Fix single note api request

author: Felipe Artur <felipefac@gmail.com> 2016-05-16 16:43:19 -0300
committer: Felipe Artur <felipefac@gmail.com> 2016-05-16 16:43:19 -0300
commit: c9be74e24797c1dab5b443728349bb0c5ce969c3 (patch)
tree: 97fbf1bbc482956f64047ef9f1e07611893c2407 /spec/requests/api/notes_spec.rb
parent: 93ca5c9964a26fbf31fcc794348b30193f4dff9f (diff)
download: gitlab-ce-c9be74e24797c1dab5b443728349bb0c5ce969c3.tar.gz
1 files changed, 14 insertions, 3 deletions
diff --git a/spec/requests/api/notes_spec.rb b/spec/requests/api/notes_spec.rb
index f9bfee94424..ed1ed5aeb95 100644
--- a/spec/requests/api/notes_spec.rb
+++ b/spec/requests/api/notes_spec.rb
@@ -3,7 +3,7 @@ require 'spec_helper'
 describe API::API, api: true  do
   include ApiHelpers
   let(:user) { create(:user) }
-  let!(:project) { create(:project, namespace: user.namespace) }
+  let!(:project) { create(:project, :public, namespace: user.namespace) }
   let!(:issue) { create(:issue, project: project, author: user) }
   let!(:merge_request) { create(:merge_request, source_project: project, target_project: project, author: user) }
   let!(:snippet) { create(:project_snippet, project: project, author: user) }
@@ -51,7 +51,7 @@ describe API::API, api: true  do
         expect(response.status).to eq(404)
       end
 
-      context "that references a private issue" do
+      context "and current user cannot view the notes" do
         it "should return an empty array" do
           get api("/projects/#{ext_proj.id}/issues/#{ext_issue.id}/notes", user)
 
@@ -142,13 +142,24 @@ describe API::API, api: true  do
         expect(response.status).to eq(404)
       end
 
-      context "that references a private issue" do
+      context "and current user cannot view the note" do
         it "should return a 404 error" do
           get api("/projects/#{ext_proj.id}/issues/#{ext_issue.id}/notes/#{cross_reference_note.id}", user)
 
           expect(response.status).to eq(404)
         end
 
+        context "when issue is confidential" do
+          before { issue.update_attributes(confidential: true) }
+
+          it "returns 404" do
+            get api("/projects/#{project.id}/issues/#{issue.id}/notes/#{issue_note.id}", private_user)
+
+            expect(response.status).to eq(404)
+          end
+        end
+
+
         context "and current user can view the note" do
           it "should return an issue note by id" do
             get api("/projects/#{ext_proj.id}/issues/#{ext_issue.id}/notes/#{cross_reference_note.id}", private_user)
author	Felipe Artur <felipefac@gmail.com>	2016-05-16 16:43:19 -0300
committer	Felipe Artur <felipefac@gmail.com>	2016-05-16 16:43:19 -0300
commit	c9be74e24797c1dab5b443728349bb0c5ce969c3 (patch)
tree	97fbf1bbc482956f64047ef9f1e07611893c2407 /spec/requests/api/notes_spec.rb
parent	93ca5c9964a26fbf31fcc794348b30193f4dff9f (diff)
download	gitlab-ce-c9be74e24797c1dab5b443728349bb0c5ce969c3.tar.gz