Skip to content

API: fixes visibility of project hook

Created by: justahero

An unauthorized user can access project hooks individually.

For example if access to GET /projects/:id/hooks fails and returns a 403 Unauthorized error it is still possible to access a hook directly via GET /projects/:id/hooks/:hook_id.

Fixes access, also added tests to check access and status codes of hooks.

Merge request reports

Loading