Commit 0ebfa5e5 authored by Christian Simon's avatar Christian Simon

[FEATURE] Basic user_teams api

 * Closing #3066
 * Closing #3609
parent 6654db2c
......@@ -79,3 +79,4 @@ When listing resources you can pass the following parameters:
+ [Milestones](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/milestones.md)
+ [Notes](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/notes.md)
+ [System Hooks](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/system_hooks.md)
+ [User Teams](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/user_teams.md)
## User teams
### List user teams
Get a list of user teams viewable by the authenticated user.
```
GET /user_teams
```
```json
[
{
id: 1,
name: "User team 1",
path: "user_team1",
owner_id: 1
},
{
id: 2,
name: "User team 2",
path: "user_team2",
owner_id: 1
}
]
```
### Get single user team
Get a specific user team, identified by user team ID, which is viewable by the authenticated user.
```
GET /user_teams/:id
```
Parameters:
+ `id` (required) - The ID of a user_team
```json
{
id: 1,
name: "User team 1",
path: "user_team1",
owner_id: 1
}
```
### Create user team
Creates new user team owned by user. Available only for admins.
```
POST /user_teams
```
Parameters:
+ `name` (required) - new user team name
+ `path` (required) - new user team internal name
## User team members
### List user team members
Get a list of project team members.
```
GET /user_teams/:id/members
```
Parameters:
+ `id` (required) - The ID of a user_team
### Get user team member
Gets a user team member.
```
GET /user_teams/:id/members/:user_id
```
Parameters:
+ `id` (required) - The ID of a user_team
+ `user_id` (required) - The ID of a user
```json
{
id: 2,
username: "john_doe",
email: "joh@doe.org",
name: "John Doe",
state: "active",
created_at: "2012-10-22T14:13:35Z",
access_level: 30
}
```
### Add user team member
Adds a user to a user team.
```
POST /user_teams/:id/members
```
Parameters:
+ `id` (required) - The ID of a user team
+ `user_id` (required) - The ID of a user to add
+ `access_level` (required) - Project access level
### Remove user team member
Removes user from user team.
```
DELETE /user_teams/:id/members/:user_id
```
Parameters:
+ `id` (required) - The ID of a user team
+ `user_id` (required) - The ID of a team member
## User team projects
### List user team projects
Get a list of project team projects.
```
GET /user_teams/:id/projects
```
Parameters:
+ `id` (required) - The ID of a user_team
### Get user team project
Gets a user team project.
```
GET /user_teams/:id/projects/:project_id
```
Parameters:
+ `id` (required) - The ID of a user_team
+ `project_id` (required) - The ID of a user
```json
{
id: 12,
name: "project1",
description: null,
default_branch: "develop",
public: false,
path: "project1",
path_with_namespace: "group1/project1",
issues_enabled: false,
merge_requests_enabled: true,
wall_enabled: true,
wiki_enabled: false,
created_at: "2013-03-11T12:59:08Z",
greatest_access_level: 30
}
```
### Add user team project
Adds a project to a user team.
```
POST /user_teams/:id/projects
```
Parameters:
+ `id` (required) - The ID of a user team
+ `project_id` (required) - The ID of a project to add
+ `greatest_access_level` (required) - Maximum project access level
### Remove user team project
Removes project from user team.
```
DELETE /user_teams/:id/projects/:project_id
```
Parameters:
+ `id` (required) - The ID of a user team
+ `project_id` (required) - The ID of a team project
......@@ -34,5 +34,6 @@ module API
mount Notes
mount Internal
mount SystemHooks
mount UserTeams
end
end
......@@ -40,6 +40,18 @@ module API
end
end
class TeamMember < UserBasic
expose :permission, as: :access_level do |user, options|
options[:user_team].user_team_user_relationships.find_by_user_id(user.id).permission
end
end
class TeamProject < Project
expose :greatest_access, as: :greatest_access_level do |project, options|
options[:user_team].user_team_project_relationships.find_by_project_id(project.id).greatest_access
end
end
class Group < Grape::Entity
expose :id, :name, :path, :owner_id
end
......@@ -87,6 +99,10 @@ module API
expose :id, :title, :key, :created_at
end
class UserTeam < Grape::Entity
expose :id, :name, :path, :owner_id
end
class MergeRequest < Grape::Entity
expose :id, :target_branch, :source_branch, :project_id, :title, :state
expose :author, :assignee, using: Entities::UserBasic
......
module API
# user_teams API
class UserTeams < Grape::API
before { authenticate! }
resource :user_teams do
helpers do
def handle_team_member_errors(errors)
if errors[:permission].any?
render_api_error!(errors[:permission], 422)
end
not_found!
end
def validate_access_level?(level)
[UsersProject::GUEST, UsersProject::REPORTER, UsersProject::DEVELOPER, UsersProject::MASTER].include? level.to_i
end
end
# Get a user_teams list
#
# Example Request:
# GET /user_teams
get do
if current_user.admin
@user_teams = paginate UserTeam
else
@user_teams = paginate current_user.user_teams
end
present @user_teams, with: Entities::UserTeam
end
# Create user_team. Available only for admin
#
# Parameters:
# name (required) - The name of the user_team
# path (required) - The path of the user_team
# Example Request:
# POST /user_teams
post do
authenticated_as_admin!
required_attributes! [:name, :path]
attrs = attributes_for_keys [:name, :path]
@user_team = UserTeam.new(attrs)
@user_team.owner = current_user
if @user_team.save
present @user_team, with: Entities::UserTeam
else
not_found!
end
end
# Get a single user_team
#
# Parameters:
# id (required) - The ID of a user_team
# Example Request:
# GET /user_teams/:id
get ":id" do
@user_team = UserTeam.find(params[:id])
if current_user.admin or current_user.user_teams.include? @user_team
present @user_team, with: Entities::UserTeam
else
not_found!
end
end
# Get user_team members
#
# Parameters:
# id (required) - The ID of a user_team
# Example Request:
# GET /user_teams/:id/members
get ":id/members" do
@user_team = UserTeam.find(params[:id])
if current_user.admin or current_user.user_teams.include? @user_team
@members = paginate @user_team.members
present @members, with: Entities::TeamMember, user_team: @user_team
else
not_found!
end
end
# Add a new user_team member
#
# Parameters:
# id (required) - The ID of a user_team
# user_id (required) - The ID of a user
# access_level (required) - Project access level
# Example Request:
# POST /user_teams/:id/members
post ":id/members" do
authenticated_as_admin!
required_attributes! [:user_id, :access_level]
if not validate_access_level?(params[:access_level])
render_api_error!("Wrong access level", 422)
end
@user_team = UserTeam.find(params[:id])
if @user_team
team_member = @user_team.user_team_user_relationships.find_by_user_id(params[:user_id])
# Not existing member
if team_member.nil?
@user_team.add_member(params[:user_id], params[:access_level], false)
team_member = @user_team.user_team_user_relationships.find_by_user_id(params[:user_id])
if team_member.nil?
render_api_error!("Error creating membership", 500)
else
@member = team_member.user
present @member, with: Entities::TeamMember, user_team: @user_team
end
else
render_api_error!("Already exists", 409)
end
else
not_found!
end
end
# Get a single team member from user_team
#
# Parameters:
# id (required) - The ID of a user_team
# user_id (required) - The ID of a team member
# Example Request:
# GET /user_teams/:id/members/:user_id
get ":id/members/:user_id" do
@user_team = UserTeam.find(params[:id])
if current_user.admin or current_user.user_teams.include? @user_team
team_member = @user_team.user_team_user_relationships.find_by_user_id(params[:user_id])
unless team_member.nil?
present team_member.user, with: Entities::TeamMember, user_team: @user_team
else
not_found!
end
else
not_found!
end
end
# Remove a team member from user_team
#
# Parameters:
# id (required) - The ID of a user_team
# user_id (required) - The ID of a team member
# Example Request:
# DELETE /user_teams/:id/members/:user_id
delete ":id/members/:user_id" do
authenticated_as_admin!
@user_team = UserTeam.find(params[:id])
if @user_team
team_member = @user_team.user_team_user_relationships.find_by_user_id(params[:user_id])
unless team_member.nil?
team_member.destroy
else
not_found!
end
else
not_found!
end
end
# Get to user_team assigned projects
#
# Parameters:
# id (required) - The ID of a user_team
# Example Request:
# GET /user_teams/:id/projects
get ":id/projects" do
@user_team = UserTeam.find(params[:id])
if current_user.admin or current_user.user_teams.include? @user_team
@projects = paginate @user_team.projects
present @projects, with: Entities::TeamProject, user_team: @user_team
else
not_found!
end
end
# Add a new user_team project
#
# Parameters:
# id (required) - The ID of a user_team
# project_id (required) - The ID of a project
# greatest_access_level (required) - Project access level
# Example Request:
# POST /user_teams/:id/projects
post ":id/projects" do
authenticated_as_admin!
required_attributes! [:project_id, :greatest_access_level]
if not validate_access_level?(params[:greatest_access_level])
render_api_error!("Wrong greatest_access_level", 422)
end
@user_team = UserTeam.find(params[:id])
if @user_team
team_project = @user_team.user_team_project_relationships.find_by_project_id(params[:project_id])
# No existing project
if team_project.nil?
@user_team.assign_to_projects([params[:project_id]], params[:greatest_access_level])
team_project = @user_team.user_team_project_relationships.find_by_project_id(params[:project_id])
if team_project.nil?
render_api_error!("Error creating project assignment", 500)
else
@project = team_project.project
present @project, with: Entities::TeamProject, user_team: @user_team
end
else
render_api_error!("Already exists", 409)
end
else
not_found!
end
end
# Show a single team project from user_team
#
# Parameters:
# id (required) - The ID of a user_team
# project_id (required) - The ID of a project assigned to the team
# Example Request:
# GET /user_teams/:id/projects/:project_id
get ":id/projects/:project_id" do
@user_team = UserTeam.find(params[:id])
if current_user.admin or current_user.user_teams.include? @user_team
team_project = @user_team.user_team_project_relationships.find_by_project_id(params[:project_id])
unless team_project.nil?
present team_project.project, with: Entities::TeamProject, user_team: @user_team
else
not_found!
end
else
not_found!
end
end
# Remove a team project from user_team
#
# Parameters:
# id (required) - The ID of a user_team
# project_id (required) - The ID of a project assigned to the team
# Example Request:
# DELETE /user_teams/:id/projects/:project_id
delete ":id/projects/:project_id" do
authenticated_as_admin!
@user_team = UserTeam.find(params[:id])
if @user_team
team_project = @user_team.user_team_project_relationships.find_by_project_id(params[:project_id])
unless team_project.nil?
team_project.destroy
else
not_found!
end
else
not_found!
end
end
end
end
end
require 'spec_helper'
describe API::API do
include ApiHelpers
# Create test objects
let(:user1) { create(:user) }
let(:user2) { create(:user) }
let(:admin) { create(:admin) }
let!(:group1) { create(:group, owner: user1) }
let!(:group2) { create(:group, owner: user2) }
let(:user_team1) { create(:user_team, owner: user1) }
let(:user_team2) { create(:user_team, owner: user2) }
let!(:project1) { create(:project, creator_id: admin.id) }
let!(:project2) { create(:project, creator_id: admin.id) }
before {
# Add members to teams
user_team1.add_member(user1, UsersProject::MASTER, false)
user_team2.add_member(user2, UsersProject::MASTER, false)
# Add projects to teams
user_team1.assign_to_projects([project1.id], UsersProject::MASTER)
user_team2.assign_to_projects([project2.id], UsersProject::MASTER)
}
describe "GET /user_teams" do
context "when unauthenticated" do
it "should return authentication error" do
get api("/user_teams")
response.status.should == 401
end
end
context "when authenticated as user" do
it "normal user: should return an array of user_teams of user1" do
get api("/user_teams", user1)
response.status.should == 200
json_response.should be_an Array
json_response.length.should == 1
json_response.first['name'].should == user_team1.name
end
end
context "when authenticated as admin" do
it "admin: should return an array of all user_teams" do
get api("/user_teams", admin)
response.status.should == 200
json_response.should be_an Array
json_response.length.should == 2
end
end
end
describe "GET /user_teams/:id" do
context "when authenticated as user" do
it "should return one of user1's user_teams" do
get api("/user_teams/#{user_team1.id}", user1)
response.status.should == 200
json_response['name'] == user_team1.name
end
it "should not return a non existing team" do
get api("/user_teams/1328", user1)
response.status.should == 404
end
it "should not return a user_team not attached to user1" do
get api("/user_teams/#{user_team2.id}", user1)
response.status.should == 404
end
end
context "when authenticated as admin" do
it "should return any existing user_team" do
get api("/user_teams/#{user_team2.id}", admin)
response.status.should == 200
json_response['name'].should == user_team2.name
end
it "should not return a non existing user_team" do
get api("/user_teams/1328", admin)
response.status.should == 404
end
end
end
describe "POST /user_teams" do
context "when authenticated as user" do
it "should not create user_team" do
count_before=UserTeam.count
post api("/user_teams", user1), attributes_for(:user_team)
response.status.should == 403
UserTeam.count.should == count_before
end
end
context "when authenticated as admin" do
it "should create user_team" do
count_before=UserTeam.count
post api("/user_teams", admin), attributes_for(:user_team)
response.status.should == 201
UserTeam.count.should == count_before + 1
end
it "should not create user_team, duplicate" do
post api("/user_teams", admin), {:name => "Duplicate Test", :path => user_team2.path}
response.status.should == 404
end
it "should return 400 bad request error if name not given" do
post api("/user_teams", admin), {:path => user_team2.path}
response.status.should == 400
end
it "should return 400 bad request error if path not given" do
post api("/user_teams", admin), {:name => 'test'}
response.status.should == 400
end
end
end
# Members
describe "GET /user_teams/:id/members" do
context "when authenticated as user" do
it "should return user1 as member of user1's user_teams" do
get api("/user_teams/#{user_team1.id}/members", user1)
response.status.should == 200
json_response.first['name'].should == user1.name
json_response.first['access_level'].should == UsersProject::MASTER
end
end
context "when authenticated as admin" do
it "should return member of any existing user_team" do
get api("/user_teams/#{user_team2.id}/members", admin)
response.status.should == 200
json_response.first['name'].should == user2.name
json_response.first['access_level'].should == UsersProject::MASTER
end
end
end
describe "POST /user_teams/:id/members" do
context "when authenticated as user" do
it "should not add user2 as member of user_team1" do
post api("/user_teams/#{user_team1.id}/members", user1), user_id: user2.id, access_level: UsersProject::MASTER
response.status.should == 403
end
end
context "when authenticated as admin" do
it "should return ok and add new member" do
count_before=user_team1.user_team_user_relationships.count
post api("/user_teams/#{user_team1.id}/members", admin), user_id: user2.id, access_level: UsersProject::MASTER
response.status.should == 201
json_response['name'].should == user2.name
json_response['access_level'].should == UsersProject::MASTER
user_team1.user_team_user_relationships.count.should == count_before + 1
end
it "should return ok if member already exists" do
post api("/user_teams/#{user_team2.id}/members", admin), user_id: user2.id, access_level: UsersProject::MASTER
response.status.should == 409
end
it "should return a 400 error when user id is not given" do
post api("/user_teams/#{user_team2.id}/members", admin), access_level: UsersProject::MASTER
response.status.should == 400
end
it "should return a 400 error when access level is not given" do
post api("/user_teams/#{user_team2.id}/members", admin), user_id: user2.id
response.status.should == 400
end
it "should return a 422 error when access level is not known" do
post api("/user_teams/#{user_team2.id}/members", admin), user_id: user1.id, access_level: 1234
response.status.should == 422
end
end
end
# Get single member
describe "GET /user_teams/:id/members/:user_id" do
context "when authenticated as member" do
it "should show user1's membership of user_team1" do
get api("/user_teams/#{user_team1.id}/members/#{user1.id}", user1)
response.status.should == 200
json_response['name'].should == user1.name
json_response['access_level'].should == UsersProject::MASTER
end
it "should show that user2 is not member of user_team1" do
get api("/user_teams/#{user_team1.id}/members/#{user2.id}", user1)
response.status.should == 404
end
end
context "when authenticated as non-member" do
it "should not show user1's membership of user_team1" do
get api("/user_teams/#{user_team1.id}/members/#{user1.id}", user2)
response.status.should == 404
end
end
context "when authenticated as admin" do
it "should show user1's membership of user_team1" do
get api("/user_teams/#{user_team1.id}/members/#{user1.id}", admin)
response.status.should == 200
json_response['name'].should == user1.name
json_response['access_level'].should == UsersProject::MASTER
end
it "should return a 404 error when user id is not known" do
get api("/user_teams/#{user_team2.id}/members/1328", admin)
response.status.should == 404
end
end
end
describe "DELETE /user_teams/:id/members/:user_id" do
context "when authenticated as user" do
it "should not delete user1's membership of user_team1" do
delete api("/user_teams/#{user_team1.id}/members/#{user1.id}", user1)
response.status.should == 403
end
end
context "when authenticated as admin" do
it "should delete user1's membership of user_team1" do
count_before=user_team1.user_team_user_relationships.count
delete api("/user_teams/#{user_team1.id}/members/#{user1.id}", admin)
response.status.should == 200
user_team1.user_team_user_relationships.count.should == count_before - 1
end
it "should return a 404 error when user id is not known" do
delete api("/user_teams/#{user_team2.id}/members/1328", admin)
response.status.should == 404
end
end
end
# Projects
describe "GET /user_teams/:id/projects" do
context "when authenticated as user" do
it "should return project1 as assigned to user_team1 as member user1" do
get api("/user_teams/#{user_team1.id}/projects", user1)
response.status.should == 200
json_response.first['name'].should == project1.name
json_response.length.should == user_team1.user_team_project_relationships.count
end
end
context "when authenticated as admin" do
it "should return project2 as assigned to user_team2 as non-member, but admin" do
get api("/user_teams/#{user_team2.id}/projects", admin)
response.status.should == 200
json_response.first['name'].should == project2.name
json_response.first['greatest_access_level'].should == UsersProject::MASTER
end
end
end
describe "POST /user_teams/:id/projects" do
context "when authenticated as admin" do
it "should return ok and add new project" do
count_before=user_team1.user_team_project_relationships.count
post api("/user_teams/#{user_team1.id}/projects", admin),
project_id: project2.id,
greatest_access_level: UsersProject::MASTER
response.status.should == 201
json_response['name'].should == project2.name
json_response['greatest_access_level'].should == UsersProject::MASTER
user_team1.user_team_project_relationships.count.should == count_before + 1
end
it "should return ok if project already exists" do
post api("/user_teams/#{user_team2.id}/projects", admin),
project_id: project2.id,
greatest_access_level: UsersProject::MASTER
response.status.should == 409
end
it "should return a 400 error when project id is not given" do
post api("/user_teams/#{user_team2.id}/projects", admin), greatest_access_level: UsersProject::MASTER
response.status.should == 400
end
it "should return a 400 error when access level is not given" do
post api("/user_teams/#{user_team2.id}/projects", admin), project_id: project2.id
response.status.should == 400
end
it "should return a 422 error when access level is not known" do
post api("/user_teams/#{user_team2.id}/projects", admin),
project_id: project2.id,
greatest_access_level: 1234
response.status.should == 422
end
end
end
describe "GET /user_teams/:id/projects/:project_id" do
context "when authenticated as member" do
it "should show project1's assignment to user_team1" do
get api("/user_teams/#{user_team1.id}/projects/#{project1.id}", user1)
response.status.should == 200
json_response['name'].should == project1.name
json_response['greatest_access_level'].should == UsersProject::MASTER
end
it "should show project2's is not assigned to user_team1" do
get api("/user_teams/#{user_team1.id}/projects/#{project2.id}", user1)
response.status.should == 404
end
end
context "when authenticated as non-member" do
it "should not show project1's assignment to user_team1" do
get api("/user_teams/#{user_team1.id}/projects/#{project1.id}", user2)
response.status.should == 404
end
end
context "when authenticated as admin" do
it "should show project1's assignment to user_team1" do
get api("/user_teams/#{user_team1.id}/projects/#{project1.id}", admin)
response.status.should == 200
json_response['name'].should == project1.name
json_response['greatest_access_level'].should == UsersProject::MASTER
end
it "should return a 404 error when project id is not known" do
get api("/user_teams/#{user_team2.id}/projects/1328", admin)
response.status.should == 404
end
end
end
describe "DELETE /user_teams/:id/projects/:project_id" do
context "when authenticated as user" do
it "should not delete project1's assignment to user_team2" do
delete api("/user_teams/#{user_team2.id}/projects/#{project1.id}", user1)
response.status.should == 403
end
end
context "when authenticated as admin" do
it "should delete project1's assignment to user_team1" do
count_before=user_team1.user_team_project_relationships.count
delete api("/user_teams/#{user_team1.id}/projects/#{project1.id}", admin)
response.status.should == 200
user_team1.user_team_project_relationships.count.should == count_before - 1
end
it "should return a 404 error when project id is not known" do
delete api("/user_teams/#{user_team2.id}/projects/1328", admin)
response.status.should == 404
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment