From ac3a471456954372fd1215583479aaaf7dc0a4f6 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Sun, 6 Oct 2013 22:30:46 +0100
Subject: Test that non-admin can't remove a repository

---
 git.liw.fi.yarn | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/git.liw.fi.yarn b/git.liw.fi.yarn
index c3b0dbb..1185597 100644
--- a/git.liw.fi.yarn
+++ b/git.liw.fi.yarn
@@ -74,11 +74,16 @@ be able to remove the repository.
 	SCENARIO public repositories
 	ASSUMING no tstusr user exists on server
 	GIVEN an ssh key for tstusr
+
 	WHEN admin creates user tstusr
 	AND admin creates repository tstrepo
 	THEN admin can clone tstrepo using git
 	AND admin can clone tstrepo using ssh
 	AND tstusr can clone tstrepo using ssh
+
+	WHEN tstusr attempts to remove repository tstrepo
+	THEN attempt failed with error matching "You may not destroy repositories you do not own"
+
 	FINALLY remove repository tstrepo on server
 	AND remove user tstusr on server
 
@@ -245,3 +250,9 @@ At the end, we need to clean up repositories.
 
 	IMPLEMENTS FINALLY remove repository (\S+) on server
 	destroy_repo admin "$MATCH_1"
+
+A non-admin may try to remove a repository. It should fail, but they
+can try.
+
+	IMPLEMENTS WHEN (\S+) attempts to remove repository (\S+)
+	attempt destroy_repo "$MATCH_1" "$MATCH_2"
-- 
cgit v1.2.1