fix mass-assignment error in user create API
This commit is contained in:
parent
770ec3359d
commit
c610206321
|
@ -23,7 +23,7 @@ module Gitlab
|
|||
@user = User.find(params[:id])
|
||||
present @user, with: Entities::User
|
||||
end
|
||||
|
||||
|
||||
# Create user. Available only for admin
|
||||
#
|
||||
# Parameters:
|
||||
|
@ -40,7 +40,7 @@ module Gitlab
|
|||
post do
|
||||
authenticated_as_admin!
|
||||
attrs = attributes_for_keys [:email, :name, :password, :password_confirmation, :skype, :linkedin, :twitter, :projects_limit]
|
||||
user = User.new attrs
|
||||
user = User.new attrs, as: :admin
|
||||
if user.save
|
||||
present user, with: Entities::User
|
||||
else
|
||||
|
|
|
@ -4,7 +4,7 @@ describe Gitlab::API do
|
|||
include ApiHelpers
|
||||
|
||||
let(:user) { Factory :user }
|
||||
let(:admin) {Factory :admin}
|
||||
let(:admin) { Factory :admin }
|
||||
let(:key) { Factory :key, user: user }
|
||||
|
||||
describe "GET /users" do
|
||||
|
@ -42,9 +42,9 @@ describe Gitlab::API do
|
|||
end
|
||||
|
||||
it "should create user" do
|
||||
expect{
|
||||
post api("/users", admin), Factory.attributes(:user)
|
||||
}.to change{User.count}.by(1)
|
||||
expect {
|
||||
post api("/users", admin), Factory.attributes(:user, projects_limit: 3)
|
||||
}.to change { User.count }.by(1)
|
||||
end
|
||||
|
||||
it "shouldn't available for non admin users" do
|
||||
|
|
Loading…
Reference in a new issue