Authorize environments controller actions
This commit is contained in:
parent
e129f66d9e
commit
bb6f246790
|
@ -1,6 +1,8 @@
|
|||
class Projects::EnvironmentsController < Projects::ApplicationController
|
||||
layout 'project'
|
||||
before_action :authorize_read_environment!
|
||||
before_action :authorize_create_environment!, only: [:new, :create]
|
||||
before_action :authorize_update_environment!, only: [:destroy]
|
||||
before_action :environment, only: [:show, :destroy]
|
||||
|
||||
def index
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
= form_for @environment, url: namespace_project_environments_path(@project.namespace, @project), html: { id: "new-environment-form", class: "col-lg-9 js-new-environment-form js-requires-input" } do |f|
|
||||
= form_errors(@environment)
|
||||
.form-group
|
||||
= f.label :ref, 'Environment name', class: 'label-light'
|
||||
= f.label :name, 'Environment name', class: 'label-light'
|
||||
= f.text_field :name, required: true, class: 'form-control'
|
||||
= f.submit 'Create environment', class: 'btn btn-create'
|
||||
= link_to "Cancel", namespace_project_environments_path(@project.namespace, @project), class: "btn btn-cancel"
|
||||
|
|
|
@ -9,7 +9,8 @@
|
|||
|
||||
.col-md-3
|
||||
.nav-controls
|
||||
= link_to 'Destroy', namespace_project_environment_path(@project.namespace, @project, @environment), data: { confirm: 'Are you sure?' }, class: 'btn btn-danger', method: :delete
|
||||
- if can?(current_user, :update_environment, @project)
|
||||
= link_to 'Destroy', namespace_project_environment_path(@project.namespace, @project, @environment), data: { confirm: 'Are you sure?' }, class: 'btn btn-danger', method: :delete
|
||||
|
||||
- if @deployments.blank?
|
||||
%ul.content-list
|
||||
|
|
|
@ -175,6 +175,49 @@ describe "Public Project Access", feature: true do
|
|||
end
|
||||
end
|
||||
|
||||
describe "GET /:project_path/environments" do
|
||||
subject { namespace_project_environments_path(project.namespace, project) }
|
||||
|
||||
it { is_expected.to be_allowed_for :admin }
|
||||
it { is_expected.to be_allowed_for owner }
|
||||
it { is_expected.to be_allowed_for master }
|
||||
it { is_expected.to be_allowed_for developer }
|
||||
it { is_expected.to be_allowed_for reporter }
|
||||
it { is_expected.to be_denied_for guest }
|
||||
it { is_expected.to be_denied_for :user }
|
||||
it { is_expected.to be_denied_for :external }
|
||||
it { is_expected.to be_denied_for :visitor }
|
||||
end
|
||||
|
||||
describe "GET /:project_path/environments/:id" do
|
||||
let(:environment) { create(:environment, project: project) }
|
||||
subject { namespace_project_environments_path(project.namespace, project, environment) }
|
||||
|
||||
it { is_expected.to be_allowed_for :admin }
|
||||
it { is_expected.to be_allowed_for owner }
|
||||
it { is_expected.to be_allowed_for master }
|
||||
it { is_expected.to be_allowed_for developer }
|
||||
it { is_expected.to be_allowed_for reporter }
|
||||
it { is_expected.to be_denied_for guest }
|
||||
it { is_expected.to be_denied_for :user }
|
||||
it { is_expected.to be_denied_for :external }
|
||||
it { is_expected.to be_denied_for :visitor }
|
||||
end
|
||||
|
||||
describe "GET /:project_path/environments/new" do
|
||||
subject { new_namespace_project_environment_path(project.namespace, project) }
|
||||
|
||||
it { is_expected.to be_allowed_for :admin }
|
||||
it { is_expected.to be_allowed_for owner }
|
||||
it { is_expected.to be_allowed_for master }
|
||||
it { is_expected.to be_allowed_for developer }
|
||||
it { is_expected.to be_denied_for reporter }
|
||||
it { is_expected.to be_denied_for guest }
|
||||
it { is_expected.to be_denied_for :user }
|
||||
it { is_expected.to be_denied_for :external }
|
||||
it { is_expected.to be_denied_for :visitor }
|
||||
end
|
||||
|
||||
describe "GET /:project_path/blob" do
|
||||
let(:commit) { project.repository.commit }
|
||||
|
||||
|
|
Loading…
Reference in New Issue