summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorrpereira2 <rpereira@gitlab.com>2019-04-03 19:30:22 +0530
committerrpereira2 <rpereira@gitlab.com>2019-04-05 02:12:34 +0530
commit5ee7c419ea97f9322dcaf6da02c85f2ac25f477d (patch)
tree2ad91d1569c69f045d01fd8828ce3725361ce7b8
parent16772b91f0b71b47c8e72bfa2d11693aed58e3ba (diff)
downloadgitlab-ce-5ee7c419ea97f9322dcaf6da02c85f2ac25f477d.tar.gz
Call permit! on params
Diffstat
-rw-r--r--app/controllers/projects/environments/prometheus_api_controller.rb2
-rw-r--r--spec/controllers/projects/environments/prometheus_api_controller_spec.rb15
2 files changed, 15 insertions, 2 deletions
diff --git a/app/controllers/projects/environments/prometheus_api_controller.rb b/app/controllers/projects/environments/prometheus_api_controller.rb
index 0ce97706792..13b5a300af6 100644
--- a/app/controllers/projects/environments/prometheus_api_controller.rb
+++ b/app/controllers/projects/environments/prometheus_api_controller.rb
@@ -9,7 +9,7 @@ class Projects::Environments::PrometheusApiController < Projects::ApplicationCon
environment,
request.method,
params[:proxy_path],
- params
+ params.permit!
).execute
if result.nil?
diff --git a/spec/controllers/projects/environments/prometheus_api_controller_spec.rb b/spec/controllers/projects/environments/prometheus_api_controller_spec.rb
index f1ac127fc9e..ee5202ac798 100644
--- a/spec/controllers/projects/environments/prometheus_api_controller_spec.rb
+++ b/spec/controllers/projects/environments/prometheus_api_controller_spec.rb
@@ -14,11 +14,22 @@ describe Projects::Environments::PrometheusApiController do
describe 'GET #proxy' do
let(:prometheus_proxy_service) { instance_double(Prometheus::ProxyService) }
+ let(:expected_params) do
+ ActionController::Parameters.new(
+ "query" => "1",
+ "id" => "1",
+ "namespace_id" => "namespace1",
+ "project_id" => "project1",
+ "proxy_path" => "query",
+ "controller" => "projects/environments/prometheus_api",
+ "action" => "proxy"
+ ).permit!
+ end
context 'with valid requests' do
before do
allow(Prometheus::ProxyService).to receive(:new)
- .with(environment, 'GET', 'query', anything)
+ .with(environment, 'GET', 'query', expected_params)
.and_return(prometheus_proxy_service)
allow(prometheus_proxy_service).to receive(:execute)
@@ -33,6 +44,8 @@ describe Projects::Environments::PrometheusApiController do
it 'returns prometheus response' do
get :proxy, params: environment_params
+ expect(Prometheus::ProxyService).to have_received(:new)
+ .with(environment, 'GET', 'query', expected_params)
expect(response).to have_gitlab_http_status(:ok)
expect(json_response).to eq(prometheus_json_body)
end
View Lorry Controller Status