Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
76c51f56
Commit
76c51f56
authored
May 19, 2020
by
Ronald van Zon
Committed by
Mayra Cabrera
May 19, 2020
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Correct the permission according to docs
parent
3f482b0d
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
25 additions
and
21 deletions
+25
-21
app/policies/project_policy.rb
app/policies/project_policy.rb
+1
-1
changelogs/unreleased/rz_fix_api_statistics_permission.yml
changelogs/unreleased/rz_fix_api_statistics_permission.yml
+5
-0
doc/user/permissions.md
doc/user/permissions.md
+1
-1
spec/policies/project_policy_spec.rb
spec/policies/project_policy_spec.rb
+2
-2
spec/requests/api/project_statistics_spec.rb
spec/requests/api/project_statistics_spec.rb
+15
-15
spec/support/shared_contexts/policies/project_policy_shared_context.rb
...shared_contexts/policies/project_policy_shared_context.rb
+1
-2
No files found.
app/policies/project_policy.rb
View file @
76c51f56
...
@@ -316,6 +316,7 @@ class ProjectPolicy < BasePolicy
...
@@ -316,6 +316,7 @@ class ProjectPolicy < BasePolicy
enable
:update_deployment
enable
:update_deployment
enable
:create_release
enable
:create_release
enable
:update_release
enable
:update_release
enable
:daily_statistics
enable
:create_metrics_dashboard_annotation
enable
:create_metrics_dashboard_annotation
enable
:delete_metrics_dashboard_annotation
enable
:delete_metrics_dashboard_annotation
enable
:update_metrics_dashboard_annotation
enable
:update_metrics_dashboard_annotation
...
@@ -358,7 +359,6 @@ class ProjectPolicy < BasePolicy
...
@@ -358,7 +359,6 @@ class ProjectPolicy < BasePolicy
enable
:create_environment_terminal
enable
:create_environment_terminal
enable
:destroy_release
enable
:destroy_release
enable
:destroy_artifacts
enable
:destroy_artifacts
enable
:daily_statistics
enable
:admin_operations
enable
:admin_operations
enable
:read_deploy_token
enable
:read_deploy_token
enable
:create_deploy_token
enable
:create_deploy_token
...
...
changelogs/unreleased/rz_fix_api_statistics_permission.yml
0 → 100644
View file @
76c51f56
---
title
:
Correct the permission according to docs
merge_request
:
28657
author
:
type
:
fixed
doc/user/permissions.md
View file @
76c51f56
...
@@ -83,7 +83,7 @@ The following table depicts the various user permission levels in a project.
...
@@ -83,7 +83,7 @@ The following table depicts the various user permission levels in a project.
| See a container registry | | ✓ | ✓ | ✓ | ✓ |
| See a container registry | | ✓ | ✓ | ✓ | ✓ |
| See environments | | ✓ | ✓ | ✓ | ✓ |
| See environments | | ✓ | ✓ | ✓ | ✓ |
| See a list of merge requests | | ✓ | ✓ | ✓ | ✓ |
| See a list of merge requests | | ✓ | ✓ | ✓ | ✓ |
| View project statistics | |
✓
| ✓ | ✓ | ✓ |
| View project statistics | |
| ✓ | ✓ | ✓ |
| View Error Tracking list | | ✓ | ✓ | ✓ | ✓ |
| View Error Tracking list | | ✓ | ✓ | ✓ | ✓ |
| Create new merge request | | ✓ | ✓ | ✓ | ✓ |
| Create new merge request | | ✓ | ✓ | ✓ | ✓ |
| View metrics dashboard annotations | | ✓ | ✓ | ✓ | ✓ |
| View metrics dashboard annotations | | ✓ | ✓ | ✓ | ✓ |
...
...
spec/policies/project_policy_spec.rb
View file @
76c51f56
...
@@ -42,7 +42,7 @@ describe ProjectPolicy do
...
@@ -42,7 +42,7 @@ describe ProjectPolicy do
admin_tag admin_milestone admin_merge_request update_merge_request create_commit_status
admin_tag admin_milestone admin_merge_request update_merge_request create_commit_status
update_commit_status create_build update_build create_pipeline
update_commit_status create_build update_build create_pipeline
update_pipeline create_merge_request_from create_wiki push_code
update_pipeline create_merge_request_from create_wiki push_code
resolve_note create_container_image update_container_image destroy_container_image
resolve_note create_container_image update_container_image destroy_container_image
daily_statistics
create_environment update_environment create_deployment update_deployment create_release update_release
create_environment update_environment create_deployment update_deployment create_release update_release
create_metrics_dashboard_annotation delete_metrics_dashboard_annotation update_metrics_dashboard_annotation
create_metrics_dashboard_annotation delete_metrics_dashboard_annotation update_metrics_dashboard_annotation
]
]
...
@@ -54,7 +54,7 @@ describe ProjectPolicy do
...
@@ -54,7 +54,7 @@ describe ProjectPolicy do
admin_snippet admin_project_member admin_note admin_wiki admin_project
admin_snippet admin_project_member admin_note admin_wiki admin_project
admin_commit_status admin_build admin_container_image
admin_commit_status admin_build admin_container_image
admin_pipeline admin_environment admin_deployment destroy_release add_cluster
admin_pipeline admin_environment admin_deployment destroy_release add_cluster
daily_statistics
read_deploy_token create_deploy_token destroy_deploy_token
read_deploy_token create_deploy_token destroy_deploy_token
admin_terraform_state
admin_terraform_state
]
]
end
end
...
...
spec/requests/api/project_statistics_spec.rb
View file @
76c51f56
...
@@ -3,23 +3,23 @@
...
@@ -3,23 +3,23 @@
require
'spec_helper'
require
'spec_helper'
describe
API
::
ProjectStatistics
do
describe
API
::
ProjectStatistics
do
let
(
:maintain
er
)
{
create
(
:user
)
}
let
_it_be
(
:develop
er
)
{
create
(
:user
)
}
let
(
:public_project
)
{
create
(
:project
,
:public
)
}
let
_it_be
(
:public_project
)
{
create
(
:project
,
:public
)
}
before
do
before
do
public_project
.
add_
maintainer
(
maintain
er
)
public_project
.
add_
developer
(
develop
er
)
end
end
describe
'GET /projects/:id/statistics'
do
describe
'GET /projects/:id/statistics'
do
let
!
(
:fetch_statistics1
)
{
create
(
:project_daily_statistic
,
project:
public_project
,
fetch_count:
30
,
date:
29
.
days
.
ago
)
}
let
_it_be
(
:fetch_statistics1
)
{
create
(
:project_daily_statistic
,
project:
public_project
,
fetch_count:
30
,
date:
29
.
days
.
ago
)
}
let
!
(
:fetch_statistics2
)
{
create
(
:project_daily_statistic
,
project:
public_project
,
fetch_count:
4
,
date:
3
.
days
.
ago
)
}
let
_it_be
(
:fetch_statistics2
)
{
create
(
:project_daily_statistic
,
project:
public_project
,
fetch_count:
4
,
date:
3
.
days
.
ago
)
}
let
!
(
:fetch_statistics3
)
{
create
(
:project_daily_statistic
,
project:
public_project
,
fetch_count:
3
,
date:
2
.
days
.
ago
)
}
let
_it_be
(
:fetch_statistics3
)
{
create
(
:project_daily_statistic
,
project:
public_project
,
fetch_count:
3
,
date:
2
.
days
.
ago
)
}
let
!
(
:fetch_statistics4
)
{
create
(
:project_daily_statistic
,
project:
public_project
,
fetch_count:
2
,
date:
1
.
day
.
ago
)
}
let
_it_be
(
:fetch_statistics4
)
{
create
(
:project_daily_statistic
,
project:
public_project
,
fetch_count:
2
,
date:
1
.
day
.
ago
)
}
let
!
(
:fetch_statistics5
)
{
create
(
:project_daily_statistic
,
project:
public_project
,
fetch_count:
1
,
date:
Date
.
today
)
}
let
_it_be
(
:fetch_statistics5
)
{
create
(
:project_daily_statistic
,
project:
public_project
,
fetch_count:
1
,
date:
Date
.
today
)
}
let
!
(
:fetch_statistics_other_project
)
{
create
(
:project_daily_statistic
,
project:
create
(
:project
),
fetch_count:
29
,
date:
29
.
days
.
ago
)
}
let
_it_be
(
:fetch_statistics_other_project
)
{
create
(
:project_daily_statistic
,
project:
create
(
:project
),
fetch_count:
29
,
date:
29
.
days
.
ago
)
}
it
'returns the fetch statistics of the last 30 days'
do
it
'returns the fetch statistics of the last 30 days'
do
get
api
(
"/projects/
#{
public_project
.
id
}
/statistics"
,
maintain
er
)
get
api
(
"/projects/
#{
public_project
.
id
}
/statistics"
,
develop
er
)
expect
(
response
).
to
have_gitlab_http_status
(
:ok
)
expect
(
response
).
to
have_gitlab_http_status
(
:ok
)
fetches
=
json_response
[
'fetches'
]
fetches
=
json_response
[
'fetches'
]
...
@@ -32,7 +32,7 @@ describe API::ProjectStatistics do
...
@@ -32,7 +32,7 @@ describe API::ProjectStatistics do
it
'excludes the fetch statistics older than 30 days'
do
it
'excludes the fetch statistics older than 30 days'
do
create
(
:project_daily_statistic
,
fetch_count:
31
,
project:
public_project
,
date:
30
.
days
.
ago
)
create
(
:project_daily_statistic
,
fetch_count:
31
,
project:
public_project
,
date:
30
.
days
.
ago
)
get
api
(
"/projects/
#{
public_project
.
id
}
/statistics"
,
maintain
er
)
get
api
(
"/projects/
#{
public_project
.
id
}
/statistics"
,
develop
er
)
expect
(
response
).
to
have_gitlab_http_status
(
:ok
)
expect
(
response
).
to
have_gitlab_http_status
(
:ok
)
fetches
=
json_response
[
'fetches'
]
fetches
=
json_response
[
'fetches'
]
...
@@ -41,11 +41,11 @@ describe API::ProjectStatistics do
...
@@ -41,11 +41,11 @@ describe API::ProjectStatistics do
expect
(
fetches
[
'days'
].
last
).
to
eq
({
'count'
=>
fetch_statistics1
.
fetch_count
,
'date'
=>
fetch_statistics1
.
date
.
to_s
})
expect
(
fetches
[
'days'
].
last
).
to
eq
({
'count'
=>
fetch_statistics1
.
fetch_count
,
'date'
=>
fetch_statistics1
.
date
.
to_s
})
end
end
it
'responds with 403 when the user is not a
maintain
er of the repository'
do
it
'responds with 403 when the user is not a
develop
er of the repository'
do
developer
=
create
(
:user
)
guest
=
create
(
:user
)
public_project
.
add_
developer
(
developer
)
public_project
.
add_
guest
(
guest
)
get
api
(
"/projects/
#{
public_project
.
id
}
/statistics"
,
developer
)
get
api
(
"/projects/
#{
public_project
.
id
}
/statistics"
,
guest
)
expect
(
response
).
to
have_gitlab_http_status
(
:forbidden
)
expect
(
response
).
to
have_gitlab_http_status
(
:forbidden
)
expect
(
json_response
[
'message'
]).
to
eq
(
'403 Forbidden'
)
expect
(
json_response
[
'message'
]).
to
eq
(
'403 Forbidden'
)
...
...
spec/support/shared_contexts/policies/project_policy_shared_context.rb
View file @
76c51f56
...
@@ -39,7 +39,7 @@ RSpec.shared_context 'ProjectPolicy context' do
...
@@ -39,7 +39,7 @@ RSpec.shared_context 'ProjectPolicy context' do
update_pipeline create_merge_request_from create_wiki push_code
update_pipeline create_merge_request_from create_wiki push_code
resolve_note create_container_image update_container_image
resolve_note create_container_image update_container_image
create_environment create_deployment update_deployment create_release update_release
create_environment create_deployment update_deployment create_release update_release
update_environment
update_environment
daily_statistics
]
]
end
end
...
@@ -49,7 +49,6 @@ RSpec.shared_context 'ProjectPolicy context' do
...
@@ -49,7 +49,6 @@ RSpec.shared_context 'ProjectPolicy context' do
admin_snippet admin_project_member admin_note admin_wiki admin_project
admin_snippet admin_project_member admin_note admin_wiki admin_project
admin_commit_status admin_build admin_container_image
admin_commit_status admin_build admin_container_image
admin_pipeline admin_environment admin_deployment destroy_release add_cluster
admin_pipeline admin_environment admin_deployment destroy_release add_cluster
daily_statistics
]
]
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment