Commit c4a19ed7 authored by James Lopez's avatar James Lopez

Merge branch '14732-licenses-view-permissions' into 'master'

Add permission for License compliance view

See merge request gitlab-org/gitlab!17481
parents 5731c5b2 aa6837cf
......@@ -105,6 +105,7 @@ class License < ApplicationRecord
group_ip_restriction
incident_management
insights
licenses_list
license_management
pod_logs
prometheus_alerts
......
......@@ -79,6 +79,11 @@ module EE
@subject.feature_available?(:dependency_list)
end
with_scope :subject
condition(:licenses_list_enabled) do
@subject.feature_available?(:licenses_list)
end
with_scope :subject
condition(:feature_flags_disabled) do
!@subject.feature_available?(:feature_flags)
......@@ -153,6 +158,8 @@ module EE
rule { dependency_list_enabled & can?(:download_code) }.enable :read_dependencies
rule { licenses_list_enabled & can?(:read_software_license_policy) }.enable :read_licenses_list
rule { repository_mirrors_enabled & ((mirror_available & can?(:admin_project)) | admin) }.enable :admin_mirror
rule { deploy_board_disabled & ~is_development }.prevent :read_deploy_board
......
......@@ -730,6 +730,64 @@ describe ProjectPolicy do
end
end
describe 'read_licenses_list' do
context 'when licenses list feature available' do
context 'when license management feature available' do
before do
stub_licensed_features(licenses_list: true, license_management: true)
end
context 'with public project' do
let(:current_user) { create(:user) }
context 'with public access to repository' do
it { is_expected.to be_allowed(:read_licenses_list) }
end
end
context 'with private project' do
let(:project) { create(:project, :private, namespace: owner.namespace) }
where(role: %w[admin owner maintainer developer reporter guest])
with_them do
let(:current_user) { public_send(role) }
it { is_expected.to be_allowed(:read_licenses_list) }
end
context 'with not member' do
let(:current_user) { create(:user) }
it { is_expected.to be_disallowed(:read_licenses_list) }
end
context 'with anonymous' do
let(:current_user) { nil }
it { is_expected.to be_disallowed(:read_licenses_list) }
end
end
end
context 'when license management feature in not available' do
let(:current_user) { admin }
before do
stub_licensed_features(licenses_list: true)
end
it { is_expected.to be_disallowed(:read_licenses_list) }
end
end
context 'when licenses list feature not available' do
let(:current_user) { admin }
it { is_expected.to be_disallowed(:read_licenses_list) }
end
end
describe 'create_web_ide_terminal' do
before do
stub_licensed_features(web_ide_terminal: true)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment