Skip to content

Commit

Permalink
Revert "Admin should have permissions to manage certificates for an o…
Browse files Browse the repository at this point in the history 
…rg (#6274)"

This reverts commit fdeb46a.
This is related to #6071
  • Loading branch information
@joelverhagen
joelverhagen committed Aug 7, 2018
1 parent fdeb46a commit d65c551
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 21 deletions.
2 changes: 1 addition & 1 deletion src/NuGetGallery/Services/ActionsRequiringPermissions.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,7 @@ public static class ActionsRequiringPermissions
/// </summary>
public static ActionRequiringAccountPermissions ManageAccount =
new ActionRequiringAccountPermissions(
accountPermissionsRequirement: RequireOwnerOrSiteAdminOrOrganizationAdmin);
accountPermissionsRequirement: RequireOwnerOrOrganizationAdmin);

/// <summary>
/// The action of managing an organization's memberships.
Expand Down
48 changes: 28 additions & 20 deletions tests/NuGetGallery.Facts/Controllers/OrganizationsControllerFacts.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,16 +48,17 @@ public static IEnumerable<object[]> AllowedCurrentUsers_Data

// Note general account tests are in the base class. Organization-specific tests are below.

public static IEnumerable<object[]> WithNonOrganizationOrSiteAdmin_ReturnsPartialPermissions_Data
public static IEnumerable<object[]> WithNonOrganizationAdmin_ReturnsPartialPermissions_Data
{
get
{
yield return MemberDataHelper.AsData(_getFakesSiteAdmin, false, true);
yield return MemberDataHelper.AsData(_getFakesOrganizationCollaborator, false, false);
}
}

[Theory]
[MemberData(nameof(WithNonOrganizationOrSiteAdmin_ReturnsPartialPermissions_Data))]
[MemberData(nameof(WithNonOrganizationAdmin_ReturnsPartialPermissions_Data))]
public void WithNonOrganizationAdmin_ReturnsPartialPermissions(Func<Fakes, User> getCurrentUser, bool canManage, bool canManageMemberships)
{
// Arrange
Expand Down Expand Up @@ -87,18 +88,19 @@ public static IEnumerable<object[]> AllowedCurrentUsers_Data

// Note general account tests are in the base class. Organization-specific tests are below.

public static IEnumerable<object[]> WithNonOrganizationOrSiteAdmin_ReturnsForbidden_Data
public static IEnumerable<object[]> WithNonOrganizationAdmin_ReturnsForbidden_Data
{
get
{
yield return MemberDataHelper.AsData(_getFakesUser);
yield return MemberDataHelper.AsData(_getFakesSiteAdmin);
yield return MemberDataHelper.AsData(_getFakesOrganizationCollaborator);
}
}

[Theory]
[MemberData(nameof(WithNonOrganizationOrSiteAdmin_ReturnsForbidden_Data))]
public async Task WithNonOrganizationOrSiteAdmin_ReturnsForbidden(Func<Fakes, User> getCurrentUser)
[MemberData(nameof(WithNonOrganizationAdmin_ReturnsForbidden_Data))]
public async Task WithNonOrganizationAdmin_ReturnsForbidden(Func<Fakes, User> getCurrentUser)
{
// Arrange
var controller = GetController();
Expand All @@ -125,18 +127,19 @@ public static IEnumerable<object[]> AllowedCurrentUsers_Data

// Note general account tests are in the base class. Organization-specific tests are below.

public static IEnumerable<object[]> WithNonOrganizationOrSiteAdmin_ReturnsForbidden_Data
public static IEnumerable<object[]> WithNonOrganizationAdmin_ReturnsForbidden_Data
{
get
{
yield return MemberDataHelper.AsData(_getFakesUser);
yield return MemberDataHelper.AsData(_getFakesSiteAdmin);
yield return MemberDataHelper.AsData(_getFakesOrganizationCollaborator);
}
}

[Theory]
[MemberData(nameof(WithNonOrganizationOrSiteAdmin_ReturnsForbidden_Data))]
public async Task WithNonOrganizationOrSiteAdmin_ReturnsForbidden(Func<Fakes, User> getCurrentUser)
[MemberData(nameof(WithNonOrganizationAdmin_ReturnsForbidden_Data))]
public async Task WithNonOrganizationAdmin_ReturnsForbidden(Func<Fakes, User> getCurrentUser)
{
// Arrange
var controller = GetController();
Expand Down Expand Up @@ -165,18 +168,19 @@ public static IEnumerable<object[]> AllowedCurrentUsers_Data

// Note general account tests are in the base class. Organization-specific tests are below.

public static IEnumerable<object[]> WithNonOrganizationOrSiteAdmin_ReturnsForbidden_Data
public static IEnumerable<object[]> WithNonOrganizationAdmin_ReturnsForbidden_Data
{
get
{
yield return MemberDataHelper.AsData(_getFakesUser);
yield return MemberDataHelper.AsData(_getFakesSiteAdmin);
yield return MemberDataHelper.AsData(_getFakesOrganizationCollaborator);
}
}

[Theory]
[MemberData(nameof(WithNonOrganizationOrSiteAdmin_ReturnsForbidden_Data))]
public async Task WithNonOrganizationOrSiteAdmin_ReturnsForbidden(Func<Fakes, User> getCurrentUser)
[MemberData(nameof(WithNonOrganizationAdmin_ReturnsForbidden_Data))]
public async Task WithNonOrganizationAdmin_ReturnsForbidden(Func<Fakes, User> getCurrentUser)
{
// Arrange
var controller = GetController();
Expand All @@ -202,18 +206,19 @@ public static IEnumerable<object[]> AllowedCurrentUsers_Data

// Note general account tests are in the base class. Organization-specific tests are below.

public static IEnumerable<object[]> WithNonOrganizationOrSiteAdmin_ReturnsForbidden_Data
public static IEnumerable<object[]> WithNonOrganizationAdmin_ReturnsForbidden_Data
{
get
{
yield return MemberDataHelper.AsData(_getFakesUser);
yield return MemberDataHelper.AsData(_getFakesSiteAdmin);
yield return MemberDataHelper.AsData(_getFakesOrganizationCollaborator);
}
}

[Theory]
[MemberData(nameof(WithNonOrganizationOrSiteAdmin_ReturnsForbidden_Data))]
public void WithNonOrganizationOrSiteAdmin_ReturnsForbidden(Func<Fakes, User> getCurrentUser)
[MemberData(nameof(WithNonOrganizationAdmin_ReturnsForbidden_Data))]
public void WithNonOrganizationAdmin_ReturnsForbidden(Func<Fakes, User> getCurrentUser)
{
// Arrange
var controller = GetController();
Expand All @@ -240,18 +245,19 @@ public static IEnumerable<object[]> AllowedCurrentUsers_Data

// Note general account tests are in the base class. Organization-specific tests are below.

public static IEnumerable<object[]> WithNonOrganizationOrSiteAdmin_ReturnsForbidden_Data
public static IEnumerable<object[]> WithNonOrganizationAdmin_ReturnsForbidden_Data
{
get
{
yield return MemberDataHelper.AsData(_getFakesUser);
yield return MemberDataHelper.AsData(_getFakesSiteAdmin);
yield return MemberDataHelper.AsData(_getFakesOrganizationCollaborator);
}
}

[Theory]
[MemberData(nameof(WithNonOrganizationOrSiteAdmin_ReturnsForbidden_Data))]
public async Task WithNonOrganizationOrSiteAdmin_ReturnsForbidden(Func<Fakes, User> getCurrentUser)
[MemberData(nameof(WithNonOrganizationAdmin_ReturnsForbidden_Data))]
public async Task WithNonOrganizationAdmin_ReturnsForbidden(Func<Fakes, User> getCurrentUser)
{
// Arrange
var controller = GetController();
Expand All @@ -278,18 +284,19 @@ public static IEnumerable<object[]> AllowedCurrentUsers_Data

// Note general account tests are in the base class. Organization-specific tests are below.

public static IEnumerable<object[]> WithNonOrganizationOrSiteAdmin_ReturnsForbidden_Data
public static IEnumerable<object[]> WithNonOrganizationAdmin_ReturnsForbidden_Data
{
get
{
yield return MemberDataHelper.AsData(_getFakesUser);
yield return MemberDataHelper.AsData(_getFakesSiteAdmin);
yield return MemberDataHelper.AsData(_getFakesOrganizationCollaborator);
}
}

[Theory]
[MemberData(nameof(WithNonOrganizationOrSiteAdmin_ReturnsForbidden_Data))]
public async Task WithNonOrganizationOrSiteAdmin_ReturnsForbidden(Func<Fakes, User> getCurrentUser)
[MemberData(nameof(WithNonOrganizationAdmin_ReturnsForbidden_Data))]
public async Task WithNonOrganizationAdmin_ReturnsForbidden(Func<Fakes, User> getCurrentUser)
{
// Arrange
var controller = GetController();
Expand Down Expand Up @@ -1187,6 +1194,7 @@ public static IEnumerable<object[]> IfNotAdministrator_ReturnsNotFound_Data
get
{
yield return MemberDataHelper.AsData(new Func<Fakes, User>(fakes => fakes.User));
yield return MemberDataHelper.AsData(new Func<Fakes, User>(fakes => fakes.Admin));
yield return MemberDataHelper.AsData(new Func<Fakes, User>(fakes => fakes.OrganizationCollaborator));
}
}
Expand Down

0 comments on commit d65c551

Please sign in to comment.