Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
fadcc251
Commit
fadcc251
authored
Sep 05, 2013
by
Izaak Alpert
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fixes for @randx
Change-Id: I3b15ae34c0957a0f4026e1886c92a9770e9d170e
parent
8248e1f2
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
10 additions
and
5 deletions
+10
-5
lib/api/groups.rb
lib/api/groups.rb
+4
-3
spec/requests/api/groups_spec.rb
spec/requests/api/groups_spec.rb
+6
-2
No files found.
lib/api/groups.rb
View file @
fadcc251
...
@@ -14,9 +14,10 @@ module API
...
@@ -14,9 +14,10 @@ module API
end
end
end
end
def
validate_access_level?
(
level
)
def
validate_access_level?
(
level
)
[
UsersGroup
::
GUEST
,
UsersGroup
::
REPORTER
,
UsersGroup
::
DEVELOPER
,
UsersGroup
::
MASTER
]
.
include?
level
.
to_i
Gitlab
::
Access
.
options_with_owner
.
values
.
include?
level
.
to_i
end
end
end
end
# Get a groups list
# Get a groups list
#
#
# Example Request:
# Example Request:
...
@@ -88,7 +89,7 @@ module API
...
@@ -88,7 +89,7 @@ module API
get
":id/members"
do
get
":id/members"
do
group
=
find_group
(
params
[
:id
])
group
=
find_group
(
params
[
:id
])
members
=
group
.
users_groups
members
=
group
.
users_groups
users
=
(
paginate
members
).
collect
{
|
member
|
member
.
user
}
users
=
(
paginate
members
).
collect
(
&
:user
)
present
users
,
with:
Entities
::
GroupMember
,
group:
group
present
users
,
with:
Entities
::
GroupMember
,
group:
group
end
end
...
@@ -102,7 +103,7 @@ module API
...
@@ -102,7 +103,7 @@ module API
# POST /groups/:id/members
# POST /groups/:id/members
post
":id/members"
do
post
":id/members"
do
required_attributes!
[
:user_id
,
:access_level
]
required_attributes!
[
:user_id
,
:access_level
]
if
not
validate_access_level?
(
params
[
:access_level
])
unless
validate_access_level?
(
params
[
:access_level
])
render_api_error!
(
"Wrong access level"
,
422
)
render_api_error!
(
"Wrong access level"
,
422
)
end
end
group
=
find_group
(
params
[
:id
])
group
=
find_group
(
params
[
:id
])
...
...
spec/requests/api/groups_spec.rb
View file @
fadcc251
...
@@ -108,7 +108,6 @@ describe API::API do
...
@@ -108,7 +108,6 @@ describe API::API do
Project
.
stub
(
:find
).
and_return
(
project
)
Project
.
stub
(
:find
).
and_return
(
project
)
end
end
context
"when authenticated as user"
do
context
"when authenticated as user"
do
it
"should not transfer project to group"
do
it
"should not transfer project to group"
do
post
api
(
"/groups/
#{
group1
.
id
}
/projects/
#{
project
.
id
}
"
,
user2
)
post
api
(
"/groups/
#{
group1
.
id
}
/projects/
#{
project
.
id
}
"
,
user2
)
...
@@ -139,6 +138,7 @@ describe API::API do
...
@@ -139,6 +138,7 @@ describe API::API do
group
group
end
end
let!
(
:group_no_members
)
{
create
(
:group
,
owner:
owner
)
}
let!
(
:group_no_members
)
{
create
(
:group
,
owner:
owner
)
}
describe
"GET /groups/:id/members"
do
describe
"GET /groups/:id/members"
do
context
"when authenticated as user that is part or the group"
do
context
"when authenticated as user that is part or the group"
do
it
"each user: should return an array of members groups of group3"
do
it
"each user: should return an array of members groups of group3"
do
...
@@ -154,6 +154,7 @@ describe API::API do
...
@@ -154,6 +154,7 @@ describe API::API do
json_response
.
find
{
|
e
|
e
[
'id'
]
==
guest
.
id
}[
'access_level'
].
should
==
UsersGroup
::
GUEST
json_response
.
find
{
|
e
|
e
[
'id'
]
==
guest
.
id
}[
'access_level'
].
should
==
UsersGroup
::
GUEST
end
end
end
end
it
"users not part of the group should get access error"
do
it
"users not part of the group should get access error"
do
get
api
(
"/groups/
#{
group_with_members
.
id
}
/members"
,
user1
)
get
api
(
"/groups/
#{
group_with_members
.
id
}
/members"
,
user1
)
response
.
status
.
should
==
403
response
.
status
.
should
==
403
...
@@ -179,14 +180,17 @@ describe API::API do
...
@@ -179,14 +180,17 @@ describe API::API do
json_response
[
'access_level'
].
should
==
UsersGroup
::
MASTER
json_response
[
'access_level'
].
should
==
UsersGroup
::
MASTER
group_no_members
.
users_groups
.
count
.
should
==
count_before
+
1
group_no_members
.
users_groups
.
count
.
should
==
count_before
+
1
end
end
it
"should return error if member already exists"
do
it
"should return error if member already exists"
do
post
api
(
"/groups/
#{
group_with_members
.
id
}
/members"
,
owner
),
user_id:
master
.
id
,
access_level:
UsersGroup
::
MASTER
post
api
(
"/groups/
#{
group_with_members
.
id
}
/members"
,
owner
),
user_id:
master
.
id
,
access_level:
UsersGroup
::
MASTER
response
.
status
.
should
==
409
response
.
status
.
should
==
409
end
end
it
"should return a 400 error when user id is not given"
do
it
"should return a 400 error when user id is not given"
do
post
api
(
"/groups/
#{
group_no_members
.
id
}
/members"
,
owner
),
access_level:
UsersGroup
::
MASTER
post
api
(
"/groups/
#{
group_no_members
.
id
}
/members"
,
owner
),
access_level:
UsersGroup
::
MASTER
response
.
status
.
should
==
400
response
.
status
.
should
==
400
end
end
it
"should return a 400 error when access level is not given"
do
it
"should return a 400 error when access level is not given"
do
post
api
(
"/groups/
#{
group_no_members
.
id
}
/members"
,
owner
),
user_id:
master
.
id
post
api
(
"/groups/
#{
group_no_members
.
id
}
/members"
,
owner
),
user_id:
master
.
id
response
.
status
.
should
==
400
response
.
status
.
should
==
400
...
@@ -196,7 +200,6 @@ describe API::API do
...
@@ -196,7 +200,6 @@ describe API::API do
post
api
(
"/groups/
#{
group_no_members
.
id
}
/members"
,
owner
),
user_id:
master
.
id
,
access_level:
1234
post
api
(
"/groups/
#{
group_no_members
.
id
}
/members"
,
owner
),
user_id:
master
.
id
,
access_level:
1234
response
.
status
.
should
==
422
response
.
status
.
should
==
422
end
end
end
end
end
end
...
@@ -216,6 +219,7 @@ describe API::API do
...
@@ -216,6 +219,7 @@ describe API::API do
response
.
status
.
should
==
200
response
.
status
.
should
==
200
group_with_members
.
users_groups
.
count
.
should
==
count_before
-
1
group_with_members
.
users_groups
.
count
.
should
==
count_before
-
1
end
end
it
"should return a 404 error when user id is not known"
do
it
"should return a 404 error when user id is not known"
do
delete
api
(
"/groups/
#{
group_with_members
.
id
}
/members/1328"
,
owner
)
delete
api
(
"/groups/
#{
group_with_members
.
id
}
/members/1328"
,
owner
)
response
.
status
.
should
==
404
response
.
status
.
should
==
404
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment