BigW Consortium Gitlab

projects_security_spec.rb 6.33 KB
Newer Older
gitlabhq committed
1 2 3
require 'spec_helper'

describe "Projects" do
Nihad Abbasov committed
4
  describe "GET /projects" do
gitlabhq committed
5 6 7 8 9
    it { projects_path.should be_allowed_for :admin }
    it { projects_path.should be_allowed_for :user }
    it { projects_path.should be_denied_for :visitor }
  end

Nihad Abbasov committed
10
  describe "GET /projects/new" do
gitlabhq committed
11 12 13 14 15 16
    it { projects_path.should be_allowed_for :admin }
    it { projects_path.should be_allowed_for :user }
    it { projects_path.should be_denied_for :visitor }
  end

  describe "Project" do
Nihad Abbasov committed
17
    before do
gitlabhq committed
18 19 20 21 22
      @project = Factory :project
      @u1 = Factory :user
      @u2 = Factory :user
      @u3 = Factory :user
      # full access
Dmitriy Zaporozhets committed
23
      @project.users_projects.create(:user => @u1, :project_access => Project::PROJECT_RWA)
gitlabhq committed
24
      # no access
Dmitriy Zaporozhets committed
25
      @project.users_projects.create(:user => @u2, :project_access => Project::PROJECT_N)
gitlabhq committed
26
      # readonly
Dmitriy Zaporozhets committed
27
      @project.users_projects.create(:user => @u3, :project_access => Project::PROJECT_R)
gitlabhq committed
28 29
    end

Nihad Abbasov committed
30
    describe "GET /project_code" do
gitlabhq committed
31 32 33 34 35 36 37 38
      it { project_path(@project).should be_allowed_for @u1 }
      it { project_path(@project).should be_allowed_for @u3 }
      it { project_path(@project).should be_denied_for :admin }
      it { project_path(@project).should be_denied_for @u2 }
      it { project_path(@project).should be_denied_for :user }
      it { project_path(@project).should be_denied_for :visitor }
    end

gitlabhq committed
39 40 41 42 43 44 45
    describe "GET /project_code/master/tree" do
      it { tree_project_ref_path(@project, @project.root_ref).should be_allowed_for @u1 }
      it { tree_project_ref_path(@project, @project.root_ref).should be_allowed_for @u3 }
      it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for :admin }
      it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for @u2 }
      it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for :user }
      it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for :visitor }
gitlabhq committed
46 47
    end

Nihad Abbasov committed
48
    describe "GET /project_code/commits" do
gitlabhq committed
49 50 51 52 53 54 55 56
      it { project_commits_path(@project).should be_allowed_for @u1 }
      it { project_commits_path(@project).should be_allowed_for @u3 }
      it { project_commits_path(@project).should be_denied_for :admin }
      it { project_commits_path(@project).should be_denied_for @u2 }
      it { project_commits_path(@project).should be_denied_for :user }
      it { project_commits_path(@project).should be_denied_for :visitor }
    end

Nihad Abbasov committed
57
    describe "GET /project_code/commit" do
58 59 60 61 62 63
      it { project_commit_path(@project, @project.commit.id).should be_allowed_for @u1 }
      it { project_commit_path(@project, @project.commit.id).should be_allowed_for @u3 }
      it { project_commit_path(@project, @project.commit.id).should be_denied_for :admin }
      it { project_commit_path(@project, @project.commit.id).should be_denied_for @u2 }
      it { project_commit_path(@project, @project.commit.id).should be_denied_for :user }
      it { project_commit_path(@project, @project.commit.id).should be_denied_for :visitor }
gitlabhq committed
64 65
    end

Nihad Abbasov committed
66
    describe "GET /project_code/team" do
gitlabhq committed
67 68 69 70 71 72 73 74
      it { team_project_path(@project).should be_allowed_for @u1 }
      it { team_project_path(@project).should be_allowed_for @u3 }
      it { team_project_path(@project).should be_denied_for :admin }
      it { team_project_path(@project).should be_denied_for @u2 }
      it { team_project_path(@project).should be_denied_for :user }
      it { team_project_path(@project).should be_denied_for :visitor }
    end

Nihad Abbasov committed
75
    describe "GET /project_code/wall" do
gitlabhq committed
76 77 78 79 80 81 82 83
      it { wall_project_path(@project).should be_allowed_for @u1 }
      it { wall_project_path(@project).should be_allowed_for @u3 }
      it { wall_project_path(@project).should be_denied_for :admin }
      it { wall_project_path(@project).should be_denied_for @u2 }
      it { wall_project_path(@project).should be_denied_for :user }
      it { wall_project_path(@project).should be_denied_for :visitor }
    end

Nihad Abbasov committed
84 85
    describe "GET /project_code/blob" do
      before do
gitlabhq committed
86 87
        @commit = @project.commit
        @path = @commit.tree.contents.select { |i| i.is_a?(Grit::Blob)}.first.name
gitlabhq committed
88
        @blob_path = blob_project_ref_path(@project, @commit.id, :path => @path)
gitlabhq committed
89 90 91 92 93 94 95 96
      end

      it { @blob_path.should be_allowed_for @u1 }
      it { @blob_path.should be_allowed_for @u3 }
      it { @blob_path.should be_denied_for :admin }
      it { @blob_path.should be_denied_for @u2 }
      it { @blob_path.should be_denied_for :user }
      it { @blob_path.should be_denied_for :visitor }
gitlabhq committed
97 98
    end

Nihad Abbasov committed
99
    describe "GET /project_code/edit" do
gitlabhq committed
100 101 102 103 104 105 106 107
      it { edit_project_path(@project).should be_allowed_for @u1 }
      it { edit_project_path(@project).should be_denied_for @u3 }
      it { edit_project_path(@project).should be_denied_for :admin }
      it { edit_project_path(@project).should be_denied_for @u2 }
      it { edit_project_path(@project).should be_denied_for :user }
      it { edit_project_path(@project).should be_denied_for :visitor }
    end

Nihad Abbasov committed
108
    describe "GET /project_code/issues" do
gitlabhq committed
109 110 111 112 113 114 115
      it { project_issues_path(@project).should be_allowed_for @u1 }
      it { project_issues_path(@project).should be_allowed_for @u3 }
      it { project_issues_path(@project).should be_denied_for :admin }
      it { project_issues_path(@project).should be_denied_for @u2 }
      it { project_issues_path(@project).should be_denied_for :user }
      it { project_issues_path(@project).should be_denied_for :visitor }
    end
gitlabhq committed
116

Nihad Abbasov committed
117
    describe "GET /project_code/snippets" do
gitlabhq committed
118 119 120 121 122 123 124
      it { project_snippets_path(@project).should be_allowed_for @u1 }
      it { project_snippets_path(@project).should be_allowed_for @u3 }
      it { project_snippets_path(@project).should be_denied_for :admin }
      it { project_snippets_path(@project).should be_denied_for @u2 }
      it { project_snippets_path(@project).should be_denied_for :user }
      it { project_snippets_path(@project).should be_denied_for :visitor }
    end
125 126 127 128 129 130 131 132 133

    describe "GET /project_code/merge_requests" do
      it { project_merge_requests_path(@project).should be_allowed_for @u1 }
      it { project_merge_requests_path(@project).should be_allowed_for @u3 }
      it { project_merge_requests_path(@project).should be_denied_for :admin }
      it { project_merge_requests_path(@project).should be_denied_for @u2 }
      it { project_merge_requests_path(@project).should be_denied_for :user }
      it { project_merge_requests_path(@project).should be_denied_for :visitor }
    end
gitlabhq committed
134 135
  end
end