Commit 94c5ca71 authored by Kamil Trzciński's avatar Kamil Trzciński

Merge branch 'tm/feature/namespace-by-id-api' into 'master'

Add new API endpoint - get a namespace by ID

Closes #40254

See merge request gitlab-org/gitlab-ce!15442
parents 74b50363 f144cce8
......@@ -34,6 +34,8 @@ class GroupPolicy < BasePolicy
rule { admin } .enable :read_group
rule { has_projects } .enable :read_group
rule { has_access }.enable :read_namespace
rule { developer }.enable :admin_milestones
rule { reporter }.enable :admin_label
......
......@@ -8,6 +8,7 @@ class NamespacePolicy < BasePolicy
rule { owner | admin }.policy do
enable :create_projects
enable :admin_namespace
enable :read_namespace
end
rule { personal_project & ~can_create_personal_project }.prevent :create_projects
......
---
title: Add new API endpoint - get a namespace by ID
merge_request: 15442
author:
type: added
......@@ -89,3 +89,55 @@ Example response:
}
]
```
## Get namespace by ID
Get a namespace by ID.
```
GET /namespaces/:id
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | ID or path of the namespace |
Example request:
```bash
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/namespaces/2
```
Example response:
```json
{
"id": 2,
"name": "group1",
"path": "group1",
"kind": "group",
"full_path": "group1",
"parent_id": "null",
"members_count_with_descendants": 2
}
```
Example request:
```bash
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/namespaces/group1
```
Example response:
```json
{
"id": 2,
"name": "group1",
"path": "group1",
"kind": "group",
"full_path": "group1",
"parent_id": "null",
"members_count_with_descendants": 2
}
```
......@@ -50,6 +50,10 @@ module API
initial_current_user != current_user
end
def user_namespace
@user_namespace ||= find_namespace!(params[:id])
end
def user_group
@group ||= find_group!(params[:id])
end
......@@ -112,6 +116,24 @@ module API
end
end
def find_namespace(id)
if id.to_s =~ /^\d+$/
Namespace.find_by(id: id)
else
Namespace.find_by_full_path(id)
end
end
def find_namespace!(id)
namespace = find_namespace(id)
if can?(current_user, :read_namespace, namespace)
namespace
else
not_found!('Namespace')
end
end
def find_project_label(id)
label = available_labels.find_by_id(id) || available_labels.find_by_title(id)
label || not_found!('Label')
......
......@@ -19,6 +19,16 @@ module API
present paginate(namespaces), with: Entities::Namespace, current_user: current_user
end
desc 'Get a namespace by ID' do
success Entities::Namespace
end
params do
requires :id, type: String, desc: "Namespace's ID or path"
end
get ':id' do
present user_namespace, with: Entities::Namespace, current_user: current_user
end
end
end
end
require 'spec_helper'
describe API::Helpers do
subject { Class.new.include(described_class).new }
describe '#find_namespace' do
let(:namespace) { create(:namespace) }
shared_examples 'namespace finder' do
context 'when namespace exists' do
it 'returns requested namespace' do
expect(subject.find_namespace(existing_id)).to eq(namespace)
end
end
context "when namespace doesn't exists" do
it 'returns nil' do
expect(subject.find_namespace(non_existing_id)).to be_nil
end
end
end
context 'when ID is used as an argument' do
let(:existing_id) { namespace.id }
let(:non_existing_id) { 9999 }
it_behaves_like 'namespace finder'
end
context 'when PATH is used as an argument' do
let(:existing_id) { namespace.path }
let(:non_existing_id) { 'non-existing-path' }
it_behaves_like 'namespace finder'
end
end
shared_examples 'user namespace finder' do
let(:user1) { create(:user) }
before do
allow(subject).to receive(:current_user).and_return(user1)
allow(subject).to receive(:header).and_return(nil)
allow(subject).to receive(:not_found!).and_raise('404 Namespace not found')
end
context 'when namespace is group' do
let(:namespace) { create(:group) }
context 'when user has access to group' do
before do
namespace.add_guest(user1)
namespace.save!
end
it 'returns requested namespace' do
expect(namespace_finder).to eq(namespace)
end
end
context "when user doesn't have access to group" do
it 'raises not found error' do
expect { namespace_finder }.to raise_error(RuntimeError, '404 Namespace not found')
end
end
end
context "when namespace is user's personal namespace" do
let(:namespace) { create(:namespace) }
context 'when user owns the namespace' do
before do
namespace.owner = user1
namespace.save!
end
it 'returns requested namespace' do
expect(namespace_finder).to eq(namespace)
end
end
context "when user doesn't own the namespace" do
it 'raises not found error' do
expect { namespace_finder }.to raise_error(RuntimeError, '404 Namespace not found')
end
end
end
end
describe '#find_namespace!' do
let(:namespace_finder) do
subject.find_namespace!(namespace.id)
end
it_behaves_like 'user namespace finder'
end
describe '#user_namespace' do
let(:namespace_finder) do
subject.user_namespace
end
before do
allow(subject).to receive(:params).and_return({ id: namespace.id })
end
it_behaves_like 'user namespace finder'
end
end
......@@ -56,6 +56,7 @@ describe GroupPolicy do
expect_disallowed(*developer_permissions)
expect_disallowed(*master_permissions)
expect_disallowed(*owner_permissions)
expect_disallowed(:read_namespace)
end
end
......@@ -63,7 +64,7 @@ describe GroupPolicy do
let(:current_user) { guest }
it do
expect_allowed(:read_group)
expect_allowed(:read_group, :read_namespace)
expect_disallowed(*reporter_permissions)
expect_disallowed(*developer_permissions)
expect_disallowed(*master_permissions)
......@@ -75,7 +76,7 @@ describe GroupPolicy do
let(:current_user) { reporter }
it do
expect_allowed(:read_group)
expect_allowed(:read_group, :read_namespace)
expect_allowed(*reporter_permissions)
expect_disallowed(*developer_permissions)
expect_disallowed(*master_permissions)
......@@ -87,7 +88,7 @@ describe GroupPolicy do
let(:current_user) { developer }
it do
expect_allowed(:read_group)
expect_allowed(:read_group, :read_namespace)
expect_allowed(*reporter_permissions)
expect_allowed(*developer_permissions)
expect_disallowed(*master_permissions)
......@@ -99,7 +100,7 @@ describe GroupPolicy do
let(:current_user) { master }
it do
expect_allowed(:read_group)
expect_allowed(:read_group, :read_namespace)
expect_allowed(*reporter_permissions)
expect_allowed(*developer_permissions)
expect_allowed(*master_permissions)
......@@ -113,7 +114,7 @@ describe GroupPolicy do
it do
allow(Group).to receive(:supports_nested_groups?).and_return(true)
expect_allowed(:read_group)
expect_allowed(:read_group, :read_namespace)
expect_allowed(*reporter_permissions)
expect_allowed(*developer_permissions)
expect_allowed(*master_permissions)
......@@ -127,7 +128,7 @@ describe GroupPolicy do
it do
allow(Group).to receive(:supports_nested_groups?).and_return(true)
expect_allowed(:read_group)
expect_allowed(:read_group, :read_namespace)
expect_allowed(*reporter_permissions)
expect_allowed(*developer_permissions)
expect_allowed(*master_permissions)
......
require 'spec_helper'
describe NamespacePolicy do
let(:current_user) { create(:user) }
let(:namespace) { current_user.namespace }
let(:user) { create(:user) }
let(:owner) { create(:user) }
let(:admin) { create(:admin) }
let(:namespace) { create(:namespace, owner: owner) }
let(:owner_permissions) { [:create_projects, :admin_namespace, :read_namespace] }
subject { described_class.new(current_user, namespace) }
context "create projects" do
context "user namespace" do
it { is_expected.to be_allowed(:create_projects) }
end
context 'with no user' do
let(:current_user) { nil }
it { is_expected.to be_banned }
end
context 'regular user' do
let(:current_user) { user }
it { is_expected.to be_disallowed(*owner_permissions) }
end
context 'owner' do
let(:current_user) { owner }
it { is_expected.to be_allowed(*owner_permissions) }
context "user who has exceeded project limit" do
let(:current_user) { create(:user, projects_limit: 0) }
context 'user who has exceeded project limit' do
let(:owner) { create(:user, projects_limit: 0) }
it { is_expected.not_to be_allowed(:create_projects) }
end
end
context 'admin' do
let(:current_user) { admin }
it { is_expected.to be_allowed(*owner_permissions) }
end
end
......@@ -91,4 +91,127 @@ describe API::Namespaces do
end
end
end
describe 'GET /namespaces/:id' do
let(:owned_group) { group1 }
let(:user2) { create(:user) }
shared_examples 'can access namespace' do
it 'returns namespace details' do
get api("/namespaces/#{namespace_id}", request_actor)
expect(response).to have_gitlab_http_status(200)
expect(json_response['id']).to eq(requested_namespace.id)
expect(json_response['path']).to eq(requested_namespace.path)
expect(json_response['name']).to eq(requested_namespace.name)
end
end
shared_examples 'namespace reader' do
let(:requested_namespace) { owned_group }
before do
owned_group.add_owner(request_actor)
end
context 'when namespace exists' do
context 'when requested by ID' do
context 'when requesting group' do
let(:namespace_id) { owned_group.id }
it_behaves_like 'can access namespace'
end
context 'when requesting personal namespace' do
let(:namespace_id) { request_actor.namespace.id }
let(:requested_namespace) { request_actor.namespace }
it_behaves_like 'can access namespace'
end
end
context 'when requested by path' do
context 'when requesting group' do
let(:namespace_id) { owned_group.path }
it_behaves_like 'can access namespace'
end
context 'when requesting personal namespace' do
let(:namespace_id) { request_actor.namespace.path }
let(:requested_namespace) { request_actor.namespace }
it_behaves_like 'can access namespace'
end
end
end
context "when namespace doesn't exist" do
it 'returns not-found' do
get api('/namespaces/9999', request_actor)
expect(response).to have_gitlab_http_status(404)
end
end
end
context 'when unauthenticated' do
it 'returns authentication error' do
get api("/namespaces/#{group1.id}")
expect(response).to have_gitlab_http_status(401)
end
end
context 'when authenticated as regular user' do
let(:request_actor) { user }
context 'when requested namespace is not owned by user' do
context 'when requesting group' do
it 'returns not-found' do
get api("/namespaces/#{group2.id}", request_actor)
expect(response).to have_gitlab_http_status(404)
end
end
context 'when requesting personal namespace' do
it 'returns not-found' do
get api("/namespaces/#{user2.namespace.id}", request_actor)
expect(response).to have_gitlab_http_status(404)
end
end
end
context 'when requested namespace is owned by user' do
it_behaves_like 'namespace reader'
end
end
context 'when authenticated as admin' do
let(:request_actor) { admin }
context 'when requested namespace is not owned by user' do
context 'when requesting group' do
let(:namespace_id) { group2.id }
let(:requested_namespace) { group2 }
it_behaves_like 'can access namespace'
end
context 'when requesting personal namespace' do
let(:namespace_id) { user2.namespace.id }
let(:requested_namespace) { user2.namespace }
it_behaves_like 'can access namespace'
end
end
context 'when requested namespace is owned by user' do
it_behaves_like 'namespace reader'
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment