Commit bb6f2467 authored by Kamil Trzcinski's avatar Kamil Trzcinski

Authorize environments controller actions

parent e129f66d
class Projects::EnvironmentsController < Projects::ApplicationController
layout 'project'
before_action :authorize_read_environment!
before_action :authorize_create_environment!, only: [:new, :create]
before_action :authorize_update_environment!, only: [:destroy]
before_action :environment, only: [:show, :destroy]
def index
......
......@@ -9,7 +9,7 @@
= form_for @environment, url: namespace_project_environments_path(@project.namespace, @project), html: { id: "new-environment-form", class: "col-lg-9 js-new-environment-form js-requires-input" } do |f|
= form_errors(@environment)
.form-group
= f.label :ref, 'Environment name', class: 'label-light'
= f.label :name, 'Environment name', class: 'label-light'
= f.text_field :name, required: true, class: 'form-control'
= f.submit 'Create environment', class: 'btn btn-create'
= link_to "Cancel", namespace_project_environments_path(@project.namespace, @project), class: "btn btn-cancel"
......@@ -9,6 +9,7 @@
.col-md-3
.nav-controls
- if can?(current_user, :update_environment, @project)
= link_to 'Destroy', namespace_project_environment_path(@project.namespace, @project, @environment), data: { confirm: 'Are you sure?' }, class: 'btn btn-danger', method: :delete
- if @deployments.blank?
......
......@@ -175,6 +175,49 @@ describe "Public Project Access", feature: true do
end
end
describe "GET /:project_path/environments" do
subject { namespace_project_environments_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for owner }
it { is_expected.to be_allowed_for master }
it { is_expected.to be_allowed_for developer }
it { is_expected.to be_allowed_for reporter }
it { is_expected.to be_denied_for guest }
it { is_expected.to be_denied_for :user }
it { is_expected.to be_denied_for :external }
it { is_expected.to be_denied_for :visitor }
end
describe "GET /:project_path/environments/:id" do
let(:environment) { create(:environment, project: project) }
subject { namespace_project_environments_path(project.namespace, project, environment) }
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for owner }
it { is_expected.to be_allowed_for master }
it { is_expected.to be_allowed_for developer }
it { is_expected.to be_allowed_for reporter }
it { is_expected.to be_denied_for guest }
it { is_expected.to be_denied_for :user }
it { is_expected.to be_denied_for :external }
it { is_expected.to be_denied_for :visitor }
end
describe "GET /:project_path/environments/new" do
subject { new_namespace_project_environment_path(project.namespace, project) }
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for owner }
it { is_expected.to be_allowed_for master }
it { is_expected.to be_allowed_for developer }
it { is_expected.to be_denied_for reporter }
it { is_expected.to be_denied_for guest }
it { is_expected.to be_denied_for :user }
it { is_expected.to be_denied_for :external }
it { is_expected.to be_denied_for :visitor }
end
describe "GET /:project_path/blob" do
let(:commit) { project.repository.commit }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment