Introduce no_user_or_blocked? and fix tests due to

checking user permission.

Introduce no_user_or_blocked? and fix tests due to
checking user permission.
48090a91 · Lin Jen-Shin · a9765fb4 · 48090a91 · 48090a91
隐藏空白更改
内联并排

Showing with 22 addition and 6 deletion

lib/gitlab/user_access.rb lib/gitlab/user_access.rb +12 -4

spec/lib/gitlab/git_access_spec.rb spec/lib/gitlab/git_access_spec.rb +10 -2

未找到文件。
--- a/lib/gitlab/user_access.rb
+++ b/lib/gitlab/user_access.rb
@@ -8,6 +8,8 @@ module Gitlab
    end

    def can_do_action?(action)
+      return false if no_user_or_blocked?
+
      @permission_cache ||= {}
      @permission_cache[action] ||= user.can?(action, project)
    end
@@ -17,7 +19,7 @@ module Gitlab
    end

    def allowed?
-      return false if user.blank? || user.blocked?
+      return false if no_user_or_blocked?

      if user.requires_ldap_check? && user.try_obtain_ldap_lease
        return false unless Gitlab::LDAP::Access.allowed?(user)
@@ -27,7 +29,7 @@ module Gitlab
    end

    def can_push_to_branch?(ref)
-      return false unless user
+      return false if no_user_or_blocked?

      if project.protected_branch?(ref)
        return true if project.empty_repo? && project.user_can_push_to_empty_repo?(user)
@@ -40,7 +42,7 @@ module Gitlab
    end

    def can_merge_to_branch?(ref)
-      return false unless user
+      return false if no_user_or_blocked?

      if project.protected_branch?(ref)
        access_levels = project.protected_branches.matching(ref).map(&:merge_access_levels).flatten
@@ -51,9 +53,15 @@ module Gitlab
    end

    def can_read_project?
-      return false unless user
+      return false if no_user_or_blocked?

      user.can?(:read_project, project)
    end
+
+    private
+
+    def no_user_or_blocked?
+      user.nil? || user.blocked?
+    end
  end
 end
--- a/spec/lib/gitlab/git_access_spec.rb
+++ b/spec/lib/gitlab/git_access_spec.rb
@@ -112,9 +112,13 @@ describe Gitlab::GitAccess, lib: true do
    end

    describe 'deploy key permissions' do
-      let(:key) { create(:deploy_key) }
+      let(:key) { create(:deploy_key, user: user) }
      let(:actor) { key }

+      before do
+        project.team << [user, :master]
+      end
+
      context 'pull code' do
        context 'when project is authorized' do
          before { key.projects << project }
@@ -404,9 +408,13 @@ describe Gitlab::GitAccess, lib: true do
  end

  describe 'deploy key permissions' do
-    let(:key) { create(:deploy_key, can_push: can_push) }
+    let(:key) { create(:deploy_key, user: user, can_push: can_push) }
    let(:actor) { key }

+    before do
+      project.team << [user, :master]
+    end
+
    context 'when deploy_key can push' do
      let(:can_push) { true }