Skip to content

G
gitlab-ce
Commit 71e3d907 authored by Bob Van Landuyt's avatar Bob Van Landuyt
Browse files
Options

Merge branch '355531-fix-auditor-permissions-for-contribution-analytics' into 'master' 

Allow auditor to read group contribution analytics

See merge request gitlab-org/gitlab!83722
parents d13e07de 448b87a8
Hide whitespace changes
Inline Side-by-side
Showing with 29 additions and 11 deletions
ee/app/policies/ee/group_policy.rb
View file @ 71e3d907
...@@ -175,6 +175,7 @@ module EE ...@@ -175,6 +175,7 @@ module EE
enable :view_productivity_analytics enable :view_productivity_analytics
enable :view_group_devops_adoption enable :view_group_devops_adoption
enable :read_group_repository_analytics enable :read_group_repository_analytics
enable :read_group_contribution_analytics
end end
rule { owner | admin }.policy do rule { owner | admin }.policy do
......
ee/spec/controllers/groups/contribution_analytics_controller_spec.rb
View file @ 71e3d907
...@@ -35,20 +35,29 @@ RSpec.describe Groups::ContributionAnalyticsController do ...@@ -35,20 +35,29 @@ RSpec.describe Groups::ContributionAnalyticsController do
end end
describe '#authorize_read_contribution_analytics!' do describe '#authorize_read_contribution_analytics!' do
before do let(:request) { get :show, params: { group_id: group.path } }
group.add_user(guest_user, GroupMember::GUEST)
sign_in(guest_user) context 'when feature is available to the group' do
end before do
stub_licensed_features(contribution_analytics: true)
end
context 'when user is an auditor' do
let(:auditor) { create(:user, :auditor) }
it 'allows access' do
sign_in(auditor)
context 'when user has access to the group' do request
let(:request) { get :show, params: { group_id: group.path } }
expect(response).to have_gitlab_http_status(:success)
end
end
context 'when feature is available to the group' do context 'when user has access to the group' do
before do before do
allow(License).to receive(:feature_available?).and_call_original group.add_user(guest_user, GroupMember::GUEST)
allow(License).to receive(:feature_available?) sign_in(guest_user)
.with(:contribution_analytics)
.and_return(true)
allow(Ability).to receive(:allowed?).and_call_original allow(Ability).to receive(:allowed?).and_call_original
allow(Ability).to receive(:allowed?) allow(Ability).to receive(:allowed?)
......
ee/spec/policies/group_policy_spec.rb
View file @ 71e3d907
...@@ -182,6 +182,14 @@ RSpec.describe GroupPolicy do ...@@ -182,6 +182,14 @@ RSpec.describe GroupPolicy do
it { is_expected.not_to be_allowed(:read_group_contribution_analytics) } it { is_expected.not_to be_allowed(:read_group_contribution_analytics) }
end end
context 'when user has an auditor role' do
before do
allow(current_user).to receive(:auditor?).and_return(true)
end
it { is_expected.to be_allowed(:read_group_contribution_analytics) }
end
end end
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7