Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
d1a440e7
Commit
d1a440e7
authored
Feb 25, 2021
by
Serena Fang
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add tests for admin current user
parent
545cdd7a
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
13 additions
and
3 deletions
+13
-3
lib/api/entities/user_safe.rb
lib/api/entities/user_safe.rb
+1
-1
spec/lib/api/entities/user_spec.rb
spec/lib/api/entities/user_spec.rb
+12
-2
No files found.
lib/api/entities/user_safe.rb
View file @
d1a440e7
...
@@ -4,7 +4,7 @@ module API
...
@@ -4,7 +4,7 @@ module API
module
Entities
module
Entities
class
UserSafe
<
Grape
::
Entity
class
UserSafe
<
Grape
::
Entity
expose
:id
,
:username
expose
:id
,
:username
expose
:name
,
unless:
->
(
user
)
{
user
.
project_bot?
}
expose
:name
,
unless:
->
(
user
)
{
user
.
project_bot?
&&
!
options
[
:current_user
].
admin?
}
end
end
end
end
end
end
spec/lib/api/entities/user_spec.rb
View file @
d1a440e7
...
@@ -39,8 +39,18 @@ RSpec.describe API::Entities::User do
...
@@ -39,8 +39,18 @@ RSpec.describe API::Entities::User do
context
'with project bot user'
do
context
'with project bot user'
do
let
(
:user
)
{
create
(
:user
,
:project_bot
)
}
let
(
:user
)
{
create
(
:user
,
:project_bot
)
}
it
'does not expose project bot user name'
do
context
'when the requester is not an admin'
do
expect
(
subject
).
not_to
include
(
:name
)
it
'does not expose project bot user name'
do
expect
(
subject
).
not_to
include
(
:name
)
end
end
context
'when the requester is an admin'
do
let
(
:current_user
)
{
create
(
:user
,
:admin
)
}
it
'exposes project bot user name'
do
expect
(
subject
).
to
include
(
:name
)
end
end
end
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment