Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
9ad419c5
Commit
9ad419c5
authored
Feb 09, 2017
by
Jose Ivan Vargas
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fixed security access specs
Also fixed the access_level_dropdown not pointing in the right direction
parent
77bdb5d0
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
46 additions
and
3 deletions
+46
-3
app/views/projects/protected_branches/_protected_branch_access_summary.html.haml
...ected_branches/_protected_branch_access_summary.html.haml
+2
-2
spec/features/security/project/internal_access_spec.rb
spec/features/security/project/internal_access_spec.rb
+16
-1
spec/features/security/project/private_access_spec.rb
spec/features/security/project/private_access_spec.rb
+14
-0
spec/features/security/project/public_access_spec.rb
spec/features/security/project/public_access_spec.rb
+14
-0
No files found.
app/views/projects/protected_branches/_protected_branch_access_summary.html.haml
View file @
9ad419c5
%td
%td
=
render
partial:
'access_level_dropdown'
,
locals:
{
protected_branch:
protected_branch
,
access_levels:
protected_branch
.
merge_access_levels
,
level_frequencies:
protected_branch
.
merge_access_level_frequencies
,
input_basic_name:
'merge_access_levels'
,
toggle_class:
'js-allowed-to-merge'
}
=
render
partial:
'
projects/protected_branches/
access_level_dropdown'
,
locals:
{
protected_branch:
protected_branch
,
access_levels:
protected_branch
.
merge_access_levels
,
level_frequencies:
protected_branch
.
merge_access_level_frequencies
,
input_basic_name:
'merge_access_levels'
,
toggle_class:
'js-allowed-to-merge'
}
%td
%td
=
render
partial:
'access_level_dropdown'
,
locals:
{
protected_branch:
protected_branch
,
access_levels:
protected_branch
.
push_access_levels
,
level_frequencies:
protected_branch
.
push_access_level_frequencies
,
input_basic_name:
'push_access_levels'
,
toggle_class:
'js-allowed-to-push'
}
=
render
partial:
'
projects/protected_branches/
access_level_dropdown'
,
locals:
{
protected_branch:
protected_branch
,
access_levels:
protected_branch
.
push_access_levels
,
level_frequencies:
protected_branch
.
push_access_level_frequencies
,
input_basic_name:
'push_access_levels'
,
toggle_class:
'js-allowed-to-push'
}
spec/features/security/project/internal_access_spec.rb
View file @
9ad419c5
...
@@ -116,6 +116,21 @@ describe "Internal Project Access", feature: true do
...
@@ -116,6 +116,21 @@ describe "Internal Project Access", feature: true do
it
{
is_expected
.
to
be_denied_for
(
:external
)
}
it
{
is_expected
.
to
be_denied_for
(
:external
)
}
end
end
describe
"GET /:project_path/settings/repository"
do
subject
{
namespace_project_settings_repository_path
(
project
.
namespace
,
project
)
}
it
{
is_expected
.
to
be_allowed_for
(
:admin
)
}
it
{
is_expected
.
to
be_denied_for
(
:auditor
)
}
it
{
is_expected
.
to
be_allowed_for
(
:owner
).
of
(
project
)
}
it
{
is_expected
.
to
be_allowed_for
(
:master
).
of
(
project
)
}
it
{
is_expected
.
to
be_denied_for
(
:developer
).
of
(
project
)
}
it
{
is_expected
.
to
be_denied_for
(
:reporter
).
of
(
project
)
}
it
{
is_expected
.
to
be_denied_for
(
:guest
).
of
(
project
)
}
it
{
is_expected
.
to
be_denied_for
(
:user
)
}
it
{
is_expected
.
to
be_denied_for
(
:visitor
)
}
it
{
is_expected
.
to
be_denied_for
(
:external
)
}
end
describe
"GET /:project_path/blob"
do
describe
"GET /:project_path/blob"
do
let
(
:commit
)
{
project
.
repository
.
commit
}
let
(
:commit
)
{
project
.
repository
.
commit
}
subject
{
namespace_project_blob_path
(
project
.
namespace
,
project
,
File
.
join
(
commit
.
id
,
'.gitignore'
))
}
subject
{
namespace_project_blob_path
(
project
.
namespace
,
project
,
File
.
join
(
commit
.
id
,
'.gitignore'
))
}
...
@@ -484,7 +499,7 @@ describe "Internal Project Access", feature: true do
...
@@ -484,7 +499,7 @@ describe "Internal Project Access", feature: true do
it
{
is_expected
.
to
be_denied_for
(
:visitor
)
}
it
{
is_expected
.
to
be_denied_for
(
:visitor
)
}
end
end
end
end
describe
"GET /:project_path/container_registry"
do
describe
"GET /:project_path/container_registry"
do
before
do
before
do
stub_container_registry_tags
(
'latest'
)
stub_container_registry_tags
(
'latest'
)
...
...
spec/features/security/project/private_access_spec.rb
View file @
9ad419c5
...
@@ -116,6 +116,20 @@ describe "Private Project Access", feature: true do
...
@@ -116,6 +116,20 @@ describe "Private Project Access", feature: true do
it
{
is_expected
.
to
be_denied_for
(
:external
)
}
it
{
is_expected
.
to
be_denied_for
(
:external
)
}
end
end
describe
"GET /:project_path/settings/repository"
do
subject
{
namespace_project_settings_repository_path
(
project
.
namespace
,
project
)
}
it
{
is_expected
.
to
be_allowed_for
(
:admin
)
}
it
{
is_expected
.
to
be_allowed_for
(
:owner
).
of
(
project
)
}
it
{
is_expected
.
to
be_allowed_for
(
:master
).
of
(
project
)
}
it
{
is_expected
.
to
be_denied_for
(
:developer
).
of
(
project
)
}
it
{
is_expected
.
to
be_denied_for
(
:reporter
).
of
(
project
)
}
it
{
is_expected
.
to
be_denied_for
(
:guest
).
of
(
project
)
}
it
{
is_expected
.
to
be_denied_for
(
:user
)
}
it
{
is_expected
.
to
be_denied_for
(
:visitor
)
}
it
{
is_expected
.
to
be_denied_for
(
:external
)
}
end
describe
"GET /:project_path/settings/repository"
do
describe
"GET /:project_path/settings/repository"
do
subject
{
namespace_project_settings_repository_path
(
project
.
namespace
,
project
)
}
subject
{
namespace_project_settings_repository_path
(
project
.
namespace
,
project
)
}
...
...
spec/features/security/project/public_access_spec.rb
View file @
9ad419c5
...
@@ -116,6 +116,20 @@ describe "Public Project Access", feature: true do
...
@@ -116,6 +116,20 @@ describe "Public Project Access", feature: true do
it
{
is_expected
.
to
be_denied_for
(
:external
)
}
it
{
is_expected
.
to
be_denied_for
(
:external
)
}
end
end
describe
"GET /:project_path/settings/repository"
do
subject
{
namespace_project_settings_ci_cd_path
(
project
.
namespace
,
project
)
}
it
{
is_expected
.
to
be_allowed_for
(
:admin
)
}
it
{
is_expected
.
to
be_allowed_for
(
:owner
).
of
(
project
)
}
it
{
is_expected
.
to
be_allowed_for
(
:master
).
of
(
project
)
}
it
{
is_expected
.
to
be_denied_for
(
:developer
).
of
(
project
)
}
it
{
is_expected
.
to
be_denied_for
(
:reporter
).
of
(
project
)
}
it
{
is_expected
.
to
be_denied_for
(
:guest
).
of
(
project
)
}
it
{
is_expected
.
to
be_denied_for
(
:user
)
}
it
{
is_expected
.
to
be_denied_for
(
:visitor
)
}
it
{
is_expected
.
to
be_denied_for
(
:external
)
}
end
describe
"GET /:project_path/pipelines"
do
describe
"GET /:project_path/pipelines"
do
subject
{
namespace_project_pipelines_path
(
project
.
namespace
,
project
)
}
subject
{
namespace_project_pipelines_path
(
project
.
namespace
,
project
)
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment