Fix deployments security check path and add checks for internal and public access

e1e0b763 · Pawel Chojnacki · 6dab3033 · e1e0b763 · e1e0b763 · e1e0b763
3 changed file
--- a/spec/features/security/project/internal_access_spec.rb
+++ b/spec/features/security/project/internal_access_spec.rb
@@ -428,6 +428,21 @@ describe "Internal Project Access", feature: true  do
    it { is_expected.to be_denied_for(:visitor) }
  end
+  describe "GET /:project_path/environments/:id/deployments" do
+    let(:environment) { create(:environment, project: project) }
+    subject { namespace_project_environment_deployments_path(project.namespace, project, environment) }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
+  end
  describe "GET /:project_path/environments/new" do
    subject { new_namespace_project_environment_path(project.namespace, project) }

--- a/spec/features/security/project/private_access_spec.rb
+++ b/spec/features/security/project/private_access_spec.rb
@@ -419,7 +419,7 @@ describe "Private Project Access", feature: true  do
  describe "GET /:project_path/environments/:id/deployments" do
    let(:environment) { create(:environment, project: project) }
-    subject { namespace_project_environment_path(project.namespace, project, environment) }
+    subject { namespace_project_environment_deployments_path(project.namespace, project, environment) }
    it { is_expected.to be_allowed_for(:admin) }
    it { is_expected.to be_allowed_for(:owner).of(project) }

--- a/spec/features/security/project/public_access_spec.rb
+++ b/spec/features/security/project/public_access_spec.rb
@@ -248,6 +248,21 @@ describe "Public Project Access", feature: true  do
    it { is_expected.to be_denied_for(:visitor) }
  end
+  describe "GET /:project_path/environments/:id/deployments" do
+    let(:environment) { create(:environment, project: project) }
+    subject { namespace_project_environment_deployments_path(project.namespace, project, environment) }
+    it { is_expected.to be_allowed_for(:admin) }
+    it { is_expected.to be_allowed_for(:owner).of(project) }
+    it { is_expected.to be_allowed_for(:master).of(project) }
+    it { is_expected.to be_allowed_for(:developer).of(project) }
+    it { is_expected.to be_allowed_for(:reporter).of(project) }
+    it { is_expected.to be_denied_for(:guest).of(project) }
+    it { is_expected.to be_denied_for(:user) }
+    it { is_expected.to be_denied_for(:external) }
+    it { is_expected.to be_denied_for(:visitor) }
+  end
  describe "GET /:project_path/environments/new" do
    subject { new_namespace_project_environment_path(project.namespace, project) }