diff options
author | Rubén Dávila <ruben@gitlab.com> | 2017-12-11 09:53:31 -0500 |
---|---|---|
committer | Rubén Dávila <ruben@gitlab.com> | 2017-12-11 09:53:31 -0500 |
commit | 429302b34c5d66bd79f49284964cfc21db794ba7 (patch) | |
tree | 586f615c6b70b46b81eee51339ad358a427ef429 /spec/controllers | |
parent | 806a68a81f1baeed07c146b1b5d9eb77796c46ba (diff) | |
download | gitlab-ce-429302b34c5d66bd79f49284964cfc21db794ba7.tar.gz |
Bugfix: User can't change the access level of an access requester
The endpoint was returning 404 because it was only searching on the
current members of a Group or Project and not the access requesters.
Diffstat (limited to 'spec/controllers')
-rw-r--r-- | spec/controllers/groups/group_members_controller_spec.rb | 19 | ||||
-rw-r--r-- | spec/controllers/projects/project_members_controller_spec.rb | 20 |
2 files changed, 39 insertions, 0 deletions
diff --git a/spec/controllers/groups/group_members_controller_spec.rb b/spec/controllers/groups/group_members_controller_spec.rb index 9c6d584f59b..362d5cc4514 100644 --- a/spec/controllers/groups/group_members_controller_spec.rb +++ b/spec/controllers/groups/group_members_controller_spec.rb @@ -62,6 +62,25 @@ describe Groups::GroupMembersController do end end + describe 'PUT update' do + let(:requester) { create(:group_member, :access_request, group: group) } + + before do + group.add_owner(user) + sign_in(user) + end + + Gitlab::Access.options.each do |label, value| + it "can change the access level to #{label}" do + xhr :put, :update, group_member: { access_level: value }, + group_id: group, + id: requester + + expect(requester.reload.human_access).to eq(label) + end + end + end + describe 'DELETE destroy' do let(:member) { create(:group_member, :developer, group: group) } diff --git a/spec/controllers/projects/project_members_controller_spec.rb b/spec/controllers/projects/project_members_controller_spec.rb index a34dc27a5ed..290dba0610a 100644 --- a/spec/controllers/projects/project_members_controller_spec.rb +++ b/spec/controllers/projects/project_members_controller_spec.rb @@ -66,6 +66,26 @@ describe Projects::ProjectMembersController do end end + describe 'PUT update' do + let(:requester) { create(:project_member, :access_request, project: project) } + + before do + project.add_master(user) + sign_in(user) + end + + Gitlab::Access.options.each do |label, value| + it "can change the access level to #{label}" do + xhr :put, :update, project_member: { access_level: value }, + namespace_id: project.namespace, + project_id: project, + id: requester + + expect(requester.reload.human_access).to eq(label) + end + end + end + describe 'DELETE destroy' do let(:member) { create(:project_member, :developer, project: project) } |