require'spec_helper'describeBasePolicydoincludeExternalAuthorizationServiceHelperslet(:current_user){create(:user)}let(:user){create(:user)}subject{described_class.new(current_user,[user])}describe'read cross project'doit{is_expected.tobe_allowed(:read_cross_project)}context'when an external authorization service is enabled'dobeforedoenable_external_authorization_serviceendit{is_expected.not_tobe_allowed(:read_cross_project)}it'allows admins'doexpect(described_class.new(build(:admin),nil)).tobe_allowed(:read_cross_project)endit'allows auditors'doexpect(described_class.new(build(:auditor),nil)).tobe_allowed(:read_cross_project)endendendend