Commit graph

16 commits

Author SHA1 Message Date
GitLab Bot
fa7ac2663b Add latest changes from gitlab-org/gitlab@master 2020-06-24 06:09:01 +00:00
GitLab Bot
4cb5e5011a Add latest changes from gitlab-org/gitlab@master 2020-03-13 09:09:23 +00:00
GitLab Bot
f7dae0cdcb Add latest changes from gitlab-org/gitlab@master 2020-02-25 12:08:48 +00:00
GitLab Bot
427c549b63 Add latest changes from gitlab-org/gitlab@master 2020-01-14 00:08:14 +00:00
GitLab Bot
175b4fa261 Add latest changes from gitlab-org/gitlab@master 2019-12-11 18:08:10 +00:00
GitLab Bot
abfafe3c57 Add latest changes from gitlab-org/gitlab@master 2019-10-29 00:06:10 +00:00
Nermin Vehabovic
f9e38cd39f Added: Documentation for the API
Added: Specs for the API action
2019-02-26 23:18:40 +00:00
Jacopo
2f40dac352 Refactor have_http_status into have_gitlab_http_status in the specs 2017-10-20 10:13:18 +02:00
Robert Speicher
a6ec5121f0 Correct RSpec/SingleLineHook cop offenses 2017-06-14 13:18:56 -05:00
Sean McGivern
6dc424c949 Merge branch '29903-remove-user-is-admin-flag-from-api' into 'master'
Don't display the `is_admin?` flag for user API responses

Closes #29903

See merge request !10846
2017-04-25 10:57:32 +00:00
Timothy Andrew
34b71e734b Don't display the is_admin? flag for user API responses.
- To prevent an attacker from enumerating the `/users` API to get a list of all
  the admins.

- Display the `is_admin?` flag wherever we display the `private_token` - at the
  moment, there are two instances:

  - When an admin uses `sudo` to view the `/user` endpoint
  - When logging in using the `/session` endpoint
2017-04-25 09:46:05 +00:00
Jacopo
ff76adb547 Unnecessary "include WaitForAjax" and "include ApiHelpers"
Removed all the unnecessary include of `WaitForAjax` and `ApiHelpers` in the specs.
Removed unnecessary usage of `api:true`
2017-04-21 22:32:02 +02:00
Livier
eb4f15571d Changed API spec files to describe the correct class
Restore changes for api spec files

Fix error in rspec Users

Delete extra space Repositories-spec
2016-11-28 10:55:27 -07:00
tiagonbotelho
1d268a89de adds second batch of tests changed to active tense 2016-08-09 15:11:39 +01:00
Z.J. van de Weg
abca19da8b Use HTTP matchers if possible 2016-06-27 20:10:42 +02:00
Artem V. Navrotskiy
8ec59bd18b Add API method for get user by ID of an SSH key 2015-09-03 15:47:22 +03:00