gitlabhq/spec/features/security/profile_access_spec.rb

require 'spec_helper'

describe "Users Security" do
  describe "Project" do
    before do
      @u1 = create(:user)
    end

    describe "GET /login" do
      it { new_user_session_path.should_not be_404_for :visitor }
    end

    describe "GET /keys" do
      subject { keys_path }

      it { should be_allowed_for @u1 }
      it { should be_allowed_for :admin }
      it { should be_allowed_for :user }
      it { should be_denied_for :visitor }
    end

    describe "GET /profile" do
      subject { profile_path }

      it { should be_allowed_for @u1 }
      it { should be_allowed_for :admin }
      it { should be_allowed_for :user }
      it { should be_denied_for :visitor }
    end

    describe "GET /profile/account" do
      subject { account_profile_path }

      it { should be_allowed_for @u1 }
      it { should be_allowed_for :admin }
      it { should be_allowed_for :user }
      it { should be_denied_for :visitor }
    end

    describe "GET /profile/design" do
      subject { design_profile_path }

      it { should be_allowed_for @u1 }
      it { should be_allowed_for :admin }
      it { should be_allowed_for :user }
      it { should be_denied_for :visitor }
    end
  end
end
init commit 2011-10-08 23:36:38 +02:00			`require 'spec_helper'`

			`describe "Users Security" do`
			`describe "Project" do`
clean-up code * Remove trailing whitespace * Converts hard-tabs into two-space soft-tabs * Remove consecutive blank lines 2011-10-26 15:46:25 +02:00			`before do`
Remove backward compatibility of factories. 2012-11-06 04:31:55 +01:00			`@u1 = create(:user)`
init commit 2011-10-08 23:36:38 +02:00			`end`

clean-up code * Remove trailing whitespace * Converts hard-tabs into two-space soft-tabs * Remove consecutive blank lines 2011-10-26 15:46:25 +02:00			`describe "GET /login" do`
security improved 2011-10-17 12:39:03 +02:00			`it { new_user_session_path.should_not be_404_for :visitor }`
init commit 2011-10-08 23:36:38 +02:00			`end`

clean-up code * Remove trailing whitespace * Converts hard-tabs into two-space soft-tabs * Remove consecutive blank lines 2011-10-26 15:46:25 +02:00			`describe "GET /keys" do`
Clean up request specs 2012-08-25 19:43:55 +02:00			`subject { keys_path }`

			`it { should be_allowed_for @u1 }`
			`it { should be_allowed_for :admin }`
			`it { should be_allowed_for :user }`
			`it { should be_denied_for :visitor }`
init commit 2011-10-08 23:36:38 +02:00			`end`

clean-up code * Remove trailing whitespace * Converts hard-tabs into two-space soft-tabs * Remove consecutive blank lines 2011-10-26 15:46:25 +02:00			`describe "GET /profile" do`
Clean up request specs 2012-08-25 19:43:55 +02:00			`subject { profile_path }`

			`it { should be_allowed_for @u1 }`
			`it { should be_allowed_for :admin }`
			`it { should be_allowed_for :user }`
			`it { should be_denied_for :visitor }`
init commit 2011-10-08 23:36:38 +02:00			`end`

Refactored profile area 2012-09-14 18:13:25 +02:00			`describe "GET /profile/account" do`
Refactored profile to resource. Added missing flash notice on successfull updated. Update username via ajax 2012-12-02 12:29:24 +01:00			`subject { account_profile_path }`

			`it { should be_allowed_for @u1 }`
			`it { should be_allowed_for :admin }`
			`it { should be_allowed_for :user }`
			`it { should be_denied_for :visitor }`
			`end`

			`describe "GET /profile/design" do`
			`subject { design_profile_path }`
Clean up request specs 2012-08-25 19:43:55 +02:00
			`it { should be_allowed_for @u1 }`
			`it { should be_allowed_for :admin }`
			`it { should be_allowed_for :user }`
			`it { should be_denied_for :visitor }`
init commit 2011-10-08 23:36:38 +02:00			`end`
			`end`
			`end`