Implement review comments for !12445 from @jneen.

- Fix duplicate `prevent` declaration - Add spec for `GlobalPolicy`
2017-07-03 05:14:00 +00:00 · 2017-07-03 05:14:00 +00:00 · 96e986327c
parent 5dedea358d
commit 96e986327c
2 changed files with 34 additions and 1 deletions
--- a/app/policies/global_policy.rb
+++ b/app/policies/global_policy.rb
@ -18,7 +18,6 @@ class GlobalPolicy < BasePolicy
    prevent :receive_notifications
    prevent :use_quick_actions
    prevent :create_group
-    prevent :log_in
  end

  rule { default }.policy do
--- a/spec/policies/global_policy_spec.rb
+++ b/spec/policies/global_policy_spec.rb
@ -0,0 +1,34 @@
+require 'spec_helper'
+
+describe GlobalPolicy, models: true do
+  let(:current_user) { create(:user) }
+  let(:user) { create(:user) }
+
+  subject { GlobalPolicy.new(current_user, [user]) }
+
+  describe "reading the list of users" do
+    context "for a logged in user" do
+      it { is_expected.to be_allowed(:read_users_list) }
+    end
+
+    context "for an anonymous user" do
+      let(:current_user) { nil }
+
+      context "when the public level is restricted" do
+        before do
+          stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
+        end
+
+        it { is_expected.not_to be_allowed(:read_users_list) }
+      end
+
+      context "when the public level is not restricted" do
+        before do
+          stub_application_setting(restricted_visibility_levels: [])
+        end
+
+        it { is_expected.to be_allowed(:read_users_list) }
+      end
+    end
+  end
+end