1# frozen_string_literal: true
2
3require 'spec_helper'
4
5# Snippet visibility scenarios are included in more details in spec/support/snippet_visibility.rb
6RSpec.describe PersonalSnippetPolicy do
7  let(:regular_user) { create(:user) }
8  let(:external_user) { create(:user, :external) }
9  let(:admin_user) { create(:user, :admin) }
10
11  let(:author_permissions) do
12    [
13      :update_snippet,
14      :admin_snippet
15    ]
16  end
17
18  def permissions(user)
19    described_class.new(user, snippet)
20  end
21
22  shared_examples 'admin access with admin mode' do
23    context 'admin user', :enable_admin_mode do
24      subject { permissions(admin_user) }
25
26      it do
27        is_expected.to be_allowed(:read_snippet)
28        is_expected.to be_allowed(:create_note)
29        is_expected.to be_allowed(:award_emoji)
30        is_expected.to be_allowed(*author_permissions)
31      end
32    end
33  end
34
35  context 'public snippet' do
36    let(:snippet) { create(:personal_snippet, :public) }
37
38    context 'no user' do
39      subject { permissions(nil) }
40
41      it do
42        is_expected.to be_allowed(:read_snippet)
43        is_expected.to be_disallowed(:create_note)
44        is_expected.to be_disallowed(:award_emoji)
45        is_expected.to be_disallowed(*author_permissions)
46      end
47    end
48
49    context 'regular user' do
50      subject { permissions(regular_user) }
51
52      it do
53        is_expected.to be_allowed(:read_snippet)
54        is_expected.to be_allowed(:create_note)
55        is_expected.to be_allowed(:award_emoji)
56        is_expected.to be_disallowed(*author_permissions)
57      end
58    end
59
60    context 'author' do
61      subject { permissions(snippet.author) }
62
63      it do
64        is_expected.to be_allowed(:read_snippet)
65        is_expected.to be_allowed(:create_note)
66        is_expected.to be_allowed(:award_emoji)
67        is_expected.to be_allowed(*author_permissions)
68      end
69    end
70
71    it_behaves_like 'admin access with admin mode'
72  end
73
74  context 'internal snippet' do
75    let(:snippet) { create(:personal_snippet, :internal) }
76
77    context 'no user' do
78      subject { permissions(nil) }
79
80      it do
81        is_expected.to be_disallowed(:read_snippet)
82        is_expected.to be_disallowed(:create_note)
83        is_expected.to be_disallowed(:award_emoji)
84        is_expected.to be_disallowed(*author_permissions)
85      end
86    end
87
88    context 'regular user' do
89      subject { permissions(regular_user) }
90
91      it do
92        is_expected.to be_allowed(:read_snippet)
93        is_expected.to be_allowed(:create_note)
94        is_expected.to be_allowed(:award_emoji)
95        is_expected.to be_disallowed(*author_permissions)
96      end
97    end
98
99    context 'external user' do
100      subject { permissions(external_user) }
101
102      it do
103        is_expected.to be_disallowed(:read_snippet)
104        is_expected.to be_disallowed(:create_note)
105        is_expected.to be_disallowed(:award_emoji)
106        is_expected.to be_disallowed(*author_permissions)
107      end
108    end
109
110    context 'snippet author' do
111      subject { permissions(snippet.author) }
112
113      it do
114        is_expected.to be_allowed(:read_snippet)
115        is_expected.to be_allowed(:create_note)
116        is_expected.to be_allowed(:award_emoji)
117        is_expected.to be_allowed(*author_permissions)
118      end
119    end
120
121    it_behaves_like 'admin access with admin mode'
122  end
123
124  context 'private snippet' do
125    let(:snippet) { create(:project_snippet, :private) }
126
127    context 'no user' do
128      subject { permissions(nil) }
129
130      it do
131        is_expected.to be_disallowed(:read_snippet)
132        is_expected.to be_disallowed(:create_note)
133        is_expected.to be_disallowed(:award_emoji)
134        is_expected.to be_disallowed(*author_permissions)
135      end
136    end
137
138    context 'regular user' do
139      subject { permissions(regular_user) }
140
141      it do
142        is_expected.to be_disallowed(:read_snippet)
143        is_expected.to be_disallowed(:create_note)
144        is_expected.to be_disallowed(:award_emoji)
145        is_expected.to be_disallowed(*author_permissions)
146      end
147    end
148
149    context 'external user' do
150      subject { permissions(external_user) }
151
152      it do
153        is_expected.to be_disallowed(:read_snippet)
154        is_expected.to be_disallowed(:create_note)
155        is_expected.to be_disallowed(:award_emoji)
156        is_expected.to be_disallowed(*author_permissions)
157      end
158    end
159
160    context 'snippet author' do
161      subject { permissions(snippet.author) }
162
163      it do
164        is_expected.to be_allowed(:read_snippet)
165        is_expected.to be_allowed(:create_note)
166        is_expected.to be_allowed(:award_emoji)
167        is_expected.to be_allowed(*author_permissions)
168      end
169    end
170
171    it_behaves_like 'admin access with admin mode'
172  end
173end
174