github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-24 08:18:18 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
79ce7085c2
discourse/spec/requests
History
Robin Ward 79ce7085c2 SECURITY: Ensure the invite JSON API matches the UX 
Anonymous users could query the invite json and see counts and
summaries which is not allowed in the UX of Discourse.

This commit has those endpoints return a 403 unless the user is
allowed to invite.
2020-03-05 09:23:21 -05:00
..
admin Remove invite_admin route. 2020-03-05 06:45:08 +05:30
about_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
application_controller_spec.rb SECURITY: 2FA with U2F / TOTP 2020-01-15 11:27:12 +01:00
associate_accounts_controller_spec.rb DEV: Add test to ensure :after_auth event is triggered (#8400) 2019-11-25 14:31:57 +02:00
badges_controller_spec.rb DEV: Make badge test resilient to disabled badges 2020-02-11 18:01:33 +00:00
bookmarks_controller_spec.rb FEATURE: Improving bookmarks part 2 -- Topic Bookmarking (#8954) 2020-02-13 16:26:02 +10:00
categories_controller_spec.rb UX: Introduce automatic 'categories topics' setting (#8804) 2020-01-29 20:30:48 +02:00
category_hashtags_controller_spec.rb DEV: avoid double sign-in which can lead to flaky tests 2019-06-03 10:15:49 +10:00
clicks_controller_spec.rb DEV: Fix failling test. 2019-05-07 11:19:13 +03:00
composer_messages_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
csp_reports_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
directory_items_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
draft_controller_spec.rb FIX: Confirm draft_key is present on GET 2020-02-14 11:06:12 -05:00
drafts_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
email_controller_spec.rb DEV: Implement a faster Discourse.cache 2019-11-27 16:11:49 +11:00
embed_controller_spec.rb FEATURE: Overhaul of admin API key system (#8284) 2019-11-05 14:10:23 +00:00
exceptions_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
export_csv_controller_spec.rb fix the build (take 2). 2019-12-24 19:27:35 +05:30
extra_locales_controller_spec.rb FIX: Better error handling for invalid locale bundle versions 2019-11-11 22:30:32 +01:00
finish_installation_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
forums_controller_spec.rb FIX: Don't use DistributedCache to store redis readonly state 2019-06-25 11:20:34 +08:00
groups_controller_spec.rb FIX: groups pagination was broken 2020-01-16 23:57:34 +01:00
inline_onebox_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
invites_controller_spec.rb FEATURE: Add timezone to core user_options (#8380) 2019-11-25 10:49:27 +10:00
list_controller_spec.rb FIX: Make category slug validation less strict (#8915) 2020-02-11 17:01:12 +02:00
metadata_controller_spec.rb DEV: Fix web manifest short_title tests 2020-02-04 14:46:33 -03:00
notifications_controller_spec.rb DEV: Prefer public_send over send. 2019-05-07 09:33:21 +08:00
offline_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
omniauth_callbacks_controller_spec.rb FIX: When admin changes another user's email auto-confirm the change (#9001) 2020-02-20 09:52:21 +10:00
onebox_controller_spec.rb FIX: Cache failed onebox URL request server-side (#8421) 2019-11-28 07:48:29 +10:00
permalinks_controller_spec.rb DEV: improve usability of subfolder specs 2019-11-15 16:48:24 +11:00
post_action_users_controller_spec.rb More prefabrication 2019-05-10 08:34:04 -04:00
post_actions_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
post_readers_controller_spec.rb FIX: Filter readers avatars correctly when the post is a whisper 2019-12-03 10:50:02 -03:00
posts_controller_spec.rb FIX: ensures we don't attempt to create a new PM on an existing topic (#9029) 2020-02-24 08:55:12 -06:00
push_notification_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
reviewable_claimed_topics_controller_spec.rb FIX: Make reviewable claiming work with deleted topics (#9040) 2020-02-25 15:49:23 +02:00
reviewables_controller_spec.rb FEATURE: Filter reviewables by date range (#8354) 2019-11-15 15:29:59 -03:00
robots_txt_controller_spec.rb DEV: improve usability of subfolder specs 2019-11-15 16:48:24 +11:00
safe_mode_controller_spec.rb FEATURE: Always disable customizations on the /safe-mode route (#9052) 2020-02-28 10:53:11 +00:00
search_controller_spec.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
session_controller_spec.rb FIX: Minor linting issue for future rubocops 2020-02-19 14:04:56 -05:00
similar_topics_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
site_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
static_controller_spec.rb DEV: Upgrade Discourse to Rails 6 (#8083) 2019-09-12 10:41:50 +10:00
steps_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
stylesheets_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
svg_sprite_controller_spec.rb UX: introduces icon-picker component for badges (#8844) 2020-02-05 00:41:10 +01:00
tag_groups_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
tags_controller_spec.rb FIX: tag info misleading message saying it's not restricted 2020-02-05 15:23:39 -05:00
theme_javascripts_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
topics_controller_spec.rb FEATURE: Improving bookmarks part 2 -- Topic Bookmarking (#8954) 2020-02-13 16:26:02 +10:00
uploads_controller_spec.rb FIX: Use full URL for secure attachments when secure media enabled (#9037) 2020-03-04 10:11:08 +11:00
user_actions_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
user_api_keys_controller_spec.rb SECURITY: Correct permission check when revoking user API keys 2019-12-17 10:56:16 +00:00
user_avatars_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
user_badges_controller_spec.rb DEV: improve usability of subfolder specs 2019-11-15 16:48:24 +11:00
users_controller_spec.rb SECURITY: Ensure the invite JSON API matches the UX 2020-03-05 09:23:21 -05:00
users_email_controller_spec.rb FIX: When admin changes another user's email auto-confirm the change (#9001) 2020-02-20 09:52:21 +10:00
webhooks_controller_spec.rb DEV: Apply rubocop (#8926) 2020-02-11 16:21:03 +00:00
wizard_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00