jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

/users.json: make private attributes visible to the user themselves (fix #1551).

Browse Source
This commit is contained in:
evazion
2017-04-28 23:24:23 -05:00
parent 641f56dc2a
commit f7509433b1
2 changed files with 38 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
test/functional/users_controller_test.rb
View File

@@ -46,6 +46,24 @@ class UsersControllerTest < ActionController::TestCase
get :show, {:id => @user.id}
assert_response :success
end
should "show hidden attributes to the owner" do
get :show, {id: @user.id, format: :json}, {user_id: @user.id}
json = JSON.parse(response.body)
assert_response :success
assert_not_nil(json["last_logged_in_at"])
end
should "not show hidden attributes to others" do
another = FactoryGirl.create(:user)
get :show, {id: another.id, format: :json}, {user_id: @user.id}
json = JSON.parse(response.body)
assert_response :success
assert_nil(json["last_logged_in_at"])
end
end
context "new action" do