summaryrefslogtreecommitdiff
path: root/test/unit/user_test.rb
diff options
context:
space:
mode:
authorNavaL <ayoyo@thoughtworks.com>2016-07-14 15:06:20 +0200
committerNavaL <ayoyo@thoughtworks.com>2016-07-14 15:45:09 +0200
commitab1917c5fe0f03e7719863a5598ad575d9fef302 (patch)
tree1aba29d7cfa25489d7f53528e022ff14ecb24961 /test/unit/user_test.rb
parente3c2cb91dfef5c39c608b967e702e9de977d1bd2 (diff)
[feature] restrict is_admin in the user api, to only allow querying
for him/herself So that it we do not expose the is_admin property to anyone else including other admins.
Diffstat (limited to 'test/unit/user_test.rb')
-rw-r--r--test/unit/user_test.rb13
1 files changed, 6 insertions, 7 deletions
diff --git a/test/unit/user_test.rb b/test/unit/user_test.rb
index 55d0648..02e94df 100644
--- a/test/unit/user_test.rb
+++ b/test/unit/user_test.rb
@@ -71,13 +71,12 @@ class UserTest < ActiveSupport::TestCase
assert_equal key, @user.public_key
end
- test "user to json includes id, login, valid, is_admin and enabled" do
- json_content = JSON.parse @user.to_json
- assert_equal @user.id, json_content["id"]
- assert_equal @user.valid?, json_content["ok"]
- assert_equal @user.login, json_content["login"]
- assert_equal @user.enabled?, json_content["enabled"]
- assert_equal @user.is_admin?, json_content["is_admin"]
+ test "user to hash includes id, login, valid and enabled" do
+ hash = @user.to_hash
+ assert_equal @user.id, hash[:id]
+ assert_equal @user.valid?, hash[:ok]
+ assert_equal @user.login, hash[:login]
+ assert_equal @user.enabled?, hash[:enabled]
end