Commit 72b5c9af authored by Robert Schilling's avatar Robert Schilling

API: Catch empty code content for project snippets

parent cc9764ac
---
title: 'API: Catch empty code content for project snippets'
merge_request: 21325
author: Robert Schilling
type: fixed
...@@ -49,7 +49,7 @@ module API ...@@ -49,7 +49,7 @@ module API
params do params do
requires :title, type: String, desc: 'The title of the snippet' requires :title, type: String, desc: 'The title of the snippet'
requires :file_name, type: String, desc: 'The file name of the snippet' requires :file_name, type: String, desc: 'The file name of the snippet'
requires :code, type: String, desc: 'The content of the snippet' requires :code, type: String, allow_blank: false, desc: 'The content of the snippet'
optional :description, type: String, desc: 'The description of a snippet' optional :description, type: String, desc: 'The description of a snippet'
requires :visibility, type: String, requires :visibility, type: String,
values: Gitlab::VisibilityLevel.string_values, values: Gitlab::VisibilityLevel.string_values,
...@@ -78,7 +78,7 @@ module API ...@@ -78,7 +78,7 @@ module API
requires :snippet_id, type: Integer, desc: 'The ID of a project snippet' requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'
optional :title, type: String, desc: 'The title of the snippet' optional :title, type: String, desc: 'The title of the snippet'
optional :file_name, type: String, desc: 'The file name of the snippet' optional :file_name, type: String, desc: 'The file name of the snippet'
optional :code, type: String, desc: 'The content of the snippet' optional :code, type: String, allow_blank: false, desc: 'The content of the snippet'
optional :description, type: String, desc: 'The description of a snippet' optional :description, type: String, desc: 'The description of a snippet'
optional :visibility, type: String, optional :visibility, type: String,
values: Gitlab::VisibilityLevel.string_values, values: Gitlab::VisibilityLevel.string_values,
......
...@@ -116,6 +116,14 @@ describe API::ProjectSnippets do ...@@ -116,6 +116,14 @@ describe API::ProjectSnippets do
expect(response).to have_gitlab_http_status(400) expect(response).to have_gitlab_http_status(400)
end end
it 'returns 400 for empty code field' do
params[:code] = ''
post api("/projects/#{project.id}/snippets/", admin), params
expect(response).to have_gitlab_http_status(400)
end
context 'when the snippet is spam' do context 'when the snippet is spam' do
def create_snippet(project, snippet_params = {}) def create_snippet(project, snippet_params = {})
project.add_developer(user) project.add_developer(user)
...@@ -180,6 +188,14 @@ describe API::ProjectSnippets do ...@@ -180,6 +188,14 @@ describe API::ProjectSnippets do
expect(response).to have_gitlab_http_status(400) expect(response).to have_gitlab_http_status(400)
end end
it 'returns 400 for empty code field' do
new_content = ''
put api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/", admin), code: new_content
expect(response).to have_gitlab_http_status(400)
end
context 'when the snippet is spam' do context 'when the snippet is spam' do
def update_snippet(snippet_params = {}) def update_snippet(snippet_params = {})
put api("/projects/#{snippet.project.id}/snippets/#{snippet.id}", admin), snippet_params put api("/projects/#{snippet.project.id}/snippets/#{snippet.id}", admin), snippet_params
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment