Merge branch 'snippets_visibility' into 'security'

Fix snippets visibility for show action - external users can not see internal snippets See merge request !2087
author: Sean McGivern <sean@gitlab.com> 2017-04-25 14:41:26 +0000
committer: Bob Van Landuyt <bob@gitlab.com> 2017-05-10 16:44:20 +0200
commit: d9ec830a8348fca93775c5f0b1f81a83e8c4f95a (patch)
tree: 2c3949ca2f22bc195bb54a96fee5ac0971c6f745 /spec/controllers/snippets_controller_spec.rb
parent: 9ae401cf91c9d545602b9aa86afcd306fc6e3467 (diff)
download: gitlab-ce-d9ec830a8348fca93775c5f0b1f81a83e8c4f95a.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/spec/controllers/snippets_controller_spec.rb b/spec/controllers/snippets_controller_spec.rb
index 41cd5bdcdd8..da46431b700 100644
--- a/spec/controllers/snippets_controller_spec.rb
+++ b/spec/controllers/snippets_controller_spec.rb
@@ -132,7 +132,7 @@ describe SnippetsController do
         it 'responds with status 404' do
           get :show, id: 'doesntexist'
 
-          expect(response).to have_http_status(404)
+          expect(response).to redirect_to(new_user_session_path)
         end
       end
     end
@@ -478,10 +478,10 @@ describe SnippetsController do
       end
 
       context 'when not signed in' do
-        it 'responds with status 404' do
+        it 'redirects to the sign in path' do
           get :raw, id: 'doesntexist'
 
-          expect(response).to have_http_status(404)
+          expect(response).to redirect_to(new_user_session_path)
         end
       end
     end
author	Sean McGivern <sean@gitlab.com>	2017-04-25 14:41:26 +0000
committer	Bob Van Landuyt <bob@gitlab.com>	2017-05-10 16:44:20 +0200
commit	d9ec830a8348fca93775c5f0b1f81a83e8c4f95a (patch)
tree	2c3949ca2f22bc195bb54a96fee5ac0971c6f745 /spec/controllers/snippets_controller_spec.rb
parent	9ae401cf91c9d545602b9aa86afcd306fc6e3467 (diff)
download	gitlab-ce-d9ec830a8348fca93775c5f0b1f81a83e8c4f95a.tar.gz