Filter user sensitive data from discussions JSON
This commit is contained in:
parent
e5d3a75aac
commit
b18345fac4
|
@ -27,7 +27,7 @@ class DiscussionEntity < Grape::Entity
|
|||
|
||||
expose :resolved?, as: :resolved
|
||||
expose :resolved_by_push?, as: :resolved_by_push
|
||||
expose :resolved_by
|
||||
expose :resolved_by, using: NoteUserEntity
|
||||
expose :resolved_at
|
||||
expose :resolve_path, if: -> (d, _) { d.resolvable? } do |discussion|
|
||||
resolve_project_merge_request_discussion_path(discussion.project, discussion.noteable, discussion.id)
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"id",
|
||||
"state",
|
||||
"avatar_url",
|
||||
"path",
|
||||
"name",
|
||||
"username"
|
||||
],
|
||||
"properties": {
|
||||
"id": { "type": "integer" },
|
||||
"state": { "type": "string" },
|
||||
"avatar_url": { "type": "string" },
|
||||
"path": { "type": "string" },
|
||||
"name": { "type": "string" },
|
||||
"username": { "type": "string" },
|
||||
"status_tooltip_html": { "$ref": "../types/nullable_string.json" }
|
||||
},
|
||||
"additionalProperties": false
|
||||
}
|
|
@ -36,6 +36,13 @@ describe DiscussionEntity do
|
|||
)
|
||||
end
|
||||
|
||||
it 'resolved_by matches note_user_entity schema' do
|
||||
Notes::ResolveService.new(note.project, user).execute(note)
|
||||
|
||||
expect(subject[:resolved_by].with_indifferent_access)
|
||||
.to match_schema('entities/note_user_entity')
|
||||
end
|
||||
|
||||
context 'when is LegacyDiffDiscussion' do
|
||||
let(:project) { create(:project) }
|
||||
let(:merge_request) { create(:merge_request, source_project: project) }
|
||||
|
|
Loading…
Reference in New Issue