Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
gitlab-ce
Commits
f1fd4787
Commit
f1fd4787
authored
Sep 25, 2013
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'epic/public_projects' of /home/git/repositories/gitlab/gitlabhq
parents
a3c80673
e8292e73
Changes
38
Show whitespace changes
Inline
Side-by-side
Showing
38 changed files
with
871 additions
and
674 deletions
+871
-674
CHANGELOG
CHANGELOG
+3
-0
VERSION
VERSION
+1
-1
app/assets/images/login-logo.png
app/assets/images/login-logo.png
+0
-0
app/assets/stylesheets/common.scss
app/assets/stylesheets/common.scss
+5
-0
app/assets/stylesheets/sections/login.scss
app/assets/stylesheets/sections/login.scss
+3
-2
app/assets/stylesheets/sections/projects.scss
app/assets/stylesheets/sections/projects.scss
+8
-16
app/controllers/profiles_controller.rb
app/controllers/profiles_controller.rb
+3
-3
app/controllers/projects/application_controller.rb
app/controllers/projects/application_controller.rb
+22
-1
app/controllers/projects/hooks_controller.rb
app/controllers/projects/hooks_controller.rb
+1
-2
app/controllers/projects/snippets_controller.rb
app/controllers/projects/snippets_controller.rb
+0
-2
app/controllers/projects/team_members_controller.rb
app/controllers/projects/team_members_controller.rb
+1
-2
app/controllers/projects_controller.rb
app/controllers/projects_controller.rb
+15
-7
app/controllers/public/projects_controller.rb
app/controllers/public/projects_controller.rb
+0
-13
app/helpers/application_helper.rb
app/helpers/application_helper.rb
+2
-0
app/helpers/projects_helper.rb
app/helpers/projects_helper.rb
+16
-0
app/models/ability.rb
app/models/ability.rb
+31
-12
app/models/group.rb
app/models/group.rb
+4
-0
app/views/layouts/_public_head_panel.html.haml
app/views/layouts/_public_head_panel.html.haml
+22
-0
app/views/layouts/devise.html.haml
app/views/layouts/devise.html.haml
+6
-1
app/views/layouts/public.html.haml
app/views/layouts/public.html.haml
+3
-20
app/views/layouts/public_projects.html.haml
app/views/layouts/public_projects.html.haml
+9
-0
app/views/projects/_clone_panel.html.haml
app/views/projects/_clone_panel.html.haml
+35
-34
app/views/projects/commits/_head.html.haml
app/views/projects/commits/_head.html.haml
+1
-1
app/views/projects/empty.html.haml
app/views/projects/empty.html.haml
+2
-2
app/views/projects/issues/_head.html.haml
app/views/projects/issues/_head.html.haml
+4
-3
app/views/projects/notes/_note.html.haml
app/views/projects/notes/_note.html.haml
+1
-1
app/views/public/projects/_tree.html.haml
app/views/public/projects/_tree.html.haml
+0
-5
app/views/public/projects/index.html.haml
app/views/public/projects/index.html.haml
+22
-11
app/views/public/projects/show.html.haml
app/views/public/projects/show.html.haml
+0
-49
config/routes.rb
config/routes.rb
+0
-2
features/public/public_projects.feature
features/public/public_projects.feature
+4
-5
features/steps/public/projects_feature.rb
features/steps/public/projects_feature.rb
+13
-5
spec/features/security/dashboard_access_spec.rb
spec/features/security/dashboard_access_spec.rb
+55
-0
spec/features/security/group_access_spec.rb
spec/features/security/group_access_spec.rb
+83
-0
spec/features/security/profile_access_spec.rb
spec/features/security/profile_access_spec.rb
+27
-0
spec/features/security/project/private_access_spec.rb
spec/features/security/project/private_access_spec.rb
+218
-0
spec/features/security/project/public_access_spec.rb
spec/features/security/project/public_access_spec.rb
+251
-0
spec/features/security/project_access_spec.rb
spec/features/security/project_access_spec.rb
+0
-474
No files found.
CHANGELOG
View file @
f1fd4787
v 6.2.0
- Public projects are visible from the outside
v 6.1.0
v 6.1.0
- Project specific IDs for issues, mr, milestones
- Project specific IDs for issues, mr, milestones
Above items will get a new id and for example all bookmarked issue urls will change.
Above items will get a new id and for example all bookmarked issue urls will change.
...
...
VERSION
View file @
f1fd4787
6.
1.0
6.
2.0.pre
app/assets/images/login-logo.png
deleted
100644 → 0
View file @
a3c80673
9.97 KB
app/assets/stylesheets/common.scss
View file @
f1fd4787
...
@@ -382,3 +382,8 @@ table {
...
@@ -382,3 +382,8 @@ table {
width
:
50px
;
width
:
50px
;
min-height
:
100px
;
min-height
:
100px
;
}
}
.navbar-gitlab
.navbar-inner
.nav
>
li
.btn-sign-in
{
@extend
.btn-new
;
padding
:
5px
15px
;
}
app/assets/stylesheets/sections/login.scss
View file @
f1fd4787
/* Login Page */
/* Login Page */
body
.login-page
{
body
.login-page
{
background
:
#474D57
;
.container
>
.content
{
.container
.content
{
padding-top
:
4%
;
}
padding-top
:
20px
;
}
}
}
.login-box
{
.login-box
{
...
...
app/assets/stylesheets/sections/projects.scss
View file @
f1fd4787
...
@@ -79,21 +79,6 @@ ul.nav.nav-projects-tabs {
...
@@ -79,21 +79,6 @@ ul.nav.nav-projects-tabs {
margin
:
0px
;
margin
:
0px
;
}
}
.public-projects
{
li
{
.project-title
{
font-size
:
14px
;
line-height
:
2
;
font-weight
:
normal
;
}
.description
{
margin-left
:
15px
;
color
:
#aaa
;
}
}
}
.my-projects
{
.my-projects
{
li
{
li
{
.project-title
{
.project-title
{
...
@@ -110,7 +95,6 @@ ul.nav.nav-projects-tabs {
...
@@ -110,7 +95,6 @@ ul.nav.nav-projects-tabs {
}
}
}
}
.public-clone
{
.public-clone
{
background
:
#333
;
background
:
#333
;
color
:
#f5f5f5
;
color
:
#f5f5f5
;
...
@@ -123,3 +107,11 @@ ul.nav.nav-projects-tabs {
...
@@ -123,3 +107,11 @@ ul.nav.nav-projects-tabs {
position
:
relative
;
position
:
relative
;
top
:
-5px
;
top
:
-5px
;
}
}
.public-projects
.repo-info
{
color
:
#777
;
a
{
color
:
#777
;
}
}
app/controllers/profiles_controller.rb
View file @
f1fd4787
...
@@ -33,8 +33,8 @@ class ProfilesController < ApplicationController
...
@@ -33,8 +33,8 @@ class ProfilesController < ApplicationController
end
end
def
update_password
def
update_password
pa
rams
[
:user
].
select!
do
|
key
,
value
|
pa
ssword_attributes
=
params
[
:user
].
select
do
|
key
,
value
|
%w(
current_password
password password_confirmation)
.
include?
(
key
.
to_s
)
%w(password password_confirmation)
.
include?
(
key
.
to_s
)
end
end
unless
@user
.
valid_password?
(
params
[
:user
][
:current_password
])
unless
@user
.
valid_password?
(
params
[
:user
][
:current_password
])
...
@@ -42,7 +42,7 @@ class ProfilesController < ApplicationController
...
@@ -42,7 +42,7 @@ class ProfilesController < ApplicationController
return
return
end
end
if
@user
.
update_attributes
(
pa
rams
[
:user
]
)
if
@user
.
update_attributes
(
pa
ssword_attributes
)
flash
[
:notice
]
=
"Password was successfully updated. Please login with it"
flash
[
:notice
]
=
"Password was successfully updated. Please login with it"
redirect_to
new_user_session_path
redirect_to
new_user_session_path
else
else
...
...
app/controllers/projects/application_controller.rb
View file @
f1fd4787
class
Projects::ApplicationController
<
ApplicationController
class
Projects::ApplicationController
<
ApplicationController
before_filter
:project
before_filter
:project
before_filter
:repository
before_filter
:repository
layout
'projects'
layout
:determine_layout
def
authenticate_user!
# Restrict access to Projects area only
# for non-signed users
if
!
current_user
id
=
params
[
:project_id
]
||
params
[
:id
]
@project
=
Project
.
find_with_namespace
(
id
)
return
if
@project
&&
@project
.
public
end
super
end
def
determine_layout
if
current_user
'projects'
else
'public_projects'
end
end
end
end
app/controllers/projects/hooks_controller.rb
View file @
f1fd4787
class
Projects::HooksController
<
Projects
::
ApplicationController
class
Projects::HooksController
<
Projects
::
ApplicationController
# Authorize
# Authorize
before_filter
:authorize_read_project!
before_filter
:authorize_admin_project!
before_filter
:authorize_admin_project!
,
only:
[
:new
,
:create
,
:destroy
]
respond_to
:html
respond_to
:html
...
...
app/controllers/projects/snippets_controller.rb
View file @
f1fd4787
...
@@ -14,8 +14,6 @@ class Projects::SnippetsController < Projects::ApplicationController
...
@@ -14,8 +14,6 @@ class Projects::SnippetsController < Projects::ApplicationController
# Allow destroy snippet
# Allow destroy snippet
before_filter
:authorize_admin_project_snippet!
,
only:
[
:destroy
]
before_filter
:authorize_admin_project_snippet!
,
only:
[
:destroy
]
layout
'projects'
respond_to
:html
respond_to
:html
def
index
def
index
...
...
app/controllers/projects/team_members_controller.rb
View file @
f1fd4787
class
Projects::TeamMembersController
<
Projects
::
ApplicationController
class
Projects::TeamMembersController
<
Projects
::
ApplicationController
# Authorize
# Authorize
before_filter
:authorize_read_project!
before_filter
:authorize_admin_project!
before_filter
:authorize_admin_project!
,
except:
[
:index
,
:show
]
layout
"project_settings"
layout
"project_settings"
...
...
app/controllers/projects_controller.rb
View file @
f1fd4787
class
ProjectsController
<
Projects
::
ApplicationController
class
ProjectsController
<
ApplicationController
skip_before_filter
:project
,
only:
[
:new
,
:create
]
skip_before_filter
:authenticate_user!
,
only:
[
:show
]
skip_before_filter
:repository
,
only:
[
:new
,
:create
]
before_filter
:project
,
except:
[
:new
,
:create
]
before_filter
:repository
,
except:
[
:new
,
:create
]
# Authorize
# Authorize
before_filter
:authorize_read_project!
,
except:
[
:index
,
:new
,
:create
]
before_filter
:authorize_read_project!
,
except:
[
:index
,
:new
,
:create
]
...
@@ -54,8 +55,9 @@ class ProjectsController < Projects::ApplicationController
...
@@ -54,8 +55,9 @@ class ProjectsController < Projects::ApplicationController
end
end
def
show
def
show
limit
=
(
params
[
:limit
]
||
20
).
to_i
return
authenticate_user!
unless
@project
.
public
||
current_user
limit
=
(
params
[
:limit
]
||
20
).
to_i
@events
=
@project
.
events
.
recent
@events
=
@project
.
events
.
recent
@events
=
event_filter
.
apply_filter
(
@events
)
@events
=
event_filter
.
apply_filter
(
@events
)
@events
=
@events
.
limit
(
limit
).
offset
(
params
[
:offset
]
||
0
)
@events
=
@events
.
limit
(
limit
).
offset
(
params
[
:offset
]
||
0
)
...
@@ -67,10 +69,12 @@ class ProjectsController < Projects::ApplicationController
...
@@ -67,10 +69,12 @@ class ProjectsController < Projects::ApplicationController
respond_to
do
|
format
|
respond_to
do
|
format
|
format
.
html
do
format
.
html
do
if
@project
.
empty_repo?
if
@project
.
empty_repo?
render
"projects/empty"
render
"projects/empty"
,
layout:
user_layout
else
else
if
current_user
@last_push
=
current_user
.
recent_push
(
@project
.
id
)
@last_push
=
current_user
.
recent_push
(
@project
.
id
)
render
:show
end
render
:show
,
layout:
user_layout
end
end
end
end
format
.
js
format
.
js
...
@@ -121,4 +125,8 @@ class ProjectsController < Projects::ApplicationController
...
@@ -121,4 +125,8 @@ class ProjectsController < Projects::ApplicationController
def
set_title
def
set_title
@title
=
'New Project'
@title
=
'New Project'
end
end
def
user_layout
current_user
?
"projects"
:
"public_projects"
end
end
end
app/controllers/public/projects_controller.rb
View file @
f1fd4787
...
@@ -10,17 +10,4 @@ class Public::ProjectsController < ApplicationController
...
@@ -10,17 +10,4 @@ class Public::ProjectsController < ApplicationController
@projects
=
@projects
.
search
(
params
[
:search
])
if
params
[
:search
].
present?
@projects
=
@projects
.
search
(
params
[
:search
])
if
params
[
:search
].
present?
@projects
=
@projects
.
includes
(
:namespace
).
order
(
"namespaces.path, projects.name ASC"
).
page
(
params
[
:page
]).
per
(
20
)
@projects
=
@projects
.
includes
(
:namespace
).
order
(
"namespaces.path, projects.name ASC"
).
page
(
params
[
:page
]).
per
(
20
)
end
end
def
show
@project
=
Project
.
public_only
.
find_with_namespace
(
params
[
:id
])
render_404
and
return
unless
@project
@repository
=
@project
.
repository
unless
@project
.
empty_repo?
@recent_tags
=
@repository
.
tags
.
first
(
10
)
@commit
=
@repository
.
commit
(
params
[
:ref
])
@tree
=
Tree
.
new
(
@repository
,
@commit
.
id
)
end
end
end
end
app/helpers/application_helper.rb
View file @
f1fd4787
...
@@ -90,6 +90,8 @@ module ApplicationHelper
...
@@ -90,6 +90,8 @@ module ApplicationHelper
end
end
def
search_autocomplete_source
def
search_autocomplete_source
return
unless
current_user
projects
=
current_user
.
authorized_projects
.
map
{
|
p
|
{
label:
"project:
#{
simple_sanitize
(
p
.
name_with_namespace
)
}
"
,
url:
project_path
(
p
)
}
}
projects
=
current_user
.
authorized_projects
.
map
{
|
p
|
{
label:
"project:
#{
simple_sanitize
(
p
.
name_with_namespace
)
}
"
,
url:
project_path
(
p
)
}
}
groups
=
current_user
.
authorized_groups
.
map
{
|
group
|
{
label:
"group:
#{
simple_sanitize
(
group
.
name
)
}
"
,
url:
group_path
(
group
)
}
}
groups
=
current_user
.
authorized_groups
.
map
{
|
group
|
{
label:
"group:
#{
simple_sanitize
(
group
.
name
)
}
"
,
url:
group_path
(
group
)
}
}
...
...
app/helpers/projects_helper.rb
View file @
f1fd4787
...
@@ -103,4 +103,20 @@ module ProjectsHelper
...
@@ -103,4 +103,20 @@ module ProjectsHelper
nav_tabs
.
flatten
nav_tabs
.
flatten
end
end
def
git_user_name
if
current_user
current_user
.
name
else
"Your name"
end
end
def
git_user_email
if
current_user
current_user
.
email
else
"your@email.com"
end
end
end
end
app/models/ability.rb
View file @
f1fd4787
class
Ability
class
Ability
class
<<
self
class
<<
self
def
allowed
(
user
,
subject
)
def
allowed
(
user
,
subject
)
return
not_auth_abilities
(
user
,
subject
)
if
user
.
nil?
return
[]
unless
user
.
kind_of?
(
User
)
return
[]
unless
user
.
kind_of?
(
User
)
return
[]
if
user
.
blocked?
return
[]
if
user
.
blocked?
...
@@ -17,6 +18,34 @@ class Ability
...
@@ -17,6 +18,34 @@ class Ability
end
.
concat
(
global_abilities
(
user
))
end
.
concat
(
global_abilities
(
user
))
end
end
# List of possible abilities
# for non-authenticated user
def
not_auth_abilities
(
user
,
subject
)
project
=
if
subject
.
kind_of?
(
Project
)
subject
elsif
subject
.
respond_to?
(
:project
)
subject
.
project
else
nil
end
if
project
&&
project
.
public
[
:read_project
,
:read_wiki
,
:read_issue
,
:read_milestone
,
:read_project_snippet
,
:read_team_member
,
:read_merge_request
,
:read_note
,
:download_code
]
else
[]
end
end
def
global_abilities
(
user
)
def
global_abilities
(
user
)
rules
=
[]
rules
=
[]
rules
<<
:create_group
if
user
.
can_create_group
rules
<<
:create_group
if
user
.
can_create_group
...
@@ -58,19 +87,9 @@ class Ability
...
@@ -58,19 +87,9 @@ class Ability
end
end
def
public_project_rules
def
public_project_rules
[
project_guest_rules
+
[
:download_code
,
:download_code
,
:fork_project
,
:fork_project
,
:read_project
,
:read_wiki
,
:read_issue
,
:read_milestone
,
:read_project_snippet
,
:read_team_member
,
:read_merge_request
,
:read_note
,
:write_issue
,
:write_note
]
]
end
end
...
@@ -135,7 +154,7 @@ class Ability
...
@@ -135,7 +154,7 @@ class Ability
def
group_abilities
user
,
group
def
group_abilities
user
,
group
rules
=
[]
rules
=
[]
if
group
.
users
.
include?
(
user
)
if
group
.
users
.
include?
(
user
)
||
user
.
admin?
rules
<<
:read_group
rules
<<
:read_group
end
end
...
...
app/models/group.rb
View file @
f1fd4787
...
@@ -32,6 +32,10 @@ class Group < Namespace
...
@@ -32,6 +32,10 @@ class Group < Namespace
end
end
end
end
def
add_user
(
user
,
group_access
)
self
.
users_groups
.
create
(
user_id:
user
.
id
,
group_access:
group_access
)
end
def
change_owner
(
user
)
def
change_owner
(
user
)
self
.
owner
=
user
self
.
owner
=
user
membership
=
users_groups
.
where
(
user_id:
user
.
id
).
first
membership
=
users_groups
.
where
(
user_id:
user
.
id
).
first
...
...
app/views/layouts/_public_head_panel.html.haml
0 → 100644
View file @
f1fd4787
%header
.navbar.navbar-static-top.navbar-gitlab
.navbar-inner
.container
%div
.app_logo
%span
.separator
=
link_to
public_root_path
,
class:
"home"
do
%h1
GITLAB
%span
.separator
%h1
.project_name
-
if
@project
=
project_title
(
@project
)
-
else
Public Projects
%ul
.nav
%li
%a
%div
.hide.turbolink-spinner
%i
.icon-refresh.icon-spin
Loading...
%li
=
link_to
"Sign in"
,
new_session_path
(
:user
),
class:
'btn btn-sign-in'
app/views/layouts/devise.html.haml
View file @
f1fd4787
...
@@ -6,5 +6,10 @@
...
@@ -6,5 +6,10 @@
.container
.container
.content
.content
%center
%center
=
image_tag
image_path
"login-logo.png"
%h1
GitLab
%p
.light
GitLab is open source software to collaborate on code.
%br
#{
link_to
"Sign in"
,
new_user_session_path
}
or browse for
#{
link_to
"public projects"
,
public_projects_path
}
.
%hr
=
yield
=
yield
app/views/layouts/public.html.haml
View file @
f1fd4787
!!! 5
!!! 5
%html
{
lang:
"en"
}
%html
{
lang:
"en"
}
=
render
"layouts/head"
,
title:
"Public Projects"
=
render
"layouts/head"
,
title:
"Public Projects"
%body
{
class:
"
#{app_theme}
application"
,
:'data-page'
=>
body_data_page
}
%body
{
class:
"
ui_mars
application"
,
:'data-page'
=>
body_data_page
}
-
if
current_user
-
if
current_user
=
render
"layouts/head_panel"
,
title:
"Public Projects"
=
render
"layouts/head_panel"
,
title:
"Public Projects"
-
else
-
else
%header
.navbar.navbar-static-top.navbar-gitlab
=
render
"layouts/public_head_panel"
.navbar-inner
.container
%div
.app_logo
%span
.separator
=
link_to
public_root_path
,
class:
"home"
do
%h1
GITLAB
%span
.separator
%h1
.project_name
Public Projects
%ul
.nav
%li
%a
%div
.hide.turbolink-spinner
%i
.icon-refresh.icon-spin
Loading...
%li
=
link_to
"Sign in"
,
new_session_path
(
:user
)
.container.navless-container
.container.navless-container
.content
.content
=
yield
=
yield
app/views/layouts/public_projects.html.haml
0 → 100644
View file @
f1fd4787
!!! 5
%html
{
lang:
"en"
}
=
render
"layouts/head"
,
title:
@project
.
name_with_namespace
%body
{
class:
"ui_mars application"
,
:'data-page'
=>
body_data_page
}
=
render
"layouts/public_head_panel"
%nav
.main-nav
.container
=
render
'layouts/nav/project'
.container
.content
=
yield
app/views/projects/_clone_panel.html.haml
View file @
f1fd4787
...
@@ -5,7 +5,7 @@
...
@@ -5,7 +5,7 @@
.span3.pull-right
.span3.pull-right
.pull-right
.pull-right
-
unless
@project
.
empty_repo?
-
unless
@project
.
empty_repo?
-
if
can?
(
current_user
,
:fork_project
,
@project
)
&&
@project
.
namespace
!=
current_user
.
namespace
-
if
c
urrent_user
&&
c
an?
(
current_user
,
:fork_project
,
@project
)
&&
@project
.
namespace
!=
current_user
.
namespace
-
if
current_user
.
already_forked?
(
@project
)
-
if
current_user
.
already_forked?
(
@project
)
=
link_to
project_path
(
current_user
.
fork_of
(
@project
)),
class:
'btn grouped disabled'
do
=
link_to
project_path
(
current_user
.
fork_of
(
@project
)),
class:
'btn grouped disabled'
do
%i
.icon-code-fork
%i
.icon-code-fork
...
@@ -19,6 +19,7 @@
...
@@ -19,6 +19,7 @@
%i
.icon-download-alt
%i
.icon-download-alt
%span
.only-wide
Download
%span
.only-wide
Download
-
if
current_user
.dropdown.pull-right
.dropdown.pull-right
%a
.dropdown-toggle.btn
{
href:
'#'
,
"data-toggle"
=>
"dropdown"
}
%a
.dropdown-toggle.btn
{
href:
'#'
,
"data-toggle"
=>
"dropdown"
}
%i
.icon-plus-sign-alt
%i
.icon-plus-sign-alt
...
...
app/views/projects/commits/_head.html.haml
View file @
f1fd4787
...
@@ -21,7 +21,7 @@
...
@@ -21,7 +21,7 @@
Stats
Stats
-
if
current_controller?
(
:commits
)
&&
current_user
.
private_token
-
if
current_
user
&&
current_
controller?
(
:commits
)
&&
current_user
.
private_token
%li
.pull-right
%li
.pull-right
=
link_to
project_commits_path
(
@project
,
@ref
,
{
format: :atom
,
private_token:
current_user
.
private_token
}),
title:
"Feed"
do
=
link_to
project_commits_path
(
@project
,
@ref
,
{
format: :atom
,
private_token:
current_user
.
private_token
}),
title:
"Feed"
do
%i
.icon-rss
%i
.icon-rss
app/views/projects/empty.html.haml
View file @
f1fd4787
...
@@ -16,8 +16,8 @@
...
@@ -16,8 +16,8 @@
%legend
Git global setup:
%legend
Git global setup:
%pre
.dark
%pre
.dark
:preserve
:preserve
git config --global user.name "
#{
current_user
.
name
}
"
git config --global user.name "
#{
git_user_
name
}
"
git config --global user.email "
#{
current_user
.
email
}
"
git config --global user.email "
#{
git_user_
email
}
"
%fieldset
%fieldset
%legend
Create Repository
%legend
Create Repository
...
...
app/views/projects/issues/_head.html.haml
View file @
f1fd4787
...
@@ -5,6 +5,7 @@
...
@@ -5,6 +5,7 @@
=
link_to
'Milestones'
,
project_milestones_path
(
@project
),
class:
"tab"
=
link_to
'Milestones'
,
project_milestones_path
(
@project
),
class:
"tab"
=
nav_link
(
controller: :labels
)
do
=
nav_link
(
controller: :labels
)
do
=
link_to
'Labels'
,
project_labels_path
(
@project
),
class:
"tab"
=
link_to
'Labels'
,
project_labels_path
(
@project
),
class:
"tab"
-
if
current_user
%li
.pull-right
%li
.pull-right
=
link_to
project_issues_path
(
@project
,
:atom
,
{
private_token:
current_user
.
private_token
})
do
=
link_to
project_issues_path
(
@project
,
:atom
,
{
private_token:
current_user
.
private_token
})
do
%i
.icon-rss
%i
.icon-rss
app/views/projects/notes/_note.html.haml
View file @
f1fd4787
...
@@ -5,7 +5,7 @@
...
@@ -5,7 +5,7 @@
%i
.icon-link
%i
.icon-link
Link here
Link here
-
if
(
note
.
author_id
==
current_user
.
id
)
||
can?
(
current_user
,
:admin_note
,
@project
)
-
if
(
note
.
author_id
==
current_user
.
try
(
:id
)
)
||
can?
(
current_user
,
:admin_note
,
@project
)
=
link_to
"#"
,
title:
"Edit comment"
,
class:
"js-note-edit"
do
=
link_to
"#"
,
title:
"Edit comment"
,
class:
"js-note-edit"
do
%i
.icon-edit
%i
.icon-edit
Edit
Edit
...
...
app/views/public/projects/_tree.html.haml
deleted
100644 → 0
View file @
a3c80673
-
if
tree
.
readme
=
render
"projects/tree/readme"
,
readme:
tree
.
readme
-
else
.alert
%h3
.nothing_here_message
This project does not have README file
app/views/public/projects/index.html.haml
View file @
f1fd4787
...
@@ -2,29 +2,40 @@
...
@@ -2,29 +2,40 @@
.span6
.span6
%h3
.page-title
%h3
.page-title
Projects (
#{
@projects
.
total_count
}
)
Projects (
#{
@projects
.
total_count
}
)
%small
with read-only access
.light
You can browse public projects in read-only mode until signed in.
.span6
.span6
.pull-right
.pull-right
=
form_tag
public_projects_path
,
method: :get
,
class:
'form-inline'
do
|
f
|
=
form_tag
public_projects_path
,
method: :get
,
class:
'form-inline'
do
|
f
|
.search-holder
.search-holder
.controls
=
search_field_tag
:search
,
params
[
:search
],
placeholder:
"Filter by name"
,
class:
"span3 search-text-input"
,
id:
"projects_search"
=
search_field_tag
:search
,
params
[
:search
],
placeholder:
"Filter by name"
,
class:
"span3 search-text-input"
,
id:
"projects_search"
=
submit_tag
'Search'
,
class:
"btn btn-primary wide"
=
submit_tag
'Search'
,
class:
"btn btn-primary wide"
%hr
.public-projects
.public-projects
%ul
.bordered-list
%ul
.bordered-list
.top-list
-
@projects
.
each
do
|
project
|
-
@projects
.
each
do
|
project
|
%li
%li
.project-title
%h4
%i
.icon-share.cgray
=
link_to
project_path
(
project
)
do
=
link_to
public_project_path
(
project
)
do
=
project
.
name_with_namespace
%strong
=
project
.
name_with_namespace
.pull-right
.pull-right
%pre
.public-clone
git clone
#{
project
.
http_url_to_repo
}
%pre
.public-clone
git clone
#{
project
.
http_url_to_repo
}
-
if
project
.
description
.
present?
-
if
project
.
description
.
present?
%
div
.description
%
p
=
project
.
description
=
project
.
description
.repo-info
-
unless
project
.
empty_repo?
=
link_to
pluralize
(
project
.
repository
.
round_commit_count
,
'commit'
),
project_commits_path
(
project
,
project
.
default_branch
)
·
=
link_to
pluralize
(
project
.
repository
.
branch_names
.
count
,
'branch'
),
project_branches_path
(
project
)
·
=
link_to
pluralize
(
project
.
repository
.
tag_names
.
count
,
'tag'
),
project_tags_path
(
project
)
-
else
%i
.icon-warning-sign
Empty repository
-
unless
@projects
.
present?
-
unless
@projects
.
present?
%h3
.nothing_here_message
No public projects
%h3
.nothing_here_message
No public projects
...
...
app/views/public/projects/show.html.haml
deleted
100644 → 0
View file @
a3c80673
%h3
.page-title
=
@project
.
name_with_namespace
.pull-right
%pre
.public-clone
git clone
#{
@project
.
http_url_to_repo
}
.pull-right
-
if
current_user
=
link_to
'Browse project'
,
@project
,
class:
'btn btn-create append-right-10'
%div
=
link_to
public_root_path
do
←
To projects list
.pull-right
%span
.light
=
@project
.
description
%br
.row
-
unless
@project
.
empty_repo?
.span9
=
render
'tree'
,
tree:
@tree
.span3
%h5
Repository:
%div
%p
%span
.light
Bare size is
#{
@project
.
repository
.
size
}
MB
%p
=
pluralize
(
@repository
.
round_commit_count
,
'commit'
)
%p
=
pluralize
(
@repository
.
branch_names
.
count
,
'branch'
)
%p
=
pluralize
(
@repository
.
tag_names
.
count
,
'tag'
)
-
if
@recent_tags
.
present?
%hr
%h5
Most Recent Tags:
%ul
.unstyled
-
@recent_tags
.
each
do
|
tag
|
%li
%p
%i
.icon-tag
%strong
=
tag
.
name
%small
.light.pull-right
%i
.icon-calendar
=
time_ago_in_words
(
tag
.
commit
.
committed_date
)
ago
-
else
=
'Empty Repository'
config/routes.rb
View file @
f1fd4787
...
@@ -55,8 +55,6 @@ Gitlab::Application.routes.draw do
...
@@ -55,8 +55,6 @@ Gitlab::Application.routes.draw do
#
#
namespace
:public
do
namespace
:public
do
resources
:projects
,
only:
[
:index
]
resources
:projects
,
only:
[
:index
]
resources
:projects
,
constraints:
{
id:
/[a-zA-Z.\/0-9_\-]+/
},
only:
[
:show
]
root
to:
"projects#index"
root
to:
"projects#index"
end
end
...
...
features/public/public_projects.feature
View file @
f1fd4787
...
@@ -9,11 +9,10 @@ Feature: Public Projects Feature
...
@@ -9,11 +9,10 @@ Feature: Public Projects Feature
And
I should not see project
"Enterprise"
And
I should not see project
"Enterprise"
Scenario
:
I
visit public project page
Scenario
:
I
visit public project page
When
I visit public page for
"Community"
project
When
I visit project
"Community"
page
Then
I should see public project details
Then
I should see project
"Community"
home page
And
I should see project readme
Scenario
:
I
visit an empty public project page
Scenario
:
I
visit an empty public project page
Given
public empty project
"Empty Public Project"
Given
public empty project
"Empty Public Project"
When
I visit empty p
ublic p
roject page
When
I visit empty project page
Then
I should see empty public project details
Then
I should see empty public project details
features/steps/public/projects_feature.rb
View file @
f1fd4787
...
@@ -11,7 +11,6 @@ class Spinach::Features::PublicProjectsFeature < Spinach::FeatureSteps
...
@@ -11,7 +11,6 @@ class Spinach::Features::PublicProjectsFeature < Spinach::FeatureSteps
step
'I should see project "Empty Public Project"'
do
step
'I should see project "Empty Public Project"'
do
page
.
should
have_content
"Empty Public Project"
page
.
should
have_content
"Empty Public Project"
puts
page
.
save_page
(
'foo.html'
)
end
end
step
'I should see public project details'
do
step
'I should see public project details'
do
...
@@ -24,26 +23,35 @@ class Spinach::Features::PublicProjectsFeature < Spinach::FeatureSteps
...
@@ -24,26 +23,35 @@ class Spinach::Features::PublicProjectsFeature < Spinach::FeatureSteps
end
end
step
'public project "Community"'
do
step
'public project "Community"'
do
create
:project_with_code
,
name:
'Community'
,
public:
true
create
:project_with_code
,
name:
'Community'
,
public:
true
,
default_branch:
'master'
end
end
step
'public empty project "Empty Public Project"'
do
step
'public empty project "Empty Public Project"'
do
create
:project
,
name:
'Empty Public Project'
,
public:
true
create
:project
,
name:
'Empty Public Project'
,
public:
true
end
end
step
'I visit empty p
ublic p
roject page'
do
step
'I visit empty project page'
do
project
=
Project
.
find_by_name
(
'Empty Public Project'
)
project
=
Project
.
find_by_name
(
'Empty Public Project'
)
visit
public_project_path
(
project
)
visit
project_path
(
project
)
end
step
'I visit project "Community" page'
do
project
=
Project
.
find_by_name
(
'Community'
)
visit
project_path
(
project
)
end
end
step
'I should see empty public project details'
do
step
'I should see empty public project details'
do
page
.
should
have_content
'
Empty Repository
'
page
.
should
have_content
'
Git global setup
'
end
end
step
'private project "Enterprise"'
do
step
'private project "Enterprise"'
do
create
:project
,
name:
'Enterprise'
create
:project
,
name:
'Enterprise'
end
end
step
'I should see project "Community" home page'
do
page
.
should
have_content
'Repo size is'
end
private
private
def
project
def
project
...
...
spec/features/security/dashboard_access_spec.rb
0 → 100644
View file @
f1fd4787
require
'spec_helper'
describe
"Dashboard access"
do
describe
"GET /dashboard"
do
subject
{
dashboard_path
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /dashboard/issues"
do
subject
{
issues_dashboard_path
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /dashboard/merge_requests"
do
subject
{
merge_requests_dashboard_path
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /dashboard/projects"
do
subject
{
projects_dashboard_path
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /help"
do
subject
{
help_path
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /projects/new"
do
it
{
new_project_path
.
should
be_allowed_for
:admin
}
it
{
new_project_path
.
should
be_allowed_for
:user
}
it
{
new_project_path
.
should
be_denied_for
:visitor
}
end
describe
"GET /groups/new"
do
it
{
new_group_path
.
should
be_allowed_for
:admin
}
it
{
new_group_path
.
should
be_allowed_for
:user
}
it
{
new_group_path
.
should
be_denied_for
:visitor
}
end
end
spec/features/security/group_access_spec.rb
0 → 100644
View file @
f1fd4787
require
'spec_helper'
describe
"Group access"
do
describe
"GET /projects/new"
do
it
{
new_group_path
.
should
be_allowed_for
:admin
}
it
{
new_group_path
.
should
be_allowed_for
:user
}
it
{
new_group_path
.
should
be_denied_for
:visitor
}
end
describe
"Group"
do
let
(
:group
)
{
create
(
:group
)
}
let
(
:master
)
{
create
(
:user
)
}
let
(
:reporter
)
{
create
(
:user
)
}
let
(
:guest
)
{
create
(
:user
)
}
before
do
group
.
add_user
(
master
,
Gitlab
::
Access
::
MASTER
)
group
.
add_user
(
reporter
,
Gitlab
::
Access
::
REPORTER
)
group
.
add_user
(
guest
,
Gitlab
::
Access
::
GUEST
)
end
describe
"GET /groups/:path"
do
subject
{
group_path
(
group
)
}
it
{
should
be_allowed_for
group
.
owner
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /groups/:path/issues"
do
subject
{
issues_group_path
(
group
)
}
it
{
should
be_allowed_for
group
.
owner
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /groups/:path/merge_requests"
do
subject
{
merge_requests_group_path
(
group
)
}
it
{
should
be_allowed_for
group
.
owner
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /groups/:path/members"
do
subject
{
members_group_path
(
group
)
}
it
{
should
be_allowed_for
group
.
owner
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /groups/:path/edit"
do
subject
{
edit_group_path
(
group
)
}
it
{
should
be_allowed_for
group
.
owner
}
it
{
should
be_denied_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
end
end
spec/features/security/profile_access_spec.rb
View file @
f1fd4787
...
@@ -45,5 +45,32 @@ describe "Users Security" do
...
@@ -45,5 +45,32 @@ describe "Users Security" do
it
{
should
be_allowed_for
:user
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
it
{
should
be_denied_for
:visitor
}
end
end
describe
"GET /profile/history"
do
subject
{
history_profile_path
}
it
{
should
be_allowed_for
@u1
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /profile/notifications"
do
subject
{
profile_notifications_path
}
it
{
should
be_allowed_for
@u1
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /profile/groups"
do
subject
{
profile_groups_path
}
it
{
should
be_allowed_for
@u1
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
end
end
end
end
spec/features/security/project/private_access_spec.rb
0 → 100644
View file @
f1fd4787
require
'spec_helper'
describe
"Private Project Access"
do
let
(
:project
)
{
create
(
:project_with_code
)
}
let
(
:master
)
{
create
(
:user
)
}
let
(
:guest
)
{
create
(
:user
)
}
let
(
:reporter
)
{
create
(
:user
)
}
before
do
# full access
project
.
team
<<
[
master
,
:master
]
# readonly
project
.
team
<<
[
reporter
,
:reporter
]
end
describe
"GET /:project_path"
do
subject
{
project_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/tree/master"
do
subject
{
project_tree_path
(
project
,
project
.
repository
.
root_ref
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/commits/master"
do
subject
{
project_commits_path
(
project
,
project
.
repository
.
root_ref
,
limit:
1
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/commit/:sha"
do
subject
{
project_commit_path
(
project
,
project
.
repository
.
commit
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/compare"
do
subject
{
project_compare_index_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/team"
do
subject
{
project_team_index_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/wall"
do
subject
{
project_wall_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/blob"
do
before
do
commit
=
project
.
repository
.
commit
path
=
commit
.
tree
.
contents
.
select
{
|
i
|
i
.
is_a?
(
Grit
::
Blob
)
}.
first
.
name
@blob_path
=
project_blob_path
(
project
,
File
.
join
(
commit
.
id
,
path
))
end
it
{
@blob_path
.
should
be_allowed_for
master
}
it
{
@blob_path
.
should
be_allowed_for
reporter
}
it
{
@blob_path
.
should
be_allowed_for
:admin
}
it
{
@blob_path
.
should
be_denied_for
guest
}
it
{
@blob_path
.
should
be_denied_for
:user
}
it
{
@blob_path
.
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/edit"
do
subject
{
edit_project_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/deploy_keys"
do
subject
{
project_deploy_keys_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/issues"
do
subject
{
project_issues_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/snippets"
do
subject
{
project_snippets_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/merge_requests"
do
subject
{
project_merge_requests_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/branches/recent"
do
subject
{
recent_project_branches_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/branches"
do
subject
{
project_branches_path
(
project
)
}
before
do
# Speed increase
Project
.
any_instance
.
stub
(
:branches
).
and_return
([])
end
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/tags"
do
subject
{
project_tags_path
(
project
)
}
before
do
# Speed increase
Project
.
any_instance
.
stub
(
:tags
).
and_return
([])
end
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/hooks"
do
subject
{
project_hooks_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
end
spec/features/security/project/public_access_spec.rb
0 → 100644
View file @
f1fd4787
require
'spec_helper'
describe
"Public Project Access"
do
let
(
:project
)
{
create
(
:project_with_code
)
}
let
(
:master
)
{
create
(
:user
)
}
let
(
:guest
)
{
create
(
:user
)
}
let
(
:reporter
)
{
create
(
:user
)
}
before
do
# public project
project
.
public
=
true
project
.
save!
# full access
project
.
team
<<
[
master
,
:master
]
# readonly
project
.
team
<<
[
reporter
,
:reporter
]
end
describe
"Project should be public"
do
subject
{
project
}
its
(
:public?
)
{
should
be_true
}
end
describe
"GET /:project_path"
do
subject
{
project_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/tree/master"
do
subject
{
project_tree_path
(
project
,
project
.
repository
.
root_ref
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/commits/master"
do
subject
{
project_commits_path
(
project
,
project
.
repository
.
root_ref
,
limit:
1
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/commit/:sha"
do
subject
{
project_commit_path
(
project
,
project
.
repository
.
commit
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/compare"
do
subject
{
project_compare_index_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/team"
do
subject
{
project_team_index_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/wall"
do
subject
{
project_wall_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/blob"
do
before
do
commit
=
project
.
repository
.
commit
path
=
commit
.
tree
.
contents
.
select
{
|
i
|
i
.
is_a?
(
Grit
::
Blob
)
}.
first
.
name
@blob_path
=
project_blob_path
(
project
,
File
.
join
(
commit
.
id
,
path
))
end
it
{
@blob_path
.
should
be_allowed_for
master
}
it
{
@blob_path
.
should
be_allowed_for
reporter
}
it
{
@blob_path
.
should
be_allowed_for
:admin
}
it
{
@blob_path
.
should
be_allowed_for
guest
}
it
{
@blob_path
.
should
be_allowed_for
:user
}
it
{
@blob_path
.
should
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/edit"
do
subject
{
edit_project_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/deploy_keys"
do
subject
{
project_deploy_keys_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/issues"
do
subject
{
project_issues_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/snippets"
do
subject
{
project_snippets_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/snippets/new"
do
subject
{
new_project_snippet_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/merge_requests"
do
subject
{
project_merge_requests_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/merge_requests/new"
do
subject
{
new_project_merge_request_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /:project_path/branches/recent"
do
subject
{
recent_project_branches_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/branches"
do
subject
{
project_branches_path
(
project
)
}
before
do
# Speed increase
Project
.
any_instance
.
stub
(
:branches
).
and_return
([])
end
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/tags"
do
subject
{
project_tags_path
(
project
)
}
before
do
# Speed increase
Project
.
any_instance
.
stub
(
:tags
).
and_return
([])
end
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/hooks"
do
subject
{
project_hooks_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
end
spec/features/security/project_access_spec.rb
deleted
100644 → 0
View file @
a3c80673
require
'spec_helper'
describe
"Application access"
do
describe
"GET /"
do
it
{
root_path
.
should
be_allowed_for
:admin
}
it
{
root_path
.
should
be_allowed_for
:user
}
it
{
root_path
.
should
be_denied_for
:visitor
}
end
describe
"GET /projects/new"
do
it
{
new_project_path
.
should
be_allowed_for
:admin
}
it
{
new_project_path
.
should
be_allowed_for
:user
}
it
{
new_project_path
.
should
be_denied_for
:visitor
}
end
describe
"Project"
do
let
(
:project
)
{
create
(
:project_with_code
)
}
let
(
:master
)
{
create
(
:user
)
}
let
(
:guest
)
{
create
(
:user
)
}
let
(
:reporter
)
{
create
(
:user
)
}
before
do
# full access
project
.
team
<<
[
master
,
:master
]
# readonly
project
.
team
<<
[
reporter
,
:reporter
]
end
describe
"GET /project_code"
do
subject
{
project_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/tree/master"
do
subject
{
project_tree_path
(
project
,
project
.
repository
.
root_ref
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/commits/master"
do
subject
{
project_commits_path
(
project
,
project
.
repository
.
root_ref
,
limit:
1
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/commit/:sha"
do
subject
{
project_commit_path
(
project
,
project
.
repository
.
commit
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/compare"
do
subject
{
project_compare_index_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/team"
do
subject
{
project_team_index_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/wall"
do
subject
{
project_wall_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/blob"
do
before
do
commit
=
project
.
repository
.
commit
path
=
commit
.
tree
.
contents
.
select
{
|
i
|
i
.
is_a?
(
Grit
::
Blob
)
}.
first
.
name
@blob_path
=
project_blob_path
(
project
,
File
.
join
(
commit
.
id
,
path
))
end
it
{
@blob_path
.
should
be_allowed_for
master
}
it
{
@blob_path
.
should
be_allowed_for
reporter
}
it
{
@blob_path
.
should
be_allowed_for
:admin
}
it
{
@blob_path
.
should
be_denied_for
guest
}
it
{
@blob_path
.
should
be_denied_for
:user
}
it
{
@blob_path
.
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/edit"
do
subject
{
edit_project_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/deploy_keys"
do
subject
{
project_deploy_keys_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/issues"
do
subject
{
project_issues_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/snippets"
do
subject
{
project_snippets_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/merge_requests"
do
subject
{
project_merge_requests_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/branches/recent"
do
subject
{
recent_project_branches_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/branches"
do
subject
{
project_branches_path
(
project
)
}
before
do
# Speed increase
Project
.
any_instance
.
stub
(
:branches
).
and_return
([])
end
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/tags"
do
subject
{
project_tags_path
(
project
)
}
before
do
# Speed increase
Project
.
any_instance
.
stub
(
:tags
).
and_return
([])
end
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/hooks"
do
subject
{
project_hooks_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
end
describe
"PublicProject"
do
let
(
:project
)
{
create
(
:project_with_code
)
}
let
(
:master
)
{
create
(
:user
)
}
let
(
:guest
)
{
create
(
:user
)
}
let
(
:reporter
)
{
create
(
:user
)
}
let
(
:admin
)
{
create
(
:user
)
}
before
do
# public project
project
.
public
=
true
project
.
save!
# full access
project
.
team
<<
[
master
,
:master
]
# readonly
project
.
team
<<
[
reporter
,
:reporter
]
end
describe
"Project should be public"
do
subject
{
project
}
its
(
:public?
)
{
should
be_true
}
end
describe
"GET /project_code"
do
subject
{
project_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/tree/master"
do
subject
{
project_tree_path
(
project
,
project
.
repository
.
root_ref
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/commits/master"
do
subject
{
project_commits_path
(
project
,
project
.
repository
.
root_ref
,
limit:
1
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/commit/:sha"
do
subject
{
project_commit_path
(
project
,
project
.
repository
.
commit
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/compare"
do
subject
{
project_compare_index_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/team"
do
subject
{
project_team_index_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/wall"
do
subject
{
project_wall_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/blob"
do
before
do
commit
=
project
.
repository
.
commit
path
=
commit
.
tree
.
contents
.
select
{
|
i
|
i
.
is_a?
(
Grit
::
Blob
)
}.
first
.
name
@blob_path
=
project_blob_path
(
project
,
File
.
join
(
commit
.
id
,
path
))
end
it
{
@blob_path
.
should
be_allowed_for
master
}
it
{
@blob_path
.
should
be_allowed_for
reporter
}
it
{
@blob_path
.
should
be_allowed_for
:admin
}
it
{
@blob_path
.
should
be_allowed_for
guest
}
it
{
@blob_path
.
should
be_allowed_for
:user
}
it
{
@blob_path
.
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/edit"
do
subject
{
edit_project_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/deploy_keys"
do
subject
{
project_deploy_keys_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_denied_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/issues"
do
subject
{
project_issues_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/snippets"
do
subject
{
project_snippets_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/snippets/new"
do
subject
{
new_project_snippet_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_denied_for
guest
}
it
{
should
be_denied_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/merge_requests"
do
subject
{
project_merge_requests_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/branches/recent"
do
subject
{
recent_project_branches_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/branches"
do
subject
{
project_branches_path
(
project
)
}
before
do
# Speed increase
Project
.
any_instance
.
stub
(
:branches
).
and_return
([])
end
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/tags"
do
subject
{
project_tags_path
(
project
)
}
before
do
# Speed increase
Project
.
any_instance
.
stub
(
:tags
).
and_return
([])
end
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
describe
"GET /project_code/hooks"
do
subject
{
project_hooks_path
(
project
)
}
it
{
should
be_allowed_for
master
}
it
{
should
be_allowed_for
reporter
}
it
{
should
be_allowed_for
:admin
}
it
{
should
be_allowed_for
guest
}
it
{
should
be_allowed_for
:user
}
it
{
should
be_denied_for
:visitor
}
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment