BigW Consortium Gitlab

Commit d919f924 by Lin Jen-Shin
parent 34f925fe
...@@ -66,7 +66,7 @@ class User < ActiveRecord::Base ...@@ -66,7 +66,7 @@ class User < ActiveRecord::Base
# #
# Namespace for personal projects # Namespace for personal projects
has_one :namespace, -> { where type: nil }, dependent: :destroy, foreign_key: :owner_id has_one :namespace, -> { where type: nil }, dependent: :destroy, foreign_key: :owner_id, autosave: true
# Profile # Profile
has_many :keys, -> do has_many :keys, -> do
......
...@@ -83,7 +83,7 @@ module API ...@@ -83,7 +83,7 @@ module API
group = ::Groups::CreateService.new(current_user, declared_params(include_missing: false)).execute group = ::Groups::CreateService.new(current_user, declared_params(include_missing: false)).execute
if group.persisted? if group.persisted?
present group, with: Entities::Group, current_user: current_user present group, with: Entities::GroupDetail, current_user: current_user
else else
render_api_error!("Failed to save group #{group.errors.messages}", 400) render_api_error!("Failed to save group #{group.errors.messages}", 400)
end end
...@@ -101,8 +101,6 @@ module API ...@@ -101,8 +101,6 @@ module API
optional :name, type: String, desc: 'The name of the group' optional :name, type: String, desc: 'The name of the group'
optional :path, type: String, desc: 'The path of the group' optional :path, type: String, desc: 'The path of the group'
use :optional_params use :optional_params
at_least_one_of :name, :path, :description, :visibility,
:lfs_enabled, :request_access_enabled
end end
put ':id' do put ':id' do
group = find_group!(params[:id]) group = find_group!(params[:id])
......
...@@ -124,10 +124,6 @@ module API ...@@ -124,10 +124,6 @@ module API
optional :name, type: String, desc: 'The name of the user' optional :name, type: String, desc: 'The name of the user'
optional :username, type: String, desc: 'The username of the user' optional :username, type: String, desc: 'The username of the user'
use :optional_attributes use :optional_attributes
at_least_one_of :email, :password, :name, :username, :skype, :linkedin,
:twitter, :website_url, :organization, :projects_limit,
:extern_uid, :provider, :bio, :location, :admin,
:can_create_group, :confirm, :external
end end
put ":id" do put ":id" do
authenticated_as_admin! authenticated_as_admin!
......
...@@ -13,6 +13,10 @@ describe User, models: true do ...@@ -13,6 +13,10 @@ describe User, models: true do
it { is_expected.to include_module(TokenAuthenticatable) } it { is_expected.to include_module(TokenAuthenticatable) }
end end
describe 'delegations' do
it { is_expected.to delegate_method(:path).to(:namespace).with_prefix }
end
describe 'associations' do describe 'associations' do
it { is_expected.to have_one(:namespace) } it { is_expected.to have_one(:namespace) }
it { is_expected.to have_many(:snippets).dependent(:destroy) } it { is_expected.to have_many(:snippets).dependent(:destroy) }
......
...@@ -426,9 +426,14 @@ describe API::Users do ...@@ -426,9 +426,14 @@ describe API::Users do
expect(user.reload.email).not_to eq('invalid email') expect(user.reload.email).not_to eq('invalid email')
end end
it "is not available for non admin users" do context 'when the current user is not an admin' do
put api("/users/#{user.id}", user), attributes_for(:user) it "is not available" do
expect(response).to have_http_status(403) expect do
put api("/users/#{user.id}", user), attributes_for(:user)
end.not_to change { user.reload.attributes }
expect(response).to have_http_status(403)
end
end end
it "returns 404 for non-existing user" do it "returns 404 for non-existing user" do
...@@ -649,7 +654,7 @@ describe API::Users do ...@@ -649,7 +654,7 @@ describe API::Users do
end end
it "returns a 404 for invalid ID" do it "returns a 404 for invalid ID" do
put api("/users/ASDF/emails", admin) get api("/users/ASDF/emails", admin)
expect(response).to have_http_status(404) expect(response).to have_http_status(404)
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment