Auditors can see project security dashboard

Aw yeah

Auditors can see project security dashboard
Aw yeah
4c499d01 · Avielle Wolfe · f97ae34f · 4c499d01 · 4c499d01
Commit 4c499d01 authored Jul 15, 2019 by Avielle Wolfe
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 0 deletions

ee/app/policies/ee/project_policy.rb ee/app/policies/ee/project_policy.rb +1 -0

ee/spec/policies/project_policy_spec.rb ee/spec/policies/project_policy_spec.rb +5 -0

No files found.
--- a/ee/app/policies/ee/project_policy.rb
+++ b/ee/app/policies/ee/project_policy.rb
@@ -188,6 +188,7 @@ module EE
        enable :read_environment
        enable :read_deployment
        enable :read_pages
+        enable :read_project_security_dashboard
      end

      rule { auditor & ~guest }.policy do

--- a/ee/spec/policies/project_policy_spec.rb
+++ b/ee/spec/policies/project_policy_spec.rb
@@ -39,6 +39,7 @@ describe ProjectPolicy do
        read_pipeline read_build read_commit_status read_container_image
        read_environment read_deployment read_merge_request read_pages
        create_merge_request_in award_emoji
+        read_project_security_dashboard
        read_vulnerability_feedback read_software_license_policy
      ]
    end
@@ -54,6 +55,10 @@ describe ProjectPolicy do
    context 'auditor' do
      let(:current_user) { create(:user, :auditor) }

+      before do
+        stub_licensed_features(security_dashboard: true, license_management: true)
+      end
+
      context 'who is not a team member' do
        it do
          is_expected.to be_disallowed(*developer_permissions)