Auditors can see group security dashboard

This how we do y'all

Auditors can see group security dashboard
This how we do y'all
b1f76a29 · Avielle Wolfe · 4c499d01 · b1f76a29 · b1f76a29
Commit b1f76a29 authored Jul 15, 2019 by Avielle Wolfe
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 1 deletion

ee/app/policies/ee/group_policy.rb ee/app/policies/ee/group_policy.rb +4 -1

ee/spec/policies/group_policy_spec.rb ee/spec/policies/group_policy_spec.rb +5 -0

No files found.
--- a/ee/app/policies/ee/group_policy.rb
+++ b/ee/app/policies/ee/group_policy.rb
@@ -74,7 +74,10 @@ module EE
        prevent :destroy_epic
      end

-      rule { auditor }.enable :read_group
+      rule { auditor }.policy do
+        enable :read_group
+        enable :read_group_security_dashboard
+      end

      rule { admin | owner }.enable :admin_group_saml


--- a/ee/spec/policies/group_policy_spec.rb
+++ b/ee/spec/policies/group_policy_spec.rb
@@ -368,8 +368,13 @@ describe GroupPolicy do
    context 'auditor' do
      let(:current_user) { create(:user, :auditor) }

+      before do
+        stub_licensed_features(security_dashboard: true)
+      end
+
      it do
        expect_allowed(:read_group)
+        expect_allowed(:read_group_security_dashboard)
        expect_disallowed(:upload_file)
        expect_disallowed(*reporter_permissions)
        expect_disallowed(*developer_permissions)