feat(api): RequireAuth+RequireProjectAccess middleware, IDOR-scope check/apply по projectID
This commit is contained in:
@@ -40,7 +40,7 @@ func TestLoadDomainAndSaveCheckRun(t *testing.T) {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
ref, err := s.LoadDomain(ctx, domain.ID)
|
||||
ref, err := s.LoadDomain(ctx, defaultProject, domain.ID)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
@@ -87,7 +87,7 @@ func TestLoadDomainNoTemplate(t *testing.T) {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
if _, err := s.LoadDomain(ctx, domain.ID); err == nil {
|
||||
if _, err := s.LoadDomain(ctx, defaultProject, domain.ID); err == nil {
|
||||
t.Fatal("expected error for domain without template, got nil")
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user