projects_spec.rb 23.7 KB
Newer Older
Nihad Abbasov's avatar
Nihad Abbasov committed
1 2
require 'spec_helper'

Jeroen van Baarsen's avatar
Jeroen van Baarsen committed
3
describe API::API, api: true  do
4
  include ApiHelpers
5
  before(:each) { enable_observers }
6
  after(:each) { disable_observers }
7

8 9 10
  let(:user) { create(:user) }
  let(:user2) { create(:user) }
  let(:user3) { create(:user) }
Angus MacArthur's avatar
Angus MacArthur committed
11
  let(:admin) { create(:admin) }
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
12 13 14 15
  let(:project) { create(:project, creator_id: user.id, namespace: user.namespace) }
  let(:snippet) { create(:project_snippet, author: user, project: project, title: 'example') }
  let(:users_project) { create(:users_project, user: user, project: project, project_access: UsersProject::MASTER) }
  let(:users_project2) { create(:users_project, user: user3, project: project, project_access: UsersProject::DEVELOPER) }
16
  let(:issue_with_labels) { create(:issue, author: user, assignee: user, project: project, :label_list => "label1, label2") }
17 18 19 20 21 22
  let(:merge_request_with_labels) do
    create(:merge_request, :simple, author: user, assignee: user,
           source_project: project, target_project: project, title: 'Test',
           label_list: 'label3, label4')
  end

Nihad Abbasov's avatar
Nihad Abbasov committed
23 24

  describe "GET /projects" do
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
25 26
    before { project }

27 28 29 30 31
    context "when unauthenticated" do
      it "should return authentication error" do
        get api("/projects")
        response.status.should == 401
      end
Nihad Abbasov's avatar
Nihad Abbasov committed
32 33
    end

34
    context "when authenticated" do
Nihad Abbasov's avatar
Nihad Abbasov committed
35
      it "should return an array of projects" do
Robert Speicher's avatar
Robert Speicher committed
36
        get api("/projects", user)
Nihad Abbasov's avatar
Nihad Abbasov committed
37
        response.status.should == 200
Nihad Abbasov's avatar
Nihad Abbasov committed
38 39
        json_response.should be_an Array
        json_response.first['name'].should == project.name
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
40
        json_response.first['owner']['username'].should == user.username
Nihad Abbasov's avatar
Nihad Abbasov committed
41 42 43 44
      end
    end
  end

45
  describe "GET /projects/all" do
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
46 47
    before { project }

48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67
    context "when unauthenticated" do
      it "should return authentication error" do
        get api("/projects/all")
        response.status.should == 401
      end
    end

    context "when authenticated as regular user" do
      it "should return authentication error" do
        get api("/projects/all", user)
        response.status.should == 403
      end
    end

    context "when authenticated as admin" do
      it "should return an array of all projects" do
        get api("/projects/all", admin)
        response.status.should == 200
        json_response.should be_an Array
        json_response.first['name'].should == project.name
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
68
        json_response.first['owner']['username'].should == user.username
69 70 71 72
      end
    end
  end

73
  describe "POST /projects" do
74 75 76 77 78 79 80 81 82 83
    context "maximum number of projects reached" do
      before do
        (1..user2.projects_limit).each do |project|
          post api("/projects", user2), name: "foo#{project}"
        end
      end

      it "should not create new project" do
        expect {
          post api("/projects", user2), name: 'foo'
84
        }.to change {Project.count}.by(0)
85 86 87
      end
    end

88
    it "should create new project without path" do
89
      expect { post api("/projects", user), name: 'foo' }.to change {Project.count}.by(1)
90
    end
Alex Denisov's avatar
Alex Denisov committed
91 92

    it "should not create new project without name" do
93
      expect { post api("/projects", user) }.to_not change {Project.count}
Alex Denisov's avatar
Alex Denisov committed
94 95
    end

96 97 98 99 100
    it "should return a 400 error if name not given" do
      post api("/projects", user)
      response.status.should == 400
    end

101 102 103 104 105 106
    it "should create last project before reaching project limit" do
      (1..user2.projects_limit-1).each { |p| post api("/projects", user2), name: "foo#{p}" }
      post api("/projects", user2), name: "foo"
      response.status.should == 201
    end

Alex Denisov's avatar
Alex Denisov committed
107 108
    it "should respond with 201 on success" do
      post api("/projects", user), name: 'foo'
109
      response.status.should == 201
110
    end
Alex Denisov's avatar
Alex Denisov committed
111

112
    it "should respond with 400 if name is not given" do
Alex Denisov's avatar
Alex Denisov committed
113
      post api("/projects", user)
114
      response.status.should == 400
115
    end
Alex Denisov's avatar
Alex Denisov committed
116

117 118 119 120 121 122 123 124
    it "should return a 403 error if project limit reached" do
      (1..user.projects_limit).each do |p|
        post api("/projects", user), name: "foo#{p}"
      end
      post api("/projects", user), name: 'bar'
      response.status.should == 403
    end

Alex Denisov's avatar
Alex Denisov committed
125
    it "should assign attributes to project" do
126
      project = attributes_for(:project, {
127 128 129 130
        description: Faker::Lorem.sentence,
        issues_enabled: false,
        merge_requests_enabled: false,
        wiki_enabled: false
Alex Denisov's avatar
Alex Denisov committed
131 132 133 134
      })

      post api("/projects", user), project

135
      project.each_pair do |k,v|
136
        next if k == :path
Alex Denisov's avatar
Alex Denisov committed
137 138
        json_response[k.to_s].should == v
      end
139
    end
140 141

    it "should set a project as public" do
142
      project = attributes_for(:project, :public)
143 144 145 146 147 148
      post api("/projects", user), project
      json_response['public'].should be_true
      json_response['visibility_level'].should == Gitlab::VisibilityLevel::PUBLIC
    end

    it "should set a project as public using :public" do
149 150 151
      project = attributes_for(:project, { public: true })
      post api("/projects", user), project
      json_response['public'].should be_true
152 153 154 155
      json_response['visibility_level'].should == Gitlab::VisibilityLevel::PUBLIC
    end

    it "should set a project as internal" do
156
      project = attributes_for(:project, :internal)
157 158 159 160 161 162
      post api("/projects", user), project
      json_response['public'].should be_false
      json_response['visibility_level'].should == Gitlab::VisibilityLevel::INTERNAL
    end

    it "should set a project as internal overriding :public" do
163
      project = attributes_for(:project, :internal, { public: true })
164 165 166
      post api("/projects", user), project
      json_response['public'].should be_false
      json_response['visibility_level'].should == Gitlab::VisibilityLevel::INTERNAL
167 168 169
    end

    it "should set a project as private" do
170
      project = attributes_for(:project, :private)
171 172 173 174 175 176
      post api("/projects", user), project
      json_response['public'].should be_false
      json_response['visibility_level'].should == Gitlab::VisibilityLevel::PRIVATE
    end

    it "should set a project as private using :public" do
177 178 179
      project = attributes_for(:project, { public: false })
      post api("/projects", user), project
      json_response['public'].should be_false
180
      json_response['visibility_level'].should == Gitlab::VisibilityLevel::PRIVATE
181
    end
182 183
  end

Angus MacArthur's avatar
Angus MacArthur committed
184
  describe "POST /projects/user/:id" do
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
185
    before { project }
Angus MacArthur's avatar
Angus MacArthur committed
186 187 188
    before { admin }

    it "should create new project without path" do
189
      expect { post api("/projects/user/#{user.id}", admin), name: 'foo' }.to change {Project.count}.by(1)
Angus MacArthur's avatar
Angus MacArthur committed
190 191 192
    end

    it "should not create new project without name" do
193
      expect { post api("/projects/user/#{user.id}", admin) }.to_not change {Project.count}
Angus MacArthur's avatar
Angus MacArthur committed
194 195 196 197 198 199 200 201 202 203 204 205 206 207
    end

    it "should respond with 201 on success" do
      post api("/projects/user/#{user.id}", admin), name: 'foo'
      response.status.should == 201
    end

    it "should respond with 404 on failure" do
      post api("/projects/user/#{user.id}", admin)
      response.status.should == 404
    end

    it "should assign attributes to project" do
      project = attributes_for(:project, {
208 209 210 211
        description: Faker::Lorem.sentence,
        issues_enabled: false,
        merge_requests_enabled: false,
        wiki_enabled: false
Angus MacArthur's avatar
Angus MacArthur committed
212 213 214 215
      })

      post api("/projects/user/#{user.id}", admin), project

216
      project.each_pair do |k,v|
Angus MacArthur's avatar
Angus MacArthur committed
217 218 219 220
        next if k == :path
        json_response[k.to_s].should == v
      end
    end
221 222

    it "should set a project as public" do
223
      project = attributes_for(:project, :public)
224 225 226 227 228 229
      post api("/projects/user/#{user.id}", admin), project
      json_response['public'].should be_true
      json_response['visibility_level'].should == Gitlab::VisibilityLevel::PUBLIC
    end

    it "should set a project as public using :public" do
230 231 232
      project = attributes_for(:project, { public: true })
      post api("/projects/user/#{user.id}", admin), project
      json_response['public'].should be_true
233 234
      json_response['visibility_level'].should == Gitlab::VisibilityLevel::PUBLIC
    end
235

236
    it "should set a project as internal" do
237
      project = attributes_for(:project, :internal)
238 239 240
      post api("/projects/user/#{user.id}", admin), project
      json_response['public'].should be_false
      json_response['visibility_level'].should == Gitlab::VisibilityLevel::INTERNAL
241 242
    end

243
    it "should set a project as internal overriding :public" do
244
      project = attributes_for(:project, :internal, { public: true })
245 246
      post api("/projects/user/#{user.id}", admin), project
      json_response['public'].should be_false
247 248
      json_response['visibility_level'].should == Gitlab::VisibilityLevel::INTERNAL
    end
249

250
    it "should set a project as private" do
251
      project = attributes_for(:project, :private)
252 253 254
      post api("/projects/user/#{user.id}", admin), project
      json_response['public'].should be_false
      json_response['visibility_level'].should == Gitlab::VisibilityLevel::PRIVATE
255 256
    end

257 258 259 260 261 262
    it "should set a project as private using :public" do
      project = attributes_for(:project, { public: false })
      post api("/projects/user/#{user.id}", admin), project
      json_response['public'].should be_false
      json_response['visibility_level'].should == Gitlab::VisibilityLevel::PRIVATE
    end
Angus MacArthur's avatar
Angus MacArthur committed
263 264
  end

Nihad Abbasov's avatar
Nihad Abbasov committed
265
  describe "GET /projects/:id" do
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
266
    before { project }
267
    before { users_project }
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
268

Nihad Abbasov's avatar
Nihad Abbasov committed
269
    it "should return a project by id" do
Robert Speicher's avatar
Robert Speicher committed
270
      get api("/projects/#{project.id}", user)
Nihad Abbasov's avatar
Nihad Abbasov committed
271
      response.status.should == 200
Nihad Abbasov's avatar
Nihad Abbasov committed
272
      json_response['name'].should == project.name
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
273
      json_response['owner']['username'].should == user.username
Nihad Abbasov's avatar
Nihad Abbasov committed
274
    end
275

276
    it "should return a project by path name" do
277
      get api("/projects/#{project.id}", user)
278 279 280
      response.status.should == 200
      json_response['name'].should == project.name
    end
281 282

    it "should return a 404 error if not found" do
Robert Speicher's avatar
Robert Speicher committed
283
      get api("/projects/42", user)
284
      response.status.should == 404
Alex Denisov's avatar
Alex Denisov committed
285
      json_response['message'].should == '404 Not Found'
286
    end
287 288 289 290 291 292

    it "should return a 404 error if user is not a member" do
      other_user = create(:user)
      get api("/projects/#{project.id}", other_user)
      response.status.should == 404
    end
293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314

    describe 'permissions' do
      context 'personal project' do
        before { get api("/projects/#{project.id}", user) }

        it { response.status.should == 200 }
        it { json_response['permissions']["project_access"]["access_level"].should == Gitlab::Access::MASTER }
        it { json_response['permissions']["group_access"].should be_nil }
      end

      context 'group project' do
        before do
          project2 = create(:project, group: create(:group))
          project2.group.add_owner(user)
          get api("/projects/#{project2.id}", user)
        end

        it { response.status.should == 200 }
        it { json_response['permissions']["project_access"].should be_nil }
        it { json_response['permissions']["group_access"]["access_level"].should == Gitlab::Access::OWNER }
      end
    end
Nihad Abbasov's avatar
Nihad Abbasov committed
315 316
  end

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
317
  describe "GET /projects/:id/events" do
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
318 319
    before { users_project }

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341
    it "should return a project events" do
      get api("/projects/#{project.id}/events", user)
      response.status.should == 200
      json_event = json_response.first

      json_event['action_name'].should == 'joined'
      json_event['project_id'].to_i.should == project.id
    end

    it "should return a 404 error if not found" do
      get api("/projects/42/events", user)
      response.status.should == 404
      json_response['message'].should == '404 Not Found'
    end

    it "should return a 404 error if user is not a member" do
      other_user = create(:user)
      get api("/projects/#{project.id}/events", other_user)
      response.status.should == 404
    end
  end

342
  describe "GET /projects/:id/snippets" do
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
343 344
    before { snippet }

Nihad Abbasov's avatar
Nihad Abbasov committed
345
    it "should return an array of project snippets" do
346
      get api("/projects/#{project.id}/snippets", user)
347 348 349 350 351 352
      response.status.should == 200
      json_response.should be_an Array
      json_response.first['title'].should == snippet.title
    end
  end

Nihad Abbasov's avatar
Nihad Abbasov committed
353 354
  describe "GET /projects/:id/snippets/:snippet_id" do
    it "should return a project snippet" do
355
      get api("/projects/#{project.id}/snippets/#{snippet.id}", user)
Nihad Abbasov's avatar
Nihad Abbasov committed
356
      response.status.should == 200
Nihad Abbasov's avatar
Nihad Abbasov committed
357
      json_response['title'].should == snippet.title
Nihad Abbasov's avatar
Nihad Abbasov committed
358
    end
359 360 361 362 363

    it "should return a 404 error if snippet id not found" do
      get api("/projects/#{project.id}/snippets/1234", user)
      response.status.should == 404
    end
Nihad Abbasov's avatar
Nihad Abbasov committed
364 365 366 367
  end

  describe "POST /projects/:id/snippets" do
    it "should create a new project snippet" do
368
      post api("/projects/#{project.id}/snippets", user),
369
        title: 'api test', file_name: 'sample.rb', code: 'test'
Nihad Abbasov's avatar
Nihad Abbasov committed
370
      response.status.should == 201
Nihad Abbasov's avatar
Nihad Abbasov committed
371
      json_response['title'].should == 'api test'
Nihad Abbasov's avatar
Nihad Abbasov committed
372
    end
373 374 375

    it "should return a 400 error if title is not given" do
      post api("/projects/#{project.id}/snippets", user),
376
        file_name: 'sample.rb', code: 'test'
377 378
      response.status.should == 400
    end
379 380 381

    it "should return a 400 error if file_name not given" do
      post api("/projects/#{project.id}/snippets", user),
382
        title: 'api test', code: 'test'
383 384 385 386 387
      response.status.should == 400
    end

    it "should return a 400 error if code not given" do
      post api("/projects/#{project.id}/snippets", user),
388
        title: 'api test', file_name: 'sample.rb'
389 390
      response.status.should == 400
    end
Nihad Abbasov's avatar
Nihad Abbasov committed
391 392
  end

393
  describe "PUT /projects/:id/snippets/:shippet_id" do
394
    it "should update an existing project snippet" do
395
      put api("/projects/#{project.id}/snippets/#{snippet.id}", user),
396
        code: 'updated code'
397 398
      response.status.should == 200
      json_response['title'].should == 'example'
399
      snippet.reload.content.should == 'updated code'
400
    end
401 402 403

    it "should update an existing project snippet with new title" do
      put api("/projects/#{project.id}/snippets/#{snippet.id}", user),
404
        title: 'other api test'
405 406 407
      response.status.should == 200
      json_response['title'].should == 'other api test'
    end
408 409
  end

Nihad Abbasov's avatar
Nihad Abbasov committed
410
  describe "DELETE /projects/:id/snippets/:snippet_id" do
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
411 412
    before { snippet }

m16a1's avatar
m16a1 committed
413
    it "should delete existing project snippet" do
Nihad Abbasov's avatar
Nihad Abbasov committed
414
      expect {
415
        delete api("/projects/#{project.id}/snippets/#{snippet.id}", user)
416
      }.to change { Snippet.count }.by(-1)
417 418 419 420 421 422
      response.status.should == 200
    end

    it "should return success when deleting unknown snippet id" do
      delete api("/projects/#{project.id}/snippets/1234", user)
      response.status.should == 200
Nihad Abbasov's avatar
Nihad Abbasov committed
423 424
    end
  end
425 426 427

  describe "GET /projects/:id/snippets/:snippet_id/raw" do
    it "should get a raw project snippet" do
428
      get api("/projects/#{project.id}/snippets/#{snippet.id}/raw", user)
429 430
      response.status.should == 200
    end
431 432 433 434 435

    it "should return a 404 error if raw project snippet not found" do
      get api("/projects/#{project.id}/snippets/5555/raw", user)
      response.status.should == 404
    end
436
  end
437

438 439 440
  describe :deploy_keys do
    let(:deploy_keys_project) { create(:deploy_keys_project, project: project) }
    let(:deploy_key) { deploy_keys_project.deploy_key }
Matt Humphrey's avatar
Matt Humphrey committed
441

442 443
    describe "GET /projects/:id/keys" do
      before { deploy_key }
Matt Humphrey's avatar
Matt Humphrey committed
444

445 446 447 448 449 450
      it "should return array of ssh keys" do
        get api("/projects/#{project.id}/keys", user)
        response.status.should == 200
        json_response.should be_an Array
        json_response.first['title'].should == deploy_key.title
      end
Matt Humphrey's avatar
Matt Humphrey committed
451 452
    end

453 454 455 456 457 458
    describe "GET /projects/:id/keys/:key_id" do
      it "should return a single key" do
        get api("/projects/#{project.id}/keys/#{deploy_key.id}", user)
        response.status.should == 200
        json_response['title'].should == deploy_key.title
      end
Matt Humphrey's avatar
Matt Humphrey committed
459

460 461 462 463
      it "should return 404 Not Found with invalid ID" do
        get api("/projects/#{project.id}/keys/404", user)
        response.status.should == 404
      end
Matt Humphrey's avatar
Matt Humphrey committed
464 465
    end

466 467
    describe "POST /projects/:id/keys" do
      it "should not create an invalid ssh key" do
468
        post api("/projects/#{project.id}/keys", user), { title: "invalid key" }
469 470 471 472 473 474 475
        response.status.should == 404
      end

      it "should create new ssh key" do
        key_attrs = attributes_for :key
        expect {
          post api("/projects/#{project.id}/keys", user), key_attrs
476
        }.to change{ project.deploy_keys.count }.by(1)
477
      end
Matt Humphrey's avatar
Matt Humphrey committed
478 479
    end

480 481 482 483 484 485
    describe "DELETE /projects/:id/keys/:key_id" do
      before { deploy_key }

      it "should delete existing key" do
        expect {
          delete api("/projects/#{project.id}/keys/#{deploy_key.id}", user)
486
        }.to change{ project.deploy_keys.count }.by(-1)
487 488 489 490 491 492
      end

      it "should return 404 Not Found with invalid ID" do
        delete api("/projects/#{project.id}/keys/404", user)
        response.status.should == 404
      end
Matt Humphrey's avatar
Matt Humphrey committed
493 494
    end
  end
495 496 497

  describe :fork_admin do
    let(:project_fork_target) { create(:project) }
498
    let(:project_fork_source) { create(:project, :public) }
499 500

    describe "POST /projects/:id/fork/:forked_from_id" do
501
      let(:new_project_fork_source) { create(:project, :public) }
502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561

      it "shouldn't available for non admin users" do
        post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", user)
        response.status.should == 403
      end

      it "should allow project to be forked from an existing project" do
        project_fork_target.forked?.should_not be_true
        post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin)
        response.status.should == 201
        project_fork_target.reload
        project_fork_target.forked_from_project.id.should == project_fork_source.id
        project_fork_target.forked_project_link.should_not be_nil
        project_fork_target.forked?.should be_true
      end

      it "should fail if forked_from project which does not exist" do
        post api("/projects/#{project_fork_target.id}/fork/9999", admin)
        response.status.should == 404
      end

      it "should fail with 409 if already forked" do
        post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin)
        project_fork_target.reload
        project_fork_target.forked_from_project.id.should == project_fork_source.id
        post api("/projects/#{project_fork_target.id}/fork/#{new_project_fork_source.id}", admin)
        response.status.should == 409
        project_fork_target.reload
        project_fork_target.forked_from_project.id.should == project_fork_source.id
        project_fork_target.forked?.should be_true
      end
    end

    describe "DELETE /projects/:id/fork" do

      it "shouldn't available for non admin users" do
        delete api("/projects/#{project_fork_target.id}/fork", user)
        response.status.should == 403
      end

      it "should make forked project unforked" do
        post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin)
        project_fork_target.reload
        project_fork_target.forked_from_project.should_not be_nil
        project_fork_target.forked?.should be_true
        delete api("/projects/#{project_fork_target.id}/fork", admin)
        response.status.should == 200
        project_fork_target.reload
        project_fork_target.forked_from_project.should be_nil
        project_fork_target.forked?.should_not be_true
      end

      it "should be idempotent if not forked" do
        project_fork_target.forked_from_project.should be_nil
        delete api("/projects/#{project_fork_target.id}/fork", admin)
        response.status.should == 200
        project_fork_target.reload.forked_from_project.should be_nil
      end
    end
  end
562 563 564

  describe "GET /projects/search/:query" do
    let!(:query) { 'query'}
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
565 566 567 568 569
    let!(:search)           { create(:empty_project, name: query, creator_id: user.id, namespace: user.namespace) }
    let!(:pre)              { create(:empty_project, name: "pre_#{query}", creator_id: user.id, namespace: user.namespace) }
    let!(:post)             { create(:empty_project, name: "#{query}_post", creator_id: user.id, namespace: user.namespace) }
    let!(:pre_post)         { create(:empty_project, name: "pre_#{query}_post", creator_id: user.id, namespace: user.namespace) }
    let!(:unfound)          { create(:empty_project, name: 'unfound', creator_id: user.id, namespace: user.namespace) }
570 571 572 573
    let!(:internal)         { create(:empty_project, :internal, name: "internal #{query}") }
    let!(:unfound_internal) { create(:empty_project, :internal, name: 'unfound internal') }
    let!(:public)           { create(:empty_project, :public, name: "public #{query}") }
    let!(:unfound_public)   { create(:empty_project, :public, name: 'unfound public') }
574 575 576 577 578 579 580 581 582 583 584 585 586

    context "when unauthenticated" do
      it "should return authentication error" do
        get api("/projects/search/#{query}")
        response.status.should == 401
      end
    end

    context "when authenticated" do
      it "should return an array of projects" do
        get api("/projects/search/#{query}",user)
        response.status.should == 200
        json_response.should be_an Array
587
        json_response.size.should == 6
588 589 590 591 592 593 594 595 596
        json_response.each {|project| project['name'].should =~ /.*query.*/}
      end
    end

    context "when authenticated as a different user" do
      it "should return matching public projects" do
        get api("/projects/search/#{query}", user2)
        response.status.should == 200
        json_response.should be_an Array
597 598
        json_response.size.should == 2
        json_response.each {|project| project['name'].should =~ /(internal|public) query/}
599 600 601
      end
    end
  end
602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639

  describe "DELETE /projects/:id" do
    context "when authenticated as user" do
      it "should remove project" do
        delete api("/projects/#{project.id}", user)
        response.status.should == 200
      end

      it "should not remove a project if not an owner" do
        user3 = create(:user)
        project.team << [user3, :developer]
        delete api("/projects/#{project.id}", user3)
        response.status.should == 403
      end

      it "should not remove a non existing project" do
        delete api("/projects/1328", user)
        response.status.should == 404
      end

      it "should not remove a project not attached to user" do
        delete api("/projects/#{project.id}", user2)
        response.status.should == 404
      end
    end

    context "when authenticated as admin" do
      it "should remove any existing project" do
        delete api("/projects/#{project.id}", admin)
        response.status.should == 200
      end

      it "should not remove a non existing project" do
        delete api("/projects/1328", admin)
        response.status.should == 404
      end
    end
  end
640

641 642 643
  describe 'GET /projects/:id/labels' do
    context 'with an issue' do
      before { issue_with_labels }
644

645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679
      it 'should return project labels' do
        get api("/projects/#{project.id}/labels", user)
        response.status.should == 200
        json_response.should be_an Array
        json_response.first['name'].should == issue_with_labels.labels.first.name
        json_response.last['name'].should == issue_with_labels.labels.last.name
      end
    end

    context 'with a merge request' do
      before { merge_request_with_labels }

      it 'should return project labels' do
        get api("/projects/#{project.id}/labels", user)
        response.status.should == 200
        json_response.should be_an Array
        json_response.first['name'].should == merge_request_with_labels.labels.first.name
        json_response.last['name'].should == merge_request_with_labels.labels.last.name
      end
    end

    context 'with an issue and a merge request' do
      before do
        issue_with_labels
        merge_request_with_labels
      end

      it 'should return project labels from both' do
        get api("/projects/#{project.id}/labels", user)
        response.status.should == 200
        json_response.should be_an Array
        all_labels = issue_with_labels.labels.map(&:name).to_a
                       .concat(merge_request_with_labels.labels.map(&:name).to_a)
        json_response.map { |e| e['name'] }.should =~ all_labels
      end
680 681
    end
  end
Nihad Abbasov's avatar
Nihad Abbasov committed
682
end