diff options
author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-07-26 13:41:02 +0000 |
---|---|---|
committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-07-26 13:41:02 +0000 |
commit | 890c1421a4b28cdc65427235cd5a397c5d1be9c4 (patch) | |
tree | 8cbe6c6850d90fe563ca44168adb01f958c04c4b /spec/requests | |
parent | 3a178b26107d99377347664ce4cb7e5bcb0dc854 (diff) | |
parent | a7821dd910fd385a66cfe6c840c37c7b11263410 (diff) | |
download | gitlab-ce-890c1421a4b28cdc65427235cd5a397c5d1be9c4.tar.gz |
Merge branch 'security-remove-take-trigger-ownership-feature' into 'master'
Drop feature to take ownership of a trigger token
Closes #2868
See merge request gitlab/gitlabhq!3198
Diffstat (limited to 'spec/requests')
-rw-r--r-- | spec/requests/api/triggers_spec.rb | 28 |
1 files changed, 0 insertions, 28 deletions
diff --git a/spec/requests/api/triggers_spec.rb b/spec/requests/api/triggers_spec.rb index f0f01e97f1d..8ea3d16a41f 100644 --- a/spec/requests/api/triggers_spec.rb +++ b/spec/requests/api/triggers_spec.rb @@ -270,34 +270,6 @@ describe API::Triggers do end end - describe 'POST /projects/:id/triggers/:trigger_id/take_ownership' do - context 'authenticated user with valid permissions' do - it 'updates owner' do - post api("/projects/#{project.id}/triggers/#{trigger.id}/take_ownership", user) - - expect(response).to have_gitlab_http_status(200) - expect(json_response).to include('owner') - expect(trigger.reload.owner).to eq(user) - end - end - - context 'authenticated user with invalid permissions' do - it 'does not update owner' do - post api("/projects/#{project.id}/triggers/#{trigger.id}/take_ownership", user2) - - expect(response).to have_gitlab_http_status(403) - end - end - - context 'unauthenticated user' do - it 'does not update owner' do - post api("/projects/#{project.id}/triggers/#{trigger.id}/take_ownership") - - expect(response).to have_gitlab_http_status(401) - end - end - end - describe 'DELETE /projects/:id/triggers/:trigger_id' do context 'authenticated user with valid permissions' do it 'deletes trigger' do |