From 337ced28bcdff25a2d2d4c726d37c782c4cc2d24 Mon Sep 17 00:00:00 2001 From: Alexis Reigel Date: Mon, 18 Dec 2017 11:14:51 +0100 Subject: [PATCH] reference triggers.values for permitted parameters --- app/controllers/admin/hooks_controller.rb | 7 ++--- app/controllers/projects/hooks_controller.rb | 10 +------ .../admin/hooks_controller_spec.rb | 7 ++--- .../projects/hooks_controller_spec.rb | 26 +++++++++++++++++++ 4 files changed, 33 insertions(+), 17 deletions(-) diff --git a/app/controllers/admin/hooks_controller.rb b/app/controllers/admin/hooks_controller.rb index 1c90c298f66..2b47819303e 100644 --- a/app/controllers/admin/hooks_controller.rb +++ b/app/controllers/admin/hooks_controller.rb @@ -59,12 +59,9 @@ class Admin::HooksController < Admin::ApplicationController def hook_params params.require(:hook).permit( :enable_ssl_verification, - :push_events, - :tag_push_events, - :repository_update_events, - :merge_requests_events, :token, - :url + :url, + *SystemHook.triggers.values ) end end diff --git a/app/controllers/projects/hooks_controller.rb b/app/controllers/projects/hooks_controller.rb index 85d35900c71..b83d6543096 100644 --- a/app/controllers/projects/hooks_controller.rb +++ b/app/controllers/projects/hooks_controller.rb @@ -63,18 +63,10 @@ class Projects::HooksController < Projects::ApplicationController def hook_params params.require(:hook).permit( - :job_events, - :pipeline_events, :enable_ssl_verification, - :issues_events, - :confidential_issues_events, - :merge_requests_events, - :note_events, - :push_events, - :tag_push_events, :token, :url, - :wiki_page_events + *ProjectHook.triggers.values ) end end diff --git a/spec/controllers/admin/hooks_controller_spec.rb b/spec/controllers/admin/hooks_controller_spec.rb index 090a51be7c3..d2c1e634930 100644 --- a/spec/controllers/admin/hooks_controller_spec.rb +++ b/spec/controllers/admin/hooks_controller_spec.rb @@ -11,12 +11,13 @@ describe Admin::HooksController do it 'sets all parameters' do hook_params = { enable_ssl_verification: true, + token: "TEST TOKEN", + url: "http://example.com", + push_events: true, tag_push_events: true, repository_update_events: true, - merge_requests_events: true, - token: "TEST TOKEN", - url: "http://example.com" + merge_requests_events: true } post :create, hook: hook_params diff --git a/spec/controllers/projects/hooks_controller_spec.rb b/spec/controllers/projects/hooks_controller_spec.rb index aba70c6d4c1..2d473d5bf52 100644 --- a/spec/controllers/projects/hooks_controller_spec.rb +++ b/spec/controllers/projects/hooks_controller_spec.rb @@ -18,4 +18,30 @@ describe Projects::HooksController do ) end end + + describe '#create' do + it 'sets all parameters' do + hook_params = { + enable_ssl_verification: true, + token: "TEST TOKEN", + url: "http://example.com", + + push_events: true, + tag_push_events: true, + merge_requests_events: true, + issues_events: true, + confidential_issues_events: true, + note_events: true, + job_events: true, + pipeline_events: true, + wiki_page_events: true + } + + post :create, namespace_id: project.namespace, project_id: project, hook: hook_params + + expect(response).to have_http_status(302) + expect(ProjectHook.all.size).to eq(1) + expect(ProjectHook.first).to have_attributes(hook_params) + end + end end