Merge branch 'dev' of github.com:opf/openproject into dev

pull/1582/head
Marek Takac 10 years ago
commit fddd41524e
  1. 1
      doc/INSTALL.md
  2. 2
      lib/api/root.rb
  3. 1
      lib/api/v3/activities/activities_api.rb
  4. 1
      lib/api/v3/attachments/attachments_api.rb
  5. 4
      spec/api/work_package_resource_spec.rb

@ -70,6 +70,7 @@ These are generic (and condensed) installation instructions for the **current de
2. Copy `config/configuration.yml.example` to `config/configuration.yml`:
cp configuration.yml.example configuration.yml
cd ..
Edit `configuration.yml` according to your preferred settings for email, etc. (see [`config/CONFIGURATION.md`](CONFIGURATION.md) for a full list of configuration options).

@ -45,7 +45,7 @@ module API
end
def authenticate
raise API::Errors::Unauthenticated.new if current_user.nil? || current_user.anonymous?
raise API::Errors::Unauthenticated.new if current_user.nil? || current_user.anonymous? if Setting.login_required?
end
def authorize(api, endpoint, context: nil, global: false, user: current_user, allow: true)

@ -17,6 +17,7 @@ module API
end
get do
authorize(:work_packages, :show, context: @activity.Journalable.project)
@representer.to_json
end

@ -17,6 +17,7 @@ module API
end
get do
authorize(:work_packages, :show, context: @attachment.container.project)
@representer.to_json
end

@ -108,12 +108,12 @@ describe 'API v3 Work package resource' do
end
it 'should respond with 401' do
last_response.status.should eq(401)
last_response.status.should eq(403)
end
it 'should respond with explanatory error message' do
parsed_errors = JSON.parse(last_response.body)['errors']
parsed_errors.should eq([{ 'key' => 'not_authenticated', 'messages' => ['You need to be authenticated to access this resource']}])
parsed_errors.should eq([{ 'key' => 'not_authorized', 'messages' => ['You are not authorize to access this resource']}])
end
end

Loading…
Cancel
Save