Authorize environments controller actions
This commit is contained in:
parent
e129f66d9e
commit
bb6f246790
|
@ -1,6 +1,8 @@
|
||||||
class Projects::EnvironmentsController < Projects::ApplicationController
|
class Projects::EnvironmentsController < Projects::ApplicationController
|
||||||
layout 'project'
|
layout 'project'
|
||||||
before_action :authorize_read_environment!
|
before_action :authorize_read_environment!
|
||||||
|
before_action :authorize_create_environment!, only: [:new, :create]
|
||||||
|
before_action :authorize_update_environment!, only: [:destroy]
|
||||||
before_action :environment, only: [:show, :destroy]
|
before_action :environment, only: [:show, :destroy]
|
||||||
|
|
||||||
def index
|
def index
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
= form_for @environment, url: namespace_project_environments_path(@project.namespace, @project), html: { id: "new-environment-form", class: "col-lg-9 js-new-environment-form js-requires-input" } do |f|
|
= form_for @environment, url: namespace_project_environments_path(@project.namespace, @project), html: { id: "new-environment-form", class: "col-lg-9 js-new-environment-form js-requires-input" } do |f|
|
||||||
= form_errors(@environment)
|
= form_errors(@environment)
|
||||||
.form-group
|
.form-group
|
||||||
= f.label :ref, 'Environment name', class: 'label-light'
|
= f.label :name, 'Environment name', class: 'label-light'
|
||||||
= f.text_field :name, required: true, class: 'form-control'
|
= f.text_field :name, required: true, class: 'form-control'
|
||||||
= f.submit 'Create environment', class: 'btn btn-create'
|
= f.submit 'Create environment', class: 'btn btn-create'
|
||||||
= link_to "Cancel", namespace_project_environments_path(@project.namespace, @project), class: "btn btn-cancel"
|
= link_to "Cancel", namespace_project_environments_path(@project.namespace, @project), class: "btn btn-cancel"
|
||||||
|
|
|
@ -9,6 +9,7 @@
|
||||||
|
|
||||||
.col-md-3
|
.col-md-3
|
||||||
.nav-controls
|
.nav-controls
|
||||||
|
- if can?(current_user, :update_environment, @project)
|
||||||
= link_to 'Destroy', namespace_project_environment_path(@project.namespace, @project, @environment), data: { confirm: 'Are you sure?' }, class: 'btn btn-danger', method: :delete
|
= link_to 'Destroy', namespace_project_environment_path(@project.namespace, @project, @environment), data: { confirm: 'Are you sure?' }, class: 'btn btn-danger', method: :delete
|
||||||
|
|
||||||
- if @deployments.blank?
|
- if @deployments.blank?
|
||||||
|
|
|
@ -175,6 +175,49 @@ describe "Public Project Access", feature: true do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe "GET /:project_path/environments" do
|
||||||
|
subject { namespace_project_environments_path(project.namespace, project) }
|
||||||
|
|
||||||
|
it { is_expected.to be_allowed_for :admin }
|
||||||
|
it { is_expected.to be_allowed_for owner }
|
||||||
|
it { is_expected.to be_allowed_for master }
|
||||||
|
it { is_expected.to be_allowed_for developer }
|
||||||
|
it { is_expected.to be_allowed_for reporter }
|
||||||
|
it { is_expected.to be_denied_for guest }
|
||||||
|
it { is_expected.to be_denied_for :user }
|
||||||
|
it { is_expected.to be_denied_for :external }
|
||||||
|
it { is_expected.to be_denied_for :visitor }
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "GET /:project_path/environments/:id" do
|
||||||
|
let(:environment) { create(:environment, project: project) }
|
||||||
|
subject { namespace_project_environments_path(project.namespace, project, environment) }
|
||||||
|
|
||||||
|
it { is_expected.to be_allowed_for :admin }
|
||||||
|
it { is_expected.to be_allowed_for owner }
|
||||||
|
it { is_expected.to be_allowed_for master }
|
||||||
|
it { is_expected.to be_allowed_for developer }
|
||||||
|
it { is_expected.to be_allowed_for reporter }
|
||||||
|
it { is_expected.to be_denied_for guest }
|
||||||
|
it { is_expected.to be_denied_for :user }
|
||||||
|
it { is_expected.to be_denied_for :external }
|
||||||
|
it { is_expected.to be_denied_for :visitor }
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "GET /:project_path/environments/new" do
|
||||||
|
subject { new_namespace_project_environment_path(project.namespace, project) }
|
||||||
|
|
||||||
|
it { is_expected.to be_allowed_for :admin }
|
||||||
|
it { is_expected.to be_allowed_for owner }
|
||||||
|
it { is_expected.to be_allowed_for master }
|
||||||
|
it { is_expected.to be_allowed_for developer }
|
||||||
|
it { is_expected.to be_denied_for reporter }
|
||||||
|
it { is_expected.to be_denied_for guest }
|
||||||
|
it { is_expected.to be_denied_for :user }
|
||||||
|
it { is_expected.to be_denied_for :external }
|
||||||
|
it { is_expected.to be_denied_for :visitor }
|
||||||
|
end
|
||||||
|
|
||||||
describe "GET /:project_path/blob" do
|
describe "GET /:project_path/blob" do
|
||||||
let(:commit) { project.repository.commit }
|
let(:commit) { project.repository.commit }
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue