Commit 4cd04443 authored by Robert Schilling's avatar Robert Schilling

Fix group_member_spec to not leak information

parent ca40479c
...@@ -42,9 +42,10 @@ describe API::API, api: true do ...@@ -42,9 +42,10 @@ describe API::API, api: true do
end end
end end
it "users not part of the group should get access error" do it 'users not part of the group should get access error' do
get api("/groups/#{group_with_members.id}/members", stranger) get api("/groups/#{group_with_members.id}/members", stranger)
expect(response.status).to eq(403)
expect(response.status).to eq(404)
end end
end end
end end
...@@ -165,12 +166,13 @@ describe API::API, api: true do ...@@ -165,12 +166,13 @@ describe API::API, api: true do
end end
end end
describe "DELETE /groups/:id/members/:user_id" do describe 'DELETE /groups/:id/members/:user_id' do
context "when not a member of the group" do context 'when not a member of the group' do
it "should not delete guest's membership of group_with_members" do it "should not delete guest's membership of group_with_members" do
random_user = create(:user) random_user = create(:user)
delete api("/groups/#{group_with_members.id}/members/#{owner.id}", random_user) delete api("/groups/#{group_with_members.id}/members/#{owner.id}", random_user)
expect(response.status).to eq(403)
expect(response.status).to eq(404)
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment