diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-07-01 00:49:57 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-07-01 00:49:57 +0000 |
commit | c31c9f964a81f104f4c265b6082b469361fb1653 (patch) | |
tree | ff99939150d948ed8e8a1fb1139eb8fac778e69b /spec/controllers/graphql_controller_spec.rb | |
parent | c6c26f3b730d4bbc567aee33b4c6fd621517055e (diff) | |
download | gitlab-ce-c31c9f964a81f104f4c265b6082b469361fb1653.tar.gz |
Add latest changes from gitlab-org/security/gitlab@14-0-stable-ee
Diffstat (limited to 'spec/controllers/graphql_controller_spec.rb')
-rw-r--r-- | spec/controllers/graphql_controller_spec.rb | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/spec/controllers/graphql_controller_spec.rb b/spec/controllers/graphql_controller_spec.rb index f2d86b1b166..aed97a01a72 100644 --- a/spec/controllers/graphql_controller_spec.rb +++ b/spec/controllers/graphql_controller_spec.rb @@ -44,7 +44,7 @@ RSpec.describe GraphqlController do expect(response).to have_gitlab_http_status(:ok) end - it 'returns access denied template when user cannot access API' do + it 'returns forbidden when user cannot access API' do # User cannot access API in a couple of cases # * When user is internal(like ghost users) # * When user is blocked @@ -54,7 +54,9 @@ RSpec.describe GraphqlController do post :execute expect(response).to have_gitlab_http_status(:forbidden) - expect(response).to render_template('errors/access_denied') + expect(json_response).to include( + 'errors' => include(a_hash_including('message' => /API not accessible/)) + ) end it 'updates the users last_activity_on field' do |