Commit d919f924 authored by Lin Jen-Shin's avatar Lin Jen-Shin
parent 34f925fe
......@@ -66,7 +66,7 @@ class User < ActiveRecord::Base
#
# Namespace for personal projects
has_one :namespace, -> { where type: nil }, dependent: :destroy, foreign_key: :owner_id
has_one :namespace, -> { where type: nil }, dependent: :destroy, foreign_key: :owner_id, autosave: true
# Profile
has_many :keys, -> do
......
......@@ -83,7 +83,7 @@ module API
group = ::Groups::CreateService.new(current_user, declared_params(include_missing: false)).execute
if group.persisted?
present group, with: Entities::Group, current_user: current_user
present group, with: Entities::GroupDetail, current_user: current_user
else
render_api_error!("Failed to save group #{group.errors.messages}", 400)
end
......@@ -101,8 +101,6 @@ module API
optional :name, type: String, desc: 'The name of the group'
optional :path, type: String, desc: 'The path of the group'
use :optional_params
at_least_one_of :name, :path, :description, :visibility,
:lfs_enabled, :request_access_enabled
end
put ':id' do
group = find_group!(params[:id])
......
......@@ -124,10 +124,6 @@ module API
optional :name, type: String, desc: 'The name of the user'
optional :username, type: String, desc: 'The username of the user'
use :optional_attributes
at_least_one_of :email, :password, :name, :username, :skype, :linkedin,
:twitter, :website_url, :organization, :projects_limit,
:extern_uid, :provider, :bio, :location, :admin,
:can_create_group, :confirm, :external
end
put ":id" do
authenticated_as_admin!
......
......@@ -13,6 +13,10 @@ describe User, models: true do
it { is_expected.to include_module(TokenAuthenticatable) }
end
describe 'delegations' do
it { is_expected.to delegate_method(:path).to(:namespace).with_prefix }
end
describe 'associations' do
it { is_expected.to have_one(:namespace) }
it { is_expected.to have_many(:snippets).dependent(:destroy) }
......
......@@ -426,9 +426,14 @@ describe API::Users do
expect(user.reload.email).not_to eq('invalid email')
end
it "is not available for non admin users" do
put api("/users/#{user.id}", user), attributes_for(:user)
expect(response).to have_http_status(403)
context 'when the current user is not an admin' do
it "is not available" do
expect do
put api("/users/#{user.id}", user), attributes_for(:user)
end.not_to change { user.reload.attributes }
expect(response).to have_http_status(403)
end
end
it "returns 404 for non-existing user" do
......@@ -649,7 +654,7 @@ describe API::Users do
end
it "returns a 404 for invalid ID" do
put api("/users/ASDF/emails", admin)
get api("/users/ASDF/emails", admin)
expect(response).to have_http_status(404)
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment