_allowed_for :admin } + it { should be_allowed_for :user } + it { should be_denied_for :visitor } + end + + describe "GET /projects/new" do + it { new_project_path.should be_allowed_for :admin } + it { new_project_path.should be_allowed_for :user } + it { new_project_path.should be_denied_for :visitor } + end + + describe "GET /groups/new" do + it { new_group_path.should be_allowed_for :admin } + it { new_group_path.should be_allowed_for :user } + it { new_group_path.should be_denied_for :visitor } + end +end