e9d3b96595
When a user is not authorized to see the list of hooks for a project, he is still able to access the hooks separately. For example if access to `GET /projects/:id/hooks` fails and returns a `403 Unauthorized` error it is still possible to access a hook directly via `GET /projects/:id/hooks/:hook_id`. Fixes access, also added tests to check access and status codes of hooks. |
||
---|---|---|
.. | ||
groups_spec.rb | ||
issues_spec.rb | ||
merge_requests_spec.rb | ||
milestones_spec.rb | ||
notes_spec.rb | ||
projects_spec.rb | ||
session_spec.rb | ||
users_spec.rb |