Commit 19d5c15b authored by Fabio Pitino's avatar Fabio Pitino

Fix CI minutes notification when unauthenticated

Don't display notification if user is unauthenticated
parent c1fa2a2c
...@@ -18,11 +18,9 @@ module Ci ...@@ -18,11 +18,9 @@ module Ci
end end
def can_see_status? def can_see_status?
if project return false unless level
user.can?(:create_pipeline, project)
else Ability.allowed?(user, :read_ci_minutes_quota, level)
namespace.all_pipelines.for_user(user).any?
end
end end
private private
......
...@@ -91,6 +91,7 @@ module EE ...@@ -91,6 +91,7 @@ module EE
enable :create_jira_connect_subscription enable :create_jira_connect_subscription
enable :maintainer_access enable :maintainer_access
enable :admin_wiki enable :admin_wiki
enable :read_ci_minutes_quota
end end
rule { owner }.policy do rule { owner }.policy do
......
...@@ -181,6 +181,7 @@ module EE ...@@ -181,6 +181,7 @@ module EE
enable :destroy_feature_flag enable :destroy_feature_flag
enable :admin_feature_flag enable :admin_feature_flag
enable :admin_feature_flags_user_lists enable :admin_feature_flags_user_lists
enable :read_ci_minutes_quota
end end
rule { can?(:developer_access) & iterations_available }.policy do rule { can?(:developer_access) & iterations_available }.policy do
......
---
title: Fix CI minutes notification when unauthenticated
merge_request: 31724
author:
type: fixed
...@@ -87,7 +87,9 @@ describe 'CI shared runner limits' do ...@@ -87,7 +87,9 @@ describe 'CI shared runner limits' do
end end
context 'when on a group related page' do context 'when on a group related page' do
let!(:user_pipeline) { create(:ci_pipeline, user: user, project: project) } before do
group.add_owner(user)
end
where(:case_name, :percent, :remaining_minutes) do where(:case_name, :percent, :remaining_minutes) do
'warning level' | 30 | 4 'warning level' | 30 | 4
......
...@@ -36,6 +36,14 @@ describe Ci::Minutes::Context do ...@@ -36,6 +36,14 @@ describe Ci::Minutes::Context do
expect(subject.can_see_status?).to be_falsey expect(subject.can_see_status?).to be_falsey
end end
end end
context 'when user is not authenticated' do
let(:user) { nil }
it 'cannot see status' do
expect(subject.can_see_status?).to be_falsey
end
end
end end
end end
...@@ -45,7 +53,7 @@ describe Ci::Minutes::Context do ...@@ -45,7 +53,7 @@ describe Ci::Minutes::Context do
describe '#can_see_status' do describe '#can_see_status' do
context 'when eligible to see status' do context 'when eligible to see status' do
before do before do
create(:ci_pipeline, user: user, project: project) group.add_owner(user)
end end
it 'can see status' do it 'can see status' do
...@@ -58,6 +66,14 @@ describe Ci::Minutes::Context do ...@@ -58,6 +66,14 @@ describe Ci::Minutes::Context do
expect(subject.can_see_status?).to be_falsey expect(subject.can_see_status?).to be_falsey
end end
end end
context 'when user is not authenticated' do
let(:user) { nil }
it 'cannot see status' do
expect(subject.can_see_status?).to be_falsey
end
end
end end
end end
end end
...@@ -127,7 +127,9 @@ describe Ci::Minutes::Notification do ...@@ -127,7 +127,9 @@ describe Ci::Minutes::Notification do
context 'when at namespace level' do context 'when at namespace level' do
describe '#show?' do describe '#show?' do
context 'when eligible to see notifications' do context 'when eligible to see notifications' do
let!(:user_pipeline) { create(:ci_pipeline, user: user, project: project) } before do
group.add_owner(user)
end
context 'with a project that has runners enabled inside namespace' do context 'with a project that has runners enabled inside namespace' do
it_behaves_like 'queries for notifications' do it_behaves_like 'queries for notifications' do
......
...@@ -880,6 +880,27 @@ describe GroupPolicy do ...@@ -880,6 +880,27 @@ describe GroupPolicy do
end end
end end
describe ':read_ci_minutes_quota' do
using RSpec::Parameterized::TableSyntax
let(:policy) { :read_ci_minutes_quota }
where(:role, :allowed) do
:guest | false
:reporter | false
:developer | false
:maintainer | true
:owner | true
:admin | true
end
with_them do
let(:current_user) { public_send(role) }
it { is_expected.to(allowed ? be_allowed(policy) : be_disallowed(policy)) }
end
end
it_behaves_like 'model with wiki policies' do it_behaves_like 'model with wiki policies' do
let_it_be(:container) { create(:group) } let_it_be(:container) { create(:group) }
let_it_be(:user) { owner } let_it_be(:user) { owner }
......
...@@ -1376,4 +1376,25 @@ describe ProjectPolicy do ...@@ -1376,4 +1376,25 @@ describe ProjectPolicy do
it { is_expected.to(allowed ? be_allowed(policy) : be_disallowed(policy)) } it { is_expected.to(allowed ? be_allowed(policy) : be_disallowed(policy)) }
end end
end end
describe ':read_ci_minutes_quota' do
using RSpec::Parameterized::TableSyntax
let(:policy) { :read_ci_minutes_quota }
where(:role, :allowed) do
:guest | false
:reporter | false
:developer | true
:maintainer | true
:owner | true
:admin | true
end
with_them do
let(:current_user) { public_send(role) }
it { is_expected.to(allowed ? be_allowed(policy) : be_disallowed(policy)) }
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment