Revision ce13ab5d
Added by Marek Hulán over 10 years ago
| test/functional/hosts_controller_test.rb | ||
|---|---|---|
|
test "update multiple location imports taxable_taxonomies rows if succeeds on optimistic import" do
|
||
|
@request.env['HTTP_REFERER'] = hosts_path
|
||
|
location = taxonomies(:location1)
|
||
|
assert_difference "location.taxable_taxonomies.count", 14 do
|
||
|
assert_difference "location.taxable_taxonomies.count", 15 do
|
||
|
post :update_multiple_location, {
|
||
|
:location => {:id => location.id, :optimistic_import => "yes"},
|
||
|
:host_ids => Host.all.map(&:id)
|
||
| ... | ... | |
|
test "update multiple organization imports taxable_taxonomies rows if succeeds on optimistic import" do
|
||
|
@request.env['HTTP_REFERER'] = hosts_path
|
||
|
organization = taxonomies(:organization1)
|
||
|
assert_difference "organization.taxable_taxonomies.count", 14 do
|
||
|
assert_difference "organization.taxable_taxonomies.count", 15 do
|
||
|
post :update_multiple_organization, {
|
||
|
:organization => {:id => organization.id, :optimistic_import => "yes"},
|
||
|
:host_ids => Host.all.map(&:id)
|
||
Also available in: Unified diff
fixes #2863 - restrict APIs to resources that a user is permitted to manage (CVE-2013-4182)