Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Add finer permission requirements for managing webhooks (#25463)

Browse source
This commit is contained in:
Claire 2023-06-22 14:52:25 +02:00 committed by GitHub
parent 63d15d5330
commit 602c458ab6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 52 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

22
spec/policies/webhook_policy_spec.rb
View file

@ -8,16 +8,32 @@ describe WebhookPolicy do
let(:admin) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account }
let(:john) { Fabricate(:account) }
permissions :index?, :create?, :show?, :update?, :enable?, :disable?, :rotate_secret?, :destroy? do
permissions :index?, :create? do
context 'with an admin' do
it 'permits' do
expect(policy).to permit(admin, Tag)
expect(policy).to permit(admin, Webhook)
end
end
context 'with a non-admin' do
it 'denies' do
expect(policy).to_not permit(john, Tag)
expect(policy).to_not permit(john, Webhook)
end
end
end
permissions :show?, :update?, :enable?, :disable?, :rotate_secret?, :destroy? do
let(:webhook) { Fabricate(:webhook, events: ['account.created', 'report.created']) }
context 'with an admin' do
it 'permits' do
expect(policy).to permit(admin, webhook)
end
end
context 'with a non-admin' do
it 'denies' do
expect(policy).to_not permit(john, webhook)
end
end
end