Update policy and tests for maven package feature

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

ee/app/policies/ee/project_policy.rb

@@ -84,24 +84,22 @@ module EE
 
       rule { can?(:read_issue) }.enable :read_issue_link
 
-      rule { can?(:public_access) }.policy do
-        enable :read_packages
-      end
-
       rule { can?(:reporter_access) }.policy do
         enable :admin_board
         enable :read_deploy_board
         enable :admin_issue_link
         enable :admin_epic_issue
-        enable :read_packages
+        enable :read_package
       end
 
       rule { can?(:developer_access) }.policy do
         enable :admin_board
         enable :admin_vulnerability_feedback
-        enable :write_packages
+        enable :admin_package
       end
 
+      rule { can?(:public_access) }.enable :read_package
+
       rule { can?(:developer_access) & security_reports_feature_available }.enable :read_project_security_dashboard
 
       rule { can?(:read_project) }.enable :read_vulnerability_feedback

ee/lib/api/maven_packages.rb

@@ -80,7 +80,7 @@ module API
       end
       put ':id/packages/maven/*app_group/:app_name/:app_version/:file_name/authorize', requirements: MAVEN_ENDPOINT_REQUIREMENTS do
         not_allowed! unless Gitlab.config.packages.enabled
-        unauthorized! unless can?(current_user, :write_package, user_project)
+        unauthorized! unless can?(current_user, :admin_package, user_project)
 
         require_gitlab_workhorse!
         Gitlab::Workhorse.verify_api_request!(headers)
@@ -106,7 +106,7 @@ module API
       end
       put ':id/packages/maven/*app_group/:app_name/:app_version/:file_name', requirements: MAVEN_ENDPOINT_REQUIREMENTS do
         not_allowed! unless Gitlab.config.packages.enabled
-        unauthorized! unless can?(current_user, :write_package, user_project)
+        unauthorized! unless can?(current_user, :admin_package, user_project)
 
         require_gitlab_workhorse!
 

ee/spec/requests/api/maven_packages_spec.rb

@@ -52,15 +52,13 @@ describe API::MavenPackages do
 
         download_file_with_token(package_file_xml.file_name)
 
-        expect(response).to have_gitlab_http_status(400)
+        expect(response).to have_gitlab_http_status(401)
       end
 
       it 'denies download when no private token' do
-        project.add_guest(user)
-
         download_file(package_file_xml.file_name)
 
-        expect(response).to have_gitlab_http_status(400)
+        expect(response).to have_gitlab_http_status(404)
       end
     end
 
@@ -70,8 +68,8 @@ describe API::MavenPackages do
               "#{maven_metadatum.app_version}/#{file_name}"), params, request_headers
     end
 
-    def download_file_with_token(params = {}, request_headers = headers_with_token)
-      download_file(params, request_headers)
+    def download_file_with_token(file_name, params = {}, request_headers = headers_with_token)
+      download_file(file_name, params, request_headers)
     end
   end
 
@@ -109,7 +107,7 @@ describe API::MavenPackages do
     end
 
     def authorize_upload(params = {}, request_headers = headers)
-      put api("/projects/#{project.id}/packages/maven/com/example/my-app/1-0-SNAPSHOT/maven-metadata.xml/authorize"), params, request_headers
+      put api("/projects/#{project.id}/packages/maven/com/example/my-app/1.0-SNAPSHOT/maven-metadata.xml/authorize"), params, request_headers
     end
 
     def authorize_upload_with_token(params = {}, request_headers = headers_with_token)
@@ -153,12 +151,12 @@ describe API::MavenPackages do
           .and change { Packages::PackageFile.count }.by(1)
 
         expect(response).to have_gitlab_http_status(200)
-        expect(package_file.original_filename).to eq(file_upload.original_filename)
+        expect(package_file.file_name).to eq(file_upload.original_filename)
       end
     end
 
     def upload_file(params = {}, request_headers = headers)
-      put api("/projects/#{project.id}/packages/maven/com/example/my-app/1-0-SNAPSHOT/maven-metadata.xml"), params, request_headers
+      put api("/projects/#{project.id}/packages/maven/com/example/my-app/1.0-SNAPSHOT/maven-metadata.xml"), params, request_headers
     end
 
     def upload_file_with_token(params = {}, request_headers = headers_with_token)