Non-interactive AWS install by running a single script.

Merge branch 'master' into non-interactive-aws-install

Conflicts:
	doc/installation.md

Fix merge mess in installation.md

spec/requests/admin/admin_projects_spec.rb

@@ -87,7 +87,7 @@ describe "Admin::Projects" do
       visit new_admin_project_path
       fill_in 'project_name', with: 'NewProject'
       fill_in 'project_code', with: 'NPR'
-      fill_in 'project_path', with: 'gitlabhq_1'
+      fill_in 'project_path', with: 'newproject'
       expect { click_button "Create project" }.to change { Project.count }.by(1)
       @project = Project.last
     end

spec/requests/admin/security_spec.rb

@@ -2,20 +2,26 @@ require 'spec_helper'
 
 describe "Admin::Projects" do
   describe "GET /admin/projects" do
-    it { admin_projects_path.should be_allowed_for :admin }
-    it { admin_projects_path.should be_denied_for :user }
-    it { admin_projects_path.should be_denied_for :visitor }
+    subject { admin_projects_path }
+
+    it { should be_allowed_for :admin }
+    it { should be_denied_for :user }
+    it { should be_denied_for :visitor }
   end
 
   describe "GET /admin/users" do
-    it { admin_users_path.should be_allowed_for :admin }
-    it { admin_users_path.should be_denied_for :user }
-    it { admin_users_path.should be_denied_for :visitor }
+    subject { admin_users_path }
+
+    it { should be_allowed_for :admin }
+    it { should be_denied_for :user }
+    it { should be_denied_for :visitor }
   end
 
   describe "GET /admin/hooks" do
-    it { admin_hooks_path.should be_allowed_for :admin }
-    it { admin_hooks_path.should be_denied_for :user }
-    it { admin_hooks_path.should be_denied_for :visitor }
+    subject { admin_hooks_path }
+
+    it { should be_allowed_for :admin }
+    it { should be_denied_for :user }
+    it { should be_denied_for :visitor }
   end
 end

spec/requests/api/issues_spec.rb

@@ -0,0 +1,72 @@
+require 'spec_helper'
+
+describe Gitlab::API do
+  include ApiHelpers
+
+  let(:user) { Factory :user }
+  let!(:project) { Factory :project, owner: user }
+  let!(:issue) { Factory :issue, author: user, assignee: user, project: project }
+  before { project.add_access(user, :read) }
+
+  describe "GET /issues" do
+    it "should return authentication error" do
+      get api("/issues")
+      response.status.should == 401
+    end
+
+    describe "authenticated GET /issues" do
+      it "should return an array of issues" do
+        get api("/issues", user)
+        response.status.should == 200
+        json_response.should be_an Array
+        json_response.first['title'].should == issue.title
+      end
+    end
+  end
+
+  describe "GET /projects/:id/issues" do
+    it "should return project issues" do
+      get api("/projects/#{project.code}/issues", user)
+      response.status.should == 200
+      json_response.should be_an Array
+      json_response.first['title'].should == issue.title
+    end
+  end
+
+  describe "GET /projects/:id/issues/:issue_id" do
+    it "should return a project issue by id" do
+      get api("/projects/#{project.code}/issues/#{issue.id}", user)
+      response.status.should == 200
+      json_response['title'].should == issue.title
+    end
+  end
+
+  describe "POST /projects/:id/issues" do
+    it "should create a new project issue" do
+      post api("/projects/#{project.code}/issues", user),
+        title: 'new issue', labels: 'label, label2'
+      response.status.should == 201
+      json_response['title'].should == 'new issue'
+      json_response['description'].should be_nil
+      json_response['labels'].should == ['label', 'label2']
+    end
+  end
+
+  describe "PUT /projects/:id/issues/:issue_id" do
+    it "should update a project issue" do
+      put api("/projects/#{project.code}/issues/#{issue.id}", user),
+        title: 'updated title', labels: 'label2', closed: 1
+      response.status.should == 200
+      json_response['title'].should == 'updated title'
+      json_response['labels'].should == ['label2']
+      json_response['closed'].should be_true
+    end
+  end
+
+  describe "DELETE /projects/:id/issues/:issue_id" do
+    it "should delete a project issue" do
+      delete api("/projects/#{project.code}/issues/#{issue.id}", user)
+      response.status.should == 405
+    end
+  end
+end

spec/requests/api/milestones_spec.rb

@@ -0,0 +1,47 @@
+require 'spec_helper'
+
+describe Gitlab::API do
+  include ApiHelpers
+
+  let(:user) { Factory :user }
+  let!(:project) { Factory :project, owner: user }
+  let!(:milestone) { Factory :milestone, project: project }
+
+  before { project.add_access(user, :read) }
+
+  describe "GET /projects/:id/milestones" do
+    it "should return project milestones" do
+      get api("/projects/#{project.code}/milestones", user)
+      response.status.should == 200
+      json_response.should be_an Array
+      json_response.first['title'].should == milestone.title
+    end
+  end
+
+  describe "GET /projects/:id/milestones/:milestone_id" do
+    it "should return a project milestone by id" do
+      get api("/projects/#{project.code}/milestones/#{milestone.id}", user)
+      response.status.should == 200
+      json_response['title'].should == milestone.title
+    end
+  end
+
+  describe "POST /projects/:id/milestones" do
+    it "should create a new project milestone" do
+      post api("/projects/#{project.code}/milestones", user),
+        title: 'new milestone'
+      response.status.should == 201
+      json_response['title'].should == 'new milestone'
+      json_response['description'].should be_nil
+    end
+  end
+
+  describe "PUT /projects/:id/milestones/:milestone_id" do
+    it "should update a project milestone" do
+      put api("/projects/#{project.code}/milestones/#{milestone.id}", user),
+        title: 'updated title'
+      response.status.should == 200
+      json_response['title'].should == 'updated title'
+    end
+  end
+end

spec/requests/api/projects_spec.rb

@@ -0,0 +1,135 @@
+require 'spec_helper'
+
+describe Gitlab::API do
+  include ApiHelpers
+
+  let(:user) { Factory :user }
+  let!(:project) { Factory :project, owner: user }
+  let!(:snippet) { Factory :snippet, author: user, project: project, title: 'example' }
+  before { project.add_access(user, :read) }
+
+  describe "GET /projects" do
+    it "should return authentication error" do
+      get api("/projects")
+      response.status.should == 401
+    end
+
+    describe "authenticated GET /projects" do
+      it "should return an array of projects" do
+        get api("/projects", user)
+        response.status.should == 200
+        json_response.should be_an Array
+        json_response.first['name'].should == project.name
+        json_response.first['owner']['email'].should == user.email
+      end
+    end
+  end
+
+  describe "GET /projects/:id" do
+    it "should return a project by id" do
+      get api("/projects/#{project.id}", user)
+      response.status.should == 200
+      json_response['name'].should == project.name
+      json_response['owner']['email'].should == user.email
+    end
+
+    it "should return a project by code name" do
+      get api("/projects/#{project.code}", user)
+      response.status.should == 200
+      json_response['name'].should == project.name
+    end
+
+    it "should return a 404 error if not found" do
+      get api("/projects/42", user)
+      response.status.should == 404
+      json_response['message'].should == '404 Not found'
+    end
+  end
+
+  describe "GET /projects/:id/repository/branches" do
+    it "should return an array of project branches" do
+      get api("/projects/#{project.code}/repository/branches", user)
+      response.status.should == 200
+      json_response.should be_an Array
+      json_response.first['name'].should == project.repo.heads.sort_by(&:name).first.name
+    end
+  end
+
+  describe "GET /projects/:id/repository/branches/:branch" do
+    it "should return the branch information for a single branch" do
+      get api("/projects/#{project.code}/repository/branches/new_design", user)
+      response.status.should == 200
+
+      json_response['name'].should == 'new_design'
+      json_response['commit']['id'].should == '621491c677087aa243f165eab467bfdfbee00be1'
+    end
+  end
+
+  describe "GET /projects/:id/repository/tags" do
+    it "should return an array of project tags" do
+      get api("/projects/#{project.code}/repository/tags", user)
+      response.status.should == 200
+      json_response.should be_an Array
+      json_response.first['name'].should == project.repo.tags.sort_by(&:name).reverse.first.name
+    end
+  end
+
+  describe "GET /projects/:id/snippets/:snippet_id" do
+    it "should return a project snippet" do
+      get api("/projects/#{project.code}/snippets/#{snippet.id}", user)
+      response.status.should == 200
+      json_response['title'].should == snippet.title
+    end
+  end
+
+  describe "POST /projects/:id/snippets" do
+    it "should create a new project snippet" do
+      post api("/projects/#{project.code}/snippets", user),
+        title: 'api test', file_name: 'sample.rb', code: 'test'
+      response.status.should == 201
+      json_response['title'].should == 'api test'
+    end
+  end
+
+  describe "PUT /projects/:id/snippets" do
+    it "should update an existing project snippet" do
+      put api("/projects/#{project.code}/snippets/#{snippet.id}", user),
+        code: 'updated code'
+      response.status.should == 200
+      json_response['title'].should == 'example'
+      snippet.reload.content.should == 'updated code'
+    end
+  end
+
+  describe "DELETE /projects/:id/snippets/:snippet_id" do
+    it "should delete existing project snippet" do
+      expect {
+        delete api("/projects/#{project.code}/snippets/#{snippet.id}", user)
+      }.to change { Snippet.count }.by(-1)
+    end
+  end
+
+  describe "GET /projects/:id/snippets/:snippet_id/raw" do
+    it "should get a raw project snippet" do
+      get api("/projects/#{project.code}/snippets/#{snippet.id}/raw", user)
+      response.status.should == 200
+    end
+  end
+
+  describe "GET /projects/:id/:sha/blob" do
+    it "should get the raw file contents" do
+      get api("/projects/#{project.code}/repository/commits/master/blob?filepath=README.md", user)
+      response.status.should == 200
+    end
+
+    it "should return 404 for invalid branch_name" do
+      get api("/projects/#{project.code}/repository/commits/invalid_branch_name/blob?filepath=README.md", user)
+      response.status.should == 404
+    end
+
+    it "should return 404 for invalid file" do
+      get api("/projects/#{project.code}/repository/commits/master/blob?filepath=README.invalid", user)
+      response.status.should == 404
+    end
+  end
+end

spec/requests/api/users_spec.rb

@@ -0,0 +1,39 @@
+require 'spec_helper'
+
+describe Gitlab::API do
+  include ApiHelpers
+
+  let(:user) { Factory :user }
+
+  describe "GET /users" do
+    it "should return authentication error" do
+      get api("/users")
+      response.status.should == 401
+    end
+
+    describe "authenticated GET /users" do
+      it "should return an array of users" do
+        get api("/users", user)
+        response.status.should == 200
+        json_response.should be_an Array
+        json_response.first['email'].should == user.email
+      end
+    end
+  end
+
+  describe "GET /users/:id" do
+    it "should return a user by id" do
+      get api("/users/#{user.id}", user)
+      response.status.should == 200
+      json_response['email'].should == user.email
+    end
+  end
+
+  describe "GET /user" do
+    it "should return current user" do
+      get api("/user", user)
+      response.status.should == 200
+      json_response['email'].should == user.email
+    end
+  end
+end

spec/requests/atom/dashboard_issues_spec.rb

@@ -6,13 +6,9 @@ describe "User Issues Dashboard" do
 
       login_as :user
 
-      @project1 = Factory :project,
-        path: "project1",
-        code: "TEST1"
+      @project1 = Factory :project
 
-      @project2 = Factory :project,
-        path: "project2",
-        code: "TEST2"
+      @project2 = Factory :project
 
       @project1.add_access(@user, :read, :write)
       @project2.add_access(@user, :read, :write)

spec/requests/projects_deploy_keys_spec.rb

@@ -42,7 +42,7 @@ describe "Projects", "DeployKeys" do
     describe "fill in" do
       before do
         fill_in "key_title", with: "laptop"
-        fill_in "key_key", with: "publickey234="
+        fill_in "key_key", with: "ssh-rsa publickey234="
       end
 
       it { expect { click_button "Save" }.to change {Key.count}.by(1) }
@@ -55,12 +55,12 @@ describe "Projects", "DeployKeys" do
     end
   end
 
-  describe "Show page" do 
+  describe "Show page" do
     before do
       @key = Factory :key, project: project
-      visit project_deploy_key_path(project, @key) 
+      visit project_deploy_key_path(project, @key)
     end
-    
+
     it { page.should have_content @key.title }
     it { page.should have_content @key.key[0..10] }
   end

spec/requests/security/profile_access_spec.rb

@@ -11,24 +11,30 @@ describe "Users Security" do
     end
 
     describe "GET /keys" do
-      it { keys_path.should be_allowed_for @u1 }
-      it { keys_path.should be_allowed_for :admin }
-      it { keys_path.should be_allowed_for :user }
-      it { keys_path.should be_denied_for :visitor }
+      subject { keys_path }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for :admin }
+      it { should be_allowed_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /profile" do
-      it { profile_path.should be_allowed_for @u1 }
-      it { profile_path.should be_allowed_for :admin }
-      it { profile_path.should be_allowed_for :user }
-      it { profile_path.should be_denied_for :visitor }
+      subject { profile_path }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for :admin }
+      it { should be_allowed_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /profile/password" do
-      it { profile_password_path.should be_allowed_for @u1 }
-      it { profile_password_path.should be_allowed_for :admin }
-      it { profile_password_path.should be_allowed_for :user }
-      it { profile_password_path.should be_denied_for :visitor }
+      subject { profile_password_path }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for :admin }
+      it { should be_allowed_for :user }
+      it { should be_denied_for :visitor }
     end
   end
 end

spec/requests/security/project_access_spec.rb

@@ -26,64 +26,76 @@ describe "Application access" do
     end
 
     describe "GET /project_code" do
-      it { project_path(@project).should be_allowed_for @u1 }
-      it { project_path(@project).should be_allowed_for @u3 }
-      it { project_path(@project).should be_denied_for :admin }
-      it { project_path(@project).should be_denied_for @u2 }
-      it { project_path(@project).should be_denied_for :user }
-      it { project_path(@project).should be_denied_for :visitor }
+      subject { project_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/master/tree" do
-      it { tree_project_ref_path(@project, @project.root_ref).should be_allowed_for @u1 }
-      it { tree_project_ref_path(@project, @project.root_ref).should be_allowed_for @u3 }
-      it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for :admin }
-      it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for @u2 }
-      it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for :user }
-      it { tree_project_ref_path(@project, @project.root_ref).should be_denied_for :visitor }
+      subject { tree_project_ref_path(@project, @project.root_ref) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/commits" do
-      it { project_commits_path(@project).should be_allowed_for @u1 }
-      it { project_commits_path(@project).should be_allowed_for @u3 }
-      it { project_commits_path(@project).should be_denied_for :admin }
-      it { project_commits_path(@project).should be_denied_for @u2 }
-      it { project_commits_path(@project).should be_denied_for :user }
-      it { project_commits_path(@project).should be_denied_for :visitor }
+      subject { project_commits_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/commit" do
-      it { project_commit_path(@project, @project.commit.id).should be_allowed_for @u1 }
-      it { project_commit_path(@project, @project.commit.id).should be_allowed_for @u3 }
-      it { project_commit_path(@project, @project.commit.id).should be_denied_for :admin }
-      it { project_commit_path(@project, @project.commit.id).should be_denied_for @u2 }
-      it { project_commit_path(@project, @project.commit.id).should be_denied_for :user }
-      it { project_commit_path(@project, @project.commit.id).should be_denied_for :visitor }
+      subject { project_commit_path(@project, @project.commit.id) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/team" do
-      it { team_project_path(@project).should be_allowed_for @u1 }
-      it { team_project_path(@project).should be_allowed_for @u3 }
-      it { team_project_path(@project).should be_denied_for :admin }
-      it { team_project_path(@project).should be_denied_for @u2 }
-      it { team_project_path(@project).should be_denied_for :user }
-      it { team_project_path(@project).should be_denied_for :visitor }
+      subject { team_project_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/wall" do
-      it { wall_project_path(@project).should be_allowed_for @u1 }
-      it { wall_project_path(@project).should be_allowed_for @u3 }
-      it { wall_project_path(@project).should be_denied_for :admin }
-      it { wall_project_path(@project).should be_denied_for @u2 }
-      it { wall_project_path(@project).should be_denied_for :user }
-      it { wall_project_path(@project).should be_denied_for :visitor }
+      subject { wall_project_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/blob" do
       before do
-        @commit = @project.commit
-        @path = @commit.tree.contents.select { |i| i.is_a?(Grit::Blob)}.first.name
-        @blob_path = blob_project_ref_path(@project, @commit.id, path: @path)
+        commit = @project.commit
+        path = commit.tree.contents.select { |i| i.is_a?(Grit::Blob)}.first.name
+        @blob_path = blob_project_ref_path(@project, commit.id, path: path)
       end
 
       it { @blob_path.should be_allowed_for @u1 }
@@ -95,93 +107,113 @@ describe "Application access" do
     end
 
     describe "GET /project_code/edit" do
-      it { edit_project_path(@project).should be_allowed_for @u1 }
-      it { edit_project_path(@project).should be_denied_for @u3 }
-      it { edit_project_path(@project).should be_denied_for :admin }
-      it { edit_project_path(@project).should be_denied_for @u2 }
-      it { edit_project_path(@project).should be_denied_for :user }
-      it { edit_project_path(@project).should be_denied_for :visitor }
+      subject { edit_project_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_denied_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/deploy_keys" do
-      it { project_deploy_keys_path(@project).should be_allowed_for @u1 }
-      it { project_deploy_keys_path(@project).should be_denied_for @u3 }
-      it { project_deploy_keys_path(@project).should be_denied_for :admin }
-      it { project_deploy_keys_path(@project).should be_denied_for @u2 }
-      it { project_deploy_keys_path(@project).should be_denied_for :user }
-      it { project_deploy_keys_path(@project).should be_denied_for :visitor }
+      subject { project_deploy_keys_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_denied_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/issues" do
-      it { project_issues_path(@project).should be_allowed_for @u1 }
-      it { project_issues_path(@project).should be_allowed_for @u3 }
-      it { project_issues_path(@project).should be_denied_for :admin }
-      it { project_issues_path(@project).should be_denied_for @u2 }
-      it { project_issues_path(@project).should be_denied_for :user }
-      it { project_issues_path(@project).should be_denied_for :visitor }
+      subject { project_issues_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/snippets" do
-      it { project_snippets_path(@project).should be_allowed_for @u1 }
-      it { project_snippets_path(@project).should be_allowed_for @u3 }
-      it { project_snippets_path(@project).should be_denied_for :admin }
-      it { project_snippets_path(@project).should be_denied_for @u2 }
-      it { project_snippets_path(@project).should be_denied_for :user }
-      it { project_snippets_path(@project).should be_denied_for :visitor }
+      subject { project_snippets_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/merge_requests" do
-      it { project_merge_requests_path(@project).should be_allowed_for @u1 }
-      it { project_merge_requests_path(@project).should be_allowed_for @u3 }
-      it { project_merge_requests_path(@project).should be_denied_for :admin }
-      it { project_merge_requests_path(@project).should be_denied_for @u2 }
-      it { project_merge_requests_path(@project).should be_denied_for :user }
-      it { project_merge_requests_path(@project).should be_denied_for :visitor }
+      subject { project_merge_requests_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/repository" do
-      it { project_repository_path(@project).should be_allowed_for @u1 }
-      it { project_repository_path(@project).should be_allowed_for @u3 }
-      it { project_repository_path(@project).should be_denied_for :admin }
-      it { project_repository_path(@project).should be_denied_for @u2 }
-      it { project_repository_path(@project).should be_denied_for :user }
-      it { project_repository_path(@project).should be_denied_for :visitor }
+      subject { project_repository_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/repository/branches" do
-      it { branches_project_repository_path(@project).should be_allowed_for @u1 }
-      it { branches_project_repository_path(@project).should be_allowed_for @u3 }
-      it { branches_project_repository_path(@project).should be_denied_for :admin }
-      it { branches_project_repository_path(@project).should be_denied_for @u2 }
-      it { branches_project_repository_path(@project).should be_denied_for :user }
-      it { branches_project_repository_path(@project).should be_denied_for :visitor }
+      subject { branches_project_repository_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/repository/tags" do
-      it { tags_project_repository_path(@project).should be_allowed_for @u1 }
-      it { tags_project_repository_path(@project).should be_allowed_for @u3 }
-      it { tags_project_repository_path(@project).should be_denied_for :admin }
-      it { tags_project_repository_path(@project).should be_denied_for @u2 }
-      it { tags_project_repository_path(@project).should be_denied_for :user }
-      it { tags_project_repository_path(@project).should be_denied_for :visitor }
+      subject { tags_project_repository_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/hooks" do
-      it { project_hooks_path(@project).should be_allowed_for @u1 }
-      it { project_hooks_path(@project).should be_allowed_for @u3 }
-      it { project_hooks_path(@project).should be_denied_for :admin }
-      it { project_hooks_path(@project).should be_denied_for @u2 }
-      it { project_hooks_path(@project).should be_denied_for :user }
-      it { project_hooks_path(@project).should be_denied_for :visitor }
+      subject { project_hooks_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
 
     describe "GET /project_code/files" do
-      it { files_project_path(@project).should be_allowed_for @u1 }
-      it { files_project_path(@project).should be_allowed_for @u3 }
-      it { files_project_path(@project).should be_denied_for :admin }
-      it { files_project_path(@project).should be_denied_for @u2 }
-      it { files_project_path(@project).should be_denied_for :user }
-      it { files_project_path(@project).should be_denied_for :visitor }
+      subject { files_project_path(@project) }
+
+      it { should be_allowed_for @u1 }
+      it { should be_allowed_for @u3 }
+      it { should be_denied_for :admin }
+      it { should be_denied_for @u2 }
+      it { should be_denied_for :user }
+      it { should be_denied_for :visitor }
     end
   end
 end