Commit 5d8a99f1 authored by Sebastian Ziebell's avatar Sebastian Ziebell

Test to check a user must be part of the team to see project.

A user must be part of the team to see a protected project. A test is given
to check that a 404 error is returned if the user can not see the project.
parent a534c9b7
...@@ -89,6 +89,12 @@ describe Gitlab::API do ...@@ -89,6 +89,12 @@ describe Gitlab::API do
response.status.should == 404 response.status.should == 404
json_response['message'].should == '404 Not Found' json_response['message'].should == '404 Not Found'
end end
it "should return a 404 error if user is not a member" do
other_user = create(:user)
get api("/projects/#{project.id}", other_user)
response.status.should == 404
end
end end
describe "GET /projects/:id/repository/branches" do describe "GET /projects/:id/repository/branches" do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment