Commit 29c46433 authored by Rémy Coutable's avatar Rémy Coutable

Merge branch '18999-add-current-user-check-to-events-api' into 'master'

Check if current user is present in Events api

See merge request gitlab-org/gitlab!22956
parents 54e71a5c d5b17111
...@@ -43,16 +43,17 @@ class EventsFinder ...@@ -43,16 +43,17 @@ class EventsFinder
events = sort(events) events = sort(events)
events = events.with_associations if params[:with_associations] events = events.with_associations if params[:with_associations]
paginated_filtered_by_user_visibility(events) paginated_filtered_by_user_visibility(events)
end end
private private
def get_events def get_events
return EventCollection.new(current_user.authorized_projects).all_project_events if scope == 'all' if current_user && scope == 'all'
EventCollection.new(current_user.authorized_projects).all_project_events
source.events else
source.events
end
end end
# rubocop: disable CodeReuse/ActiveRecord # rubocop: disable CodeReuse/ActiveRecord
......
---
title: Authenticate user when scope is passed to events api
merge_request: 22956
author: briankabiro
type: fixed
...@@ -171,6 +171,18 @@ describe API::Events do ...@@ -171,6 +171,18 @@ describe API::Events do
expect(json_response[0]['target_id']).to eq(closed_issue.id) expect(json_response[0]['target_id']).to eq(closed_issue.id)
end end
end end
context 'when scope is passed' do
context 'when unauthenticated' do
it 'returns no user events' do
get api("/users/#{user.username}/events?scope=all")
expect(response).to have_gitlab_http_status(200)
expect(json_response).to be_an Array
expect(json_response.size).to eq(0)
end
end
end
end end
it 'returns a 404 error if not found' do it 'returns a 404 error if not found' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment