diff options
author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-08-30 00:34:22 +0300 |
---|---|---|
committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-08-30 00:34:22 +0300 |
commit | 34c2b6adf9966ac7ad9a9e699211a6074af13fbc (patch) | |
tree | 1325c567fbaec574402f55e653dec252c7eddcd1 /spec/support | |
parent | 170cb8bc1828b80019fa45e48bc37161973e7a0e (diff) | |
parent | 41d52bbfe9725a93013ea6b072efcdc16e591b14 (diff) |
Merge branch 'security-personal-snippets' into 'master'
Add direct upload support for personal snippets
See merge request gitlab/gitlabhq!3226
Diffstat (limited to 'spec/support')
-rw-r--r-- | spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb b/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb index 39d13cccb13..4bc22861d58 100644 --- a/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb +++ b/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb @@ -7,6 +7,8 @@ shared_examples 'handle uploads' do let(:secret) { FileUploader.generate_secret } let(:uploader_class) { FileUploader } + it_behaves_like 'handle uploads authorize' + describe "POST #create" do context 'when a user is not authorized to upload a file' do it 'returns 404 status' do @@ -271,7 +273,9 @@ shared_examples 'handle uploads' do end end end +end +shared_examples 'handle uploads authorize' do describe "POST #authorize" do context 'when a user is not authorized to upload a file' do it 'returns 404 status' do @@ -284,7 +288,12 @@ shared_examples 'handle uploads' do context 'when a user can upload a file' do before do sign_in(user) - model.add_developer(user) + + if model.is_a?(PersonalSnippet) + model.update!(author: user) + else + model.add_developer(user) + end end context 'and the request bypassed workhorse' do |