Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
633ddc9e
Commit
633ddc9e
authored
Nov 15, 2016
by
James Lopez
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
fix authorization of builds and added relevant spec
parent
f93607a3
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
30 additions
and
2 deletions
+30
-2
app/controllers/projects/cycle_analytics/events_controller.rb
...controllers/projects/cycle_analytics/events_controller.rb
+5
-1
spec/requests/projects/cycle_analytics_events_spec.rb
spec/requests/projects/cycle_analytics_events_spec.rb
+25
-1
No files found.
app/controllers/projects/cycle_analytics/events_controller.rb
View file @
633ddc9e
...
@@ -2,7 +2,7 @@ class Projects::CycleAnalytics::EventsController < Projects::ApplicationControll
...
@@ -2,7 +2,7 @@ class Projects::CycleAnalytics::EventsController < Projects::ApplicationControll
include
CycleAnalyticsParams
include
CycleAnalyticsParams
before_action
:authorize_read_cycle_analytics!
before_action
:authorize_read_cycle_analytics!
before_action
:authorize_
read_
builds!
,
only:
[
:test
,
:staging
]
before_action
:authorize_builds!
,
only:
[
:test
,
:staging
]
def
issue
def
issue
render_events
(
events
.
issue_events
)
render_events
(
events
.
issue_events
)
...
@@ -56,4 +56,8 @@ class Projects::CycleAnalytics::EventsController < Projects::ApplicationControll
...
@@ -56,4 +56,8 @@ class Projects::CycleAnalytics::EventsController < Projects::ApplicationControll
params
[
:events
].
slice
(
:start_date
,
:branch_name
)
params
[
:events
].
slice
(
:start_date
,
:branch_name
)
end
end
def
authorize_builds!
return
access_denied!
unless
current_user
.
can?
(
:read_build
,
project
)
end
end
end
spec/requests/projects/cycle_analytics_events_spec.rb
View file @
633ddc9e
...
@@ -39,7 +39,7 @@ describe 'cycle analytics events' do
...
@@ -39,7 +39,7 @@ describe 'cycle analytics events' do
newest_sha
=
commits
.
sort_by
{
|
k
|
k
[
'date'
]
}.
first
[
:sha
][
0
...
8
]
newest_sha
=
commits
.
sort_by
{
|
k
|
k
[
'date'
]
}.
first
[
:sha
][
0
...
8
]
expect
(
json_response
[
'events'
].
first
[
'sha'
]).
to
eq
(
newest_sha
)
expect
(
json_response
[
'events'
].
first
[
'sh
ort_sh
a'
]).
to
eq
(
newest_sha
)
end
end
it
'lists the code events'
do
it
'lists the code events'
do
...
@@ -99,6 +99,30 @@ describe 'cycle analytics events' do
...
@@ -99,6 +99,30 @@ describe 'cycle analytics events' do
expect
(
json_response
[
'events'
].
first
[
'date'
]).
not_to
be_empty
expect
(
json_response
[
'events'
].
first
[
'date'
]).
not_to
be_empty
end
end
end
end
context
'with private project and builds'
do
before
do
ProjectMember
.
first
.
update
(
access_level:
Gitlab
::
Access
::
GUEST
)
end
it
'does not list the test events'
do
get
namespace_project_cycle_analytics_test_path
(
project
.
namespace
,
project
,
format: :json
)
expect
(
response
).
to
have_http_status
(
:not_found
)
end
it
'does not list the staging events'
do
get
namespace_project_cycle_analytics_staging_path
(
project
.
namespace
,
project
,
format: :json
)
expect
(
response
).
to
have_http_status
(
:not_found
)
end
it
'lists the issue events'
do
get
namespace_project_cycle_analytics_issue_path
(
project
.
namespace
,
project
,
format: :json
)
expect
(
response
).
to
have_http_status
(
:ok
)
end
end
end
end
def
json_response
def
json_response
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment