diff options
Diffstat (limited to '000.yarn')
-rw-r--r-- | 000.yarn | 36 |
1 files changed, 34 insertions, 2 deletions
@@ -91,9 +91,11 @@ the standard Gitano ruleset. allow "Writers may update any branch" op_is_normal user_is_repo_writer define user_is_repo_guest group exact ${config/guests} - define ref_is_for_user ref prefix ${user}/ + define branch_is_for_user ref prefix refs/heads/${user}/ + define tag_is_for_user ref prefix refs/tags/${user}/ allow "Guests may read and write" op_is_basic user_is_repo_guest - allow "Guests may update their own refs" op_is_normal user_is_repo_guest + allow "Guests may update their own branches" op_is_normal user_is_repo_guest branch_is_for_user + allow "Guests may update their own tags" op_is_normal user_is_repo_guest tag_is_for_user Use cases as automated test scenarios @@ -210,6 +212,36 @@ Gabriella can push changes and tag with her own prefix THEN gabriella can push qvarn with tags FINALLY admin removes things that were created +Gabriella can't push changes to master +----------------------------------------------------------------------------- + + SCENARIO Gabriella can't push changes to master + WHEN admin creates user gabriella + AND admin creates group qvarn-guests + AND admin adds gabriella to qvarn-guests + AND admin creates repository qvarn + AND admin sets qvarn config guests to qvarn-guests + THEN gabriella can clone qvarn + WHEN gabriella creates qvarn branch gabriella/bugfix + AND gabriella changes qvarn branch gabriella/bugfix + AND gabriella merges qvarn branch gabriella/bugfix to master + THEN gabriella cannot push qvarn + FINALLY admin removes things that were created + +Gabriella can't push release tag +----------------------------------------------------------------------------- + + SCENARIO Gabriella can't push release tag + WHEN admin creates user gabriella + AND admin creates group qvarn-guests + AND admin adds gabriella to qvarn-guests + AND admin creates repository qvarn + AND admin sets qvarn config guests to qvarn-guests + THEN gabriella can clone qvarn + WHEN gabriella tags qvarn master branch with qvarn-42.0 + THEN gabriella cannot push qvarn with tags + FINALLY admin removes things that were created + Steven can't read the ops/secrets repo ----------------------------------------------------------------------------- |