Projects members tab should follow visibility levels

2016-04-18 17:52:10 -03:00 · 2016-04-18 17:52:10 -03:00 · 0b91ff287d
parent 62f6601c59
commit 0b91ff287d
5 changed files with 19 additions and 39 deletions
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@ -154,17 +154,9 @@ class Ability
      end
    end

-    def project_member_rules(team, user)
-      all_members_rules = []
-
-      #Rules only for members which does not include public behavior
-      all_members_rules << :read_members_list if team.members.include?(user)
-      all_members_rules
-    end
-
    def project_team_rules(team, user)
      # Rules based on role in project
-      filtered_rules = if team.master?(user)
+      if team.master?(user)
        project_master_rules
      elsif team.developer?(user)
        project_dev_rules
@ -173,8 +165,6 @@ class Ability
      elsif team.guest?(user)
        project_guest_rules
      end
-
-      Array(filtered_rules) + project_member_rules(team, user)
    end

    def public_project_rules
@ -199,7 +189,8 @@ class Ability
        :create_project,
        :create_issue,
        :create_note,
-        :upload_file
+        :upload_file,
+        :read_members_list
      ]
    end

--- a/spec/controllers/projects/project_members_controller_spec.rb
+++ b/spec/controllers/projects/project_members_controller_spec.rb
@ -48,7 +48,7 @@ describe Projects::ProjectMembersController do
  end

  describe 'index' do
-    let(:project) { create(:project, :internal) }
+    let(:project) { create(:project, :private) }

    context 'when user is member' do
      let(:member) { create(:user) }
@ -61,16 +61,5 @@ describe Projects::ProjectMembersController do

      it { expect(response.status).to eq(200) }
    end
-
-    context 'when user is not member' do
-      let(:not_member) { create(:user) }
-
-      before do
-        sign_in(not_member)
-        get :index, namespace_id: project.namespace.to_param, project_id: project.to_param
-      end
-
-      it { expect(response.status).to eq(403) }
-    end
  end
 end
--- a/spec/features/security/project/internal_access_spec.rb
+++ b/spec/features/security/project/internal_access_spec.rb
@ -101,12 +101,12 @@ describe "Internal Project Access", feature: true  do
    it { is_expected.to be_allowed_for :admin }
    it { is_expected.to be_allowed_for owner }
    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
+    it { is_expected.to be_allowed_for developer }
+    it { is_expected.to be_allowed_for reporter }
+    it { is_expected.to be_allowed_for guest }
+    it { is_expected.to be_allowed_for :user }
    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_denied_for :external }
  end

  describe "GET /:project_path/blob" do
--- a/spec/features/security/project/private_access_spec.rb
+++ b/spec/features/security/project/private_access_spec.rb
@ -101,9 +101,9 @@ describe "Private Project Access", feature: true  do
    it { is_expected.to be_allowed_for :admin }
    it { is_expected.to be_allowed_for owner }
    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
+    it { is_expected.to be_allowed_for developer }
+    it { is_expected.to be_allowed_for reporter }
+    it { is_expected.to be_allowed_for guest }
    it { is_expected.to be_denied_for :user }
    it { is_expected.to be_denied_for :external }
    it { is_expected.to be_denied_for :visitor }
--- a/spec/features/security/project/public_access_spec.rb
+++ b/spec/features/security/project/public_access_spec.rb
@ -101,12 +101,12 @@ describe "Public Project Access", feature: true  do
    it { is_expected.to be_allowed_for :admin }
    it { is_expected.to be_allowed_for owner }
    it { is_expected.to be_allowed_for master }
-    it { is_expected.to be_denied_for developer }
-    it { is_expected.to be_denied_for reporter }
-    it { is_expected.to be_denied_for guest }
-    it { is_expected.to be_denied_for :user }
-    it { is_expected.to be_denied_for :external }
-    it { is_expected.to be_denied_for :visitor }
+    it { is_expected.to be_allowed_for developer }
+    it { is_expected.to be_allowed_for reporter }
+    it { is_expected.to be_allowed_for guest }
+    it { is_expected.to be_allowed_for :user }
+    it { is_expected.to be_allowed_for :visitor }
+    it { is_expected.to be_allowed_for :external }
  end

  describe "GET /:project_path/builds" do