Commit 5dcdf1d5 authored by Rémy Coutable's avatar Rémy Coutable

Ensure Members::ApproveAccessRequestService can fin a requester by ID

Signed-off-by: default avatarRémy Coutable <remy@rymai.me>
parent b3f0a82f
...@@ -9,7 +9,7 @@ module MembershipActions ...@@ -9,7 +9,7 @@ module MembershipActions
end end
def approve_access_request def approve_access_request
Members::ApproveAccessRequestService.new(membershipable, current_user, user_id: params[:id]).execute Members::ApproveAccessRequestService.new(membershipable, current_user, params).execute
redirect_to polymorphic_url([membershipable, :members]) redirect_to polymorphic_url([membershipable, :members])
end end
......
...@@ -11,7 +11,8 @@ module Members ...@@ -11,7 +11,8 @@ module Members
end end
def execute def execute
access_requester = source.requesters.find_by!(user_id: params[:user_id]) condition = params[:user_id] ? { user_id: params[:user_id] } : { id: params[:id] }
access_requester = source.requesters.find_by!(condition)
raise Gitlab::Access::AccessDeniedError if cannot_update_access_requester?(access_requester) raise Gitlab::Access::AccessDeniedError if cannot_update_access_requester?(access_requester)
......
...@@ -2,9 +2,10 @@ require 'spec_helper' ...@@ -2,9 +2,10 @@ require 'spec_helper'
describe Groups::GroupMembersController do describe Groups::GroupMembersController do
let(:user) { create(:user) } let(:user) { create(:user) }
let(:group) { create(:group) }
describe '#index' do describe '#index' do
let(:group) { create(:group) }
before do before do
group.add_owner(user) group.add_owner(user)
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC]) stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
......
...@@ -83,6 +83,14 @@ describe Members::ApproveAccessRequestService, services: true do ...@@ -83,6 +83,14 @@ describe Members::ApproveAccessRequestService, services: true do
it_behaves_like 'a service approving an access request' do it_behaves_like 'a service approving an access request' do
let(:source) { group } let(:source) { group }
end end
context 'when given a :id' do
let(:params) { { id: project.requesters.find_by!(user_id: access_requester.id).id } }
it_behaves_like 'a service approving an access request' do
let(:source) { project }
end
end
end end
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment