kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
46174 commits 1 branch 0 tags 899 MiB
Commit graph

6 commits

Author SHA1 Message Date
Kamil Trzcinski
d8e440c8e0
Fix specs 2017-01-19 23:41:12 +01:00
Rémy Coutable
1b109c99a4
Fix a Grape deprecation, use #request_method instead of #route_method 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2016-12-23 19:07:23 +01:00
Timothy Andrew
fc7a5a3806 Modify ApiHelpers spec to adhere to the Four-Phase test style. 
- Use whitespace to separate the setup, expectation and teardown phases.
 2016-12-16 16:29:32 +05:30
Timothy Andrew
7fa06ed55d Calls to the API are checked for scope. 
- Move the `Oauth2::AccessTokenValidationService` class to
  `AccessTokenValidationService`, since it is now being used for
  personal access token validation as well.

- Each API endpoint declares the scopes it accepts (if any). Currently,
  the top level API module declares the `api` scope, and the `Users` API
  module declares the `read_user` scope (for GET requests).

- Move the `find_user_by_private_token` from the API `Helpers` module to
  the `APIGuard` module, to avoid littering `Helpers` with more
  auth-related methods to support `find_user_by_private_token`
 2016-12-16 16:29:31 +05:30
Rémy Coutable
d95b709a66
Be smarter when finding a sudoed user in API::Helpers 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2016-12-13 15:53:00 +01:00
Rémy Coutable
2f45d3bcf0 API: Memoize the current_user so that the sudo can work properly 
The issue was arising when `#current_user` was called a second time
after a user was impersonated: the `User#is_admin?` check would be
performed on it and it would fail.

Signed-off-by: Rémy Coutable <remy@rymai.me>
 2016-12-12 13:50:31 +01:00
Renamed from spec/requests/api/api_helpers_spec.rb (Browse further)