summaryrefslogtreecommitdiff
path: root/spec/controllers/projects/notes_controller_spec.rb
Commit message (Collapse)AuthorAgeFilesLines
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2023-02-281-0/+14
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2023-02-231-11/+27
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2023-02-171-4/+1
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2023-02-091-1/+1
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2022-11-301-0/+1
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2022-11-171-1/+1
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2022-08-261-1/+1
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2022-08-151-14/+57
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2022-06-101-94/+0
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2022-04-081-1/+15
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2021-12-201-3/+6
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2021-11-111-0/+29
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2021-03-301-3/+3
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2021-02-191-43/+3
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2021-02-181-3/+1
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2021-02-111-1/+37
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2021-02-111-3/+12
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2021-02-091-0/+36
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2021-02-041-1/+3
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2020-12-091-1/+1
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2020-11-131-0/+19
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2020-08-311-1/+1
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2020-08-111-0/+1
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2020-07-171-2/+82
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2020-06-031-1/+1
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2020-05-261-1/+5
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2020-04-011-1/+1
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2020-01-281-33/+33
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2019-11-191-0/+11
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2019-11-141-1/+3
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2019-10-231-3/+3
|
* Add latest changes from gitlab-org/gitlab@masterGitLab Bot2019-10-181-0/+1
|
* Merge branch 'security-2853-prevent-comments-on-private-mrs' into 'master'GitLab Release Tools Bot2019-08-291-71/+240
|\ | | | | | | | | Ensure only authorised users can create notes on merge requests and issues See merge request gitlab/gitlabhq!3137
| * Prevent unauthorised comments on merge requestsAlex Kalderimis2019-08-071-71/+240
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Prevent creating notes on inaccessible MRs This applies the notes rules at the MR scope. Rather than adding extra rules to the Project level policy, preventing :create_note here is better since it only prevents creating notes on MRs. * Prevent creating notes in inaccessible Issues without this policy, non-team-members are allowed to comment on issues even when the project has the private-issues policy set. This means that without this change, users are allowed to comment on issues that they cannot read. * Add CHANGELOG entry
* | Improve specs for Issues and Notes controllers63372-award-emoji-servicesLuke Duncalfe2019-08-211-5/+14
|/ | | | | | This adds test that Todos are completed. https://gitlab.com/gitlab-org/gitlab-ce/issues/63372
* Use NotesFinder in IssuableActions modulePatrick Derichs2019-08-011-1/+1
| | | | | | | | | | Remove project from NotesFinder constructor Add project parameter to specs Also look for methods in private scope Fix specs to match new NotesFinder constructor
* Cleanup usages of `JSON.parse` in specsPeter Leitzen2019-07-161-2/+2
| | | | Prefer `json_response` where applicable.
* Correctly check permissions when creating snippet notesMarkus Koller2019-06-061-1/+1
| | | | | | | | | | In the Snippets::NotesController the noteable was resolved and authorized through the :snippet_id, so by passing a :target_id for a different snippet it was possible to create a note on a snippet where the user would be unauthorized to do so otherwise. This fixes the problem by ignoring the :target_id and :target_type from the request, and using the same noteable for creation and authorization.
* Add some frozen string to spec/**/*.rbgfyoung2019-04-151-0/+2
| | | | | | | | | | Adds frozen string to the following: * spec/bin/**/*.rb * spec/config/**/*.rb * spec/controllers/**/*.rb xref https://gitlab.com/gitlab-org/gitlab-ce/issues/59758
* Only return `commands_changes` used in frontendHeinrich Lee Yu2019-03-181-0/+31
| | | | | When executing quick actions, this limits the `commands_changes` response to only those used by the frontend
* Refactor params for notes_actionsHeinrich Lee Yu2019-02-231-2/+18
| | | | | | | Removes unneeded params from permitted list This also fixes commenting on commits with a hash starting with a large number
* Update specs to rails5 formatblackst0ne-convert-specs-rails5-styleblackst0ne2018-12-191-44/+44
| | | | | | | | | | Updates specs to use new rails5 format. The old format: `get :show, { some: params }, { some: headers }` The new format: `get :show, params: { some: params }, headers: { some: headers }`
* Fix deprecation: Comparing equality between ActionController::Parameters and ↵Jasper Maes2018-12-161-2/+2
| | | | a Hash is deprecated
* Merge branch 'security-guest-comments' into 'master'Cindy Pallares2018-11-281-27/+76
| | | | | [master]Fixed ability to comment on and edit/delete comments on locked or confidential issues See merge request gitlab/gitlabhq!2612
* Resolve "Filter discussion (tab) by comments or activity in issues and merge ↵Oswaldo Ferreira2018-10-231-0/+31
| | | | requests"
* Return discussion object from NotesController#create when return_discussion ↵Douwe Maan2018-09-211-0/+8
| | | | param is set
* Use ResourceLabelEvent for tracking label changesJan Provaznik2018-09-071-1/+1
|
* Changes tab VUE refactoringFelipe Artur2018-06-211-7/+7
|
* Replace '.team << [user, role]' with 'add_role(user)' in specs36782-replace-team-user-role-with-add_role-user-in-specsblackst0ne2017-12-221-7/+7
|
* Make sure NotesActions#noteable returns a Noteable in the update actiondm-notes-actions-noteable-for-updateDouwe Maan2017-11-161-0/+23
|
View Lorry Controller Status