Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Tatuya Kamada
gitlab-ce
Commits
68154e8f
Commit
68154e8f
authored
Dec 07, 2011
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
spec fix
parent
cb021e58
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
22 additions
and
13 deletions
+22
-13
app/models/project.rb
app/models/project.rb
+10
-1
spec/models/project_security_spec.rb
spec/models/project_security_spec.rb
+9
-9
spec/requests/projects_security_spec.rb
spec/requests/projects_security_spec.rb
+3
-3
No files found.
app/models/project.rb
View file @
68154e8f
...
@@ -114,9 +114,18 @@ class Project < ActiveRecord::Base
...
@@ -114,9 +114,18 @@ class Project < ActiveRecord::Base
!!
commit
!!
commit
end
end
# Compatible with all access rights
# Should be rewrited for new access rights
def
add_access
(
user
,
*
access
)
def
add_access
(
user
,
*
access
)
access
=
if
access
.
include?
(
:admin
)
{
:project_access
=>
PROJECT_RWA
}
elsif
access
.
include?
(
:write
)
{
:project_access
=>
PROJECT_RW
}
else
{
:project_access
=>
PROJECT_R
}
end
opts
=
{
:user
=>
user
}
opts
=
{
:user
=>
user
}
access
.
each
{
|
name
|
opts
.
merge!
(
name
=>
true
)
}
opts
.
merge!
(
access
)
users_projects
.
create
(
opts
)
users_projects
.
create
(
opts
)
end
end
...
...
spec/models/project_security_spec.rb
View file @
68154e8f
...
@@ -10,30 +10,30 @@ describe Project do
...
@@ -10,30 +10,30 @@ describe Project do
@abilities
<<
Ability
@abilities
<<
Ability
end
end
describe
:read
do
describe
"read access"
do
before
do
before
do
@p1
.
users_projects
.
create
(
:project
=>
@p1
,
:user
=>
@u1
,
:
read
=>
false
)
@p1
.
users_projects
.
create
(
:project
=>
@p1
,
:user
=>
@u1
,
:
project_access
=>
Project
::
PROJECT_N
)
@p1
.
users_projects
.
create
(
:project
=>
@p1
,
:user
=>
@u2
,
:
read
=>
true
)
@p1
.
users_projects
.
create
(
:project
=>
@p1
,
:user
=>
@u2
,
:
project_access
=>
Project
::
PROJECT_R
)
end
end
it
{
@abilities
.
allowed?
(
@u1
,
:read_project
,
@p1
).
should
be_false
}
it
{
@abilities
.
allowed?
(
@u1
,
:read_project
,
@p1
).
should
be_false
}
it
{
@abilities
.
allowed?
(
@u2
,
:read_project
,
@p1
).
should
be_true
}
it
{
@abilities
.
allowed?
(
@u2
,
:read_project
,
@p1
).
should
be_true
}
end
end
describe
:write
do
describe
"write access"
do
before
do
before
do
@p1
.
users_projects
.
create
(
:project
=>
@p1
,
:user
=>
@u1
,
:
write
=>
false
)
@p1
.
users_projects
.
create
(
:project
=>
@p1
,
:user
=>
@u1
,
:
project_access
=>
Project
::
PROJECT_R
)
@p1
.
users_projects
.
create
(
:project
=>
@p1
,
:user
=>
@u2
,
:
write
=>
true
)
@p1
.
users_projects
.
create
(
:project
=>
@p1
,
:user
=>
@u2
,
:
project_access
=>
Project
::
PROJECT_RW
)
end
end
it
{
@abilities
.
allowed?
(
@u1
,
:write_project
,
@p1
).
should
be_false
}
it
{
@abilities
.
allowed?
(
@u1
,
:write_project
,
@p1
).
should
be_false
}
it
{
@abilities
.
allowed?
(
@u2
,
:write_project
,
@p1
).
should
be_true
}
it
{
@abilities
.
allowed?
(
@u2
,
:write_project
,
@p1
).
should
be_true
}
end
end
describe
:admin
do
describe
"admin access"
do
before
do
before
do
@p1
.
users_projects
.
create
(
:project
=>
@p1
,
:user
=>
@u1
,
:
admin
=>
false
)
@p1
.
users_projects
.
create
(
:project
=>
@p1
,
:user
=>
@u1
,
:
project_access
=>
Project
::
PROJECT_RW
)
@p1
.
users_projects
.
create
(
:project
=>
@p1
,
:user
=>
@u2
,
:
admin
=>
true
)
@p1
.
users_projects
.
create
(
:project
=>
@p1
,
:user
=>
@u2
,
:
project_access
=>
Project
::
PROJECT_RWA
)
end
end
it
{
@abilities
.
allowed?
(
@u1
,
:admin_project
,
@p1
).
should
be_false
}
it
{
@abilities
.
allowed?
(
@u1
,
:admin_project
,
@p1
).
should
be_false
}
...
...
spec/requests/projects_security_spec.rb
View file @
68154e8f
...
@@ -20,11 +20,11 @@ describe "Projects" do
...
@@ -20,11 +20,11 @@ describe "Projects" do
@u2
=
Factory
:user
@u2
=
Factory
:user
@u3
=
Factory
:user
@u3
=
Factory
:user
# full access
# full access
@project
.
users_projects
.
create
(
:user
=>
@u1
,
:
read
=>
true
,
:write
=>
true
,
:admin
=>
true
)
@project
.
users_projects
.
create
(
:user
=>
@u1
,
:
project_access
=>
Project
::
PROJECT_RWA
)
# no access
# no access
@project
.
users_projects
.
create
(
:user
=>
@u2
,
:
read
=>
false
,
:write
=>
false
,
:admin
=>
false
)
@project
.
users_projects
.
create
(
:user
=>
@u2
,
:
project_access
=>
Project
::
PROJECT_N
)
# readonly
# readonly
@project
.
users_projects
.
create
(
:user
=>
@u3
,
:
read
=>
true
,
:write
=>
false
,
:admin
=>
false
)
@project
.
users_projects
.
create
(
:user
=>
@u3
,
:
project_access
=>
Project
::
PROJECT_R
)
end
end
describe
"GET /project_code"
do
describe
"GET /project_code"
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment