Test to check a user must be part of the team to see project.

A user must be part of the team to see a protected project. A test is given to check that a 404 error is returned if the user can not see the project.

Test to check a user must be part of the team to see project.
A user must be part of the team to see a protected project. A test is given to check that a 404 error is returned if the user can not see the project.
5d8a99f1 · Sebastian Ziebell · a534c9b7 · 5d8a99f1
Commit 5d8a99f1 authored Feb 06, 2013 by Sebastian Ziebell
Show whitespace changes
Inline Side-by-side

Showing with 6 additions and 0 deletions

spec/requests/api/projects_spec.rb spec/requests/api/projects_spec.rb +6 -0

No files found.
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -89,6 +89,12 @@ describe Gitlab::API do
      response.status.should == 404
      json_response['message'].should == '404 Not Found'
    end
+
+    it "should return a 404 error if user is not a member" do
+      other_user = create(:user)
+      get api("/projects/#{project.id}", other_user)
+      response.status.should == 404
+    end
  end

  describe "GET /projects/:id/repository/branches" do