diff options
author | rpereira2 <rpereira@gitlab.com> | 2019-04-03 19:30:22 +0530 |
---|---|---|
committer | rpereira2 <rpereira@gitlab.com> | 2019-04-05 02:12:34 +0530 |
commit | 5ee7c419ea97f9322dcaf6da02c85f2ac25f477d (patch) | |
tree | 2ad91d1569c69f045d01fd8828ce3725361ce7b8 | |
parent | 16772b91f0b71b47c8e72bfa2d11693aed58e3ba (diff) | |
download | gitlab-ce-5ee7c419ea97f9322dcaf6da02c85f2ac25f477d.tar.gz |
Call permit! on params
-rw-r--r-- | app/controllers/projects/environments/prometheus_api_controller.rb | 2 | ||||
-rw-r--r-- | spec/controllers/projects/environments/prometheus_api_controller_spec.rb | 15 |
2 files changed, 15 insertions, 2 deletions
diff --git a/app/controllers/projects/environments/prometheus_api_controller.rb b/app/controllers/projects/environments/prometheus_api_controller.rb index 0ce97706792..13b5a300af6 100644 --- a/app/controllers/projects/environments/prometheus_api_controller.rb +++ b/app/controllers/projects/environments/prometheus_api_controller.rb @@ -9,7 +9,7 @@ class Projects::Environments::PrometheusApiController < Projects::ApplicationCon environment, request.method, params[:proxy_path], - params + params.permit! ).execute if result.nil? diff --git a/spec/controllers/projects/environments/prometheus_api_controller_spec.rb b/spec/controllers/projects/environments/prometheus_api_controller_spec.rb index f1ac127fc9e..ee5202ac798 100644 --- a/spec/controllers/projects/environments/prometheus_api_controller_spec.rb +++ b/spec/controllers/projects/environments/prometheus_api_controller_spec.rb @@ -14,11 +14,22 @@ describe Projects::Environments::PrometheusApiController do describe 'GET #proxy' do let(:prometheus_proxy_service) { instance_double(Prometheus::ProxyService) } + let(:expected_params) do + ActionController::Parameters.new( + "query" => "1", + "id" => "1", + "namespace_id" => "namespace1", + "project_id" => "project1", + "proxy_path" => "query", + "controller" => "projects/environments/prometheus_api", + "action" => "proxy" + ).permit! + end context 'with valid requests' do before do allow(Prometheus::ProxyService).to receive(:new) - .with(environment, 'GET', 'query', anything) + .with(environment, 'GET', 'query', expected_params) .and_return(prometheus_proxy_service) allow(prometheus_proxy_service).to receive(:execute) @@ -33,6 +44,8 @@ describe Projects::Environments::PrometheusApiController do it 'returns prometheus response' do get :proxy, params: environment_params + expect(Prometheus::ProxyService).to have_received(:new) + .with(environment, 'GET', 'query', expected_params) expect(response).to have_gitlab_http_status(:ok) expect(json_response).to eq(prometheus_json_body) end |