diff options
| author | Michael Kozono <mkozono@gmail.com> | 2017-05-04 14:20:13 -0700 |
|---|---|---|
| committer | Michael Kozono <mkozono@gmail.com> | 2017-05-05 12:12:50 -0700 |
| commit | 9e48f02ea802814e4df1f1de5ed509942dca7581 (patch) | |
| tree | e1bcb152e7951e1bbd94d6a8333fd475dcfaf577 /spec | |
| parent | e4bcc90d95fa3b78544cb9ddd6019a5f914c1628 (diff) | |
| download | gitlab-ce-9e48f02ea802814e4df1f1de5ed509942dca7581.tar.gz | |
Dry up routable lookups. Fixes #30317
Note: This changes the behavior of user lookups (see the spec change) so it acts the same way as groups and projects. Unauthenticated clients attempting to access a user page will be redirected to login whether the user exists and is publicly restricted, or does not exist at all.
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/controllers/users_controller_spec.rb | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb index 5e8caa89cb7..9b6b9358a40 100644 --- a/spec/controllers/users_controller_spec.rb +++ b/spec/controllers/users_controller_spec.rb @@ -36,9 +36,9 @@ describe UsersController do end context 'when logged out' do - it 'renders 404' do + it 'redirects to login page' do get :show, username: user.username - expect(response).to have_http_status(404) + expect(response).to redirect_to new_user_session_path end end @@ -88,9 +88,9 @@ describe UsersController do context 'when a user by that username does not exist' do context 'when logged out' do - it 'renders 404 (does not redirect to login)' do + it 'redirects to login page' do get :show, username: 'nonexistent' - expect(response).to have_http_status(404) + expect(response).to redirect_to new_user_session_path end end |