Skip to content
Snippets Groups Projects
Verified Commit 1f587b1d authored by Sascha Eggenberger's avatar Sascha Eggenberger :speech_balloon: Committed by GitLab
Browse files

Security patch upgrade alert: Only expose to admins

Changelog: fixed
parent 289ef55e
No related branches found
No related tags found
2 merge requests!169849Draft: test Update merge_commit_diff_modes.yml,!169273Security patch upgrade alert: Only expose to admins
......@@ -6,7 +6,7 @@ module VersionCheckHelper
def show_version_check?
return false unless Gitlab::CurrentSettings.version_check_enabled
current_user&.can_read_all_resources? && !User.single_user&.requires_usage_stats_consent?
current_user&.can_admin_all_resources? && !User.single_user&.requires_usage_stats_consent?
end
def gitlab_version_check
......
......@@ -34,7 +34,7 @@
before do
stub_application_setting(version_check_enabled: true)
allow(User).to receive(:single_user).and_return(double(user, requires_usage_stats_consent?: false))
allow(user).to receive(:can_read_all_resources?).and_return(true)
allow(user).to receive(:can_admin_all_resources?).and_return(true)
sign_in(user)
visit help_path
......
......@@ -27,7 +27,7 @@
stub_application_setting(version_check_enabled: enabled)
allow(User).to receive(:single_user).and_return(double(user, requires_usage_stats_consent?: consent))
allow(helper).to receive(:current_user).and_return(user)
allow(user).to receive(:can_read_all_resources?).and_return(is_admin)
allow(user).to receive(:can_admin_all_resources?).and_return(is_admin)
end
it 'returns correct results' do
......
......@@ -3,9 +3,22 @@
require 'spec_helper'
RSpec.describe 'shared/gitlab_version/_security_patch_upgrade_alert' do
describe 'when show_security_patch_upgrade_alert? is true' do
let_it_be(:user) { build_stubbed(:user) }
let(:version_check_response) { { 'critical_vulnerability' => 'true' } }
before do
stub_application_setting(version_check_enabled: true)
allow_next_instance_of(VersionCheck) do |service|
allow(service).to receive(:response).and_return(version_check_response)
end
end
describe 'when version check is enabled and is admin' do
before do
allow(view).to receive(:show_security_patch_upgrade_alert?).and_return(true)
allow(view).to receive(:current_user).and_return(user)
allow(user).to receive(:can_admin_all_resources?).and_return(true)
render
end
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment