1# frozen_string_literal: true 2 3require 'spec_helper' 4 5# Snippet visibility scenarios are included in more details in spec/support/snippet_visibility.rb 6RSpec.describe PersonalSnippetPolicy do 7 let(:regular_user) { create(:user) } 8 let(:external_user) { create(:user, :external) } 9 let(:admin_user) { create(:user, :admin) } 10 11 let(:author_permissions) do 12 [ 13 :update_snippet, 14 :admin_snippet 15 ] 16 end 17 18 def permissions(user) 19 described_class.new(user, snippet) 20 end 21 22 shared_examples 'admin access with admin mode' do 23 context 'admin user', :enable_admin_mode do 24 subject { permissions(admin_user) } 25 26 it do 27 is_expected.to be_allowed(:read_snippet) 28 is_expected.to be_allowed(:create_note) 29 is_expected.to be_allowed(:award_emoji) 30 is_expected.to be_allowed(*author_permissions) 31 end 32 end 33 end 34 35 context 'public snippet' do 36 let(:snippet) { create(:personal_snippet, :public) } 37 38 context 'no user' do 39 subject { permissions(nil) } 40 41 it do 42 is_expected.to be_allowed(:read_snippet) 43 is_expected.to be_disallowed(:create_note) 44 is_expected.to be_disallowed(:award_emoji) 45 is_expected.to be_disallowed(*author_permissions) 46 end 47 end 48 49 context 'regular user' do 50 subject { permissions(regular_user) } 51 52 it do 53 is_expected.to be_allowed(:read_snippet) 54 is_expected.to be_allowed(:create_note) 55 is_expected.to be_allowed(:award_emoji) 56 is_expected.to be_disallowed(*author_permissions) 57 end 58 end 59 60 context 'author' do 61 subject { permissions(snippet.author) } 62 63 it do 64 is_expected.to be_allowed(:read_snippet) 65 is_expected.to be_allowed(:create_note) 66 is_expected.to be_allowed(:award_emoji) 67 is_expected.to be_allowed(*author_permissions) 68 end 69 end 70 71 it_behaves_like 'admin access with admin mode' 72 end 73 74 context 'internal snippet' do 75 let(:snippet) { create(:personal_snippet, :internal) } 76 77 context 'no user' do 78 subject { permissions(nil) } 79 80 it do 81 is_expected.to be_disallowed(:read_snippet) 82 is_expected.to be_disallowed(:create_note) 83 is_expected.to be_disallowed(:award_emoji) 84 is_expected.to be_disallowed(*author_permissions) 85 end 86 end 87 88 context 'regular user' do 89 subject { permissions(regular_user) } 90 91 it do 92 is_expected.to be_allowed(:read_snippet) 93 is_expected.to be_allowed(:create_note) 94 is_expected.to be_allowed(:award_emoji) 95 is_expected.to be_disallowed(*author_permissions) 96 end 97 end 98 99 context 'external user' do 100 subject { permissions(external_user) } 101 102 it do 103 is_expected.to be_disallowed(:read_snippet) 104 is_expected.to be_disallowed(:create_note) 105 is_expected.to be_disallowed(:award_emoji) 106 is_expected.to be_disallowed(*author_permissions) 107 end 108 end 109 110 context 'snippet author' do 111 subject { permissions(snippet.author) } 112 113 it do 114 is_expected.to be_allowed(:read_snippet) 115 is_expected.to be_allowed(:create_note) 116 is_expected.to be_allowed(:award_emoji) 117 is_expected.to be_allowed(*author_permissions) 118 end 119 end 120 121 it_behaves_like 'admin access with admin mode' 122 end 123 124 context 'private snippet' do 125 let(:snippet) { create(:project_snippet, :private) } 126 127 context 'no user' do 128 subject { permissions(nil) } 129 130 it do 131 is_expected.to be_disallowed(:read_snippet) 132 is_expected.to be_disallowed(:create_note) 133 is_expected.to be_disallowed(:award_emoji) 134 is_expected.to be_disallowed(*author_permissions) 135 end 136 end 137 138 context 'regular user' do 139 subject { permissions(regular_user) } 140 141 it do 142 is_expected.to be_disallowed(:read_snippet) 143 is_expected.to be_disallowed(:create_note) 144 is_expected.to be_disallowed(:award_emoji) 145 is_expected.to be_disallowed(*author_permissions) 146 end 147 end 148 149 context 'external user' do 150 subject { permissions(external_user) } 151 152 it do 153 is_expected.to be_disallowed(:read_snippet) 154 is_expected.to be_disallowed(:create_note) 155 is_expected.to be_disallowed(:award_emoji) 156 is_expected.to be_disallowed(*author_permissions) 157 end 158 end 159 160 context 'snippet author' do 161 subject { permissions(snippet.author) } 162 163 it do 164 is_expected.to be_allowed(:read_snippet) 165 is_expected.to be_allowed(:create_note) 166 is_expected.to be_allowed(:award_emoji) 167 is_expected.to be_allowed(*author_permissions) 168 end 169 end 170 171 it_behaves_like 'admin access with admin mode' 172 end 173end 174