fix specs. Stage 4

lib/ci/api/forks.rb

@@ -18,11 +18,8 @@ module Ci
           project = Ci::Project.find_by!(gitlab_id: params[:project_id])
           authenticate_project_token!(project)
 
-          user_session = Ci::UserSession.new
-          user = user_session.authenticate(private_token: params[:private_token])
-
           fork = Ci::CreateProjectService.new.execute(
-            user,
+            current_user,
             params[:data],
             Ci::RoutesHelper.ci_project_url(":project_id"),
             project

lib/ci/api/projects.rb

@@ -17,7 +17,7 @@ module Ci
 
           project = Ci::Project.find(params[:project_id])
 
-          unauthorized! unless can?(current_user, :manage_project, project.gl_project)
+          unauthorized! unless can?(current_user, :admin_project, project.gl_project)
 
           web_hook = project.web_hooks.new({ url: params[:web_hook] })
 
@@ -119,7 +119,7 @@ module Ci
         put ":id" do
           project = Ci::Project.find(params[:id])
 
-          unauthorized! unless can?(current_user, :manage_project, project.gl_project)
+          unauthorized! unless can?(current_user, :admin_project, project.gl_project)
 
           attrs = attributes_for_keys [:name, :gitlab_id, :path, :gitlab_url, :default_ref, :ssh_url_to_repo]
 
@@ -145,7 +145,7 @@ module Ci
         delete ":id" do
           project = Ci::Project.find(params[:id])
 
-          unauthorized! unless can?(current_user, :manage_project, project.gl_project)
+          unauthorized! unless can?(current_user, :admin_project, project.gl_project)
 
           project.destroy
         end
@@ -161,7 +161,7 @@ module Ci
           project = Ci::Project.find(params[:id])
           runner  = Ci::Runner.find(params[:runner_id])
 
-          unauthorized! unless can?(current_user, :manage_project, project.gl_project)
+          unauthorized! unless can?(current_user, :admin_project, project.gl_project)
 
           options = {
             project_id: project.id,
@@ -189,7 +189,7 @@ module Ci
           project = Ci::Project.find(params[:id])
           runner  = Ci::Runner.find(params[:runner_id])
 
-          unauthorized! unless can?(current_user, :manage_project, project.gl_project)
+          unauthorized! unless can?(current_user, :admin_project, project.gl_project)
 
           options = {
             project_id: project.id,

spec/requests/ci/api/commits_spec.rb

@@ -17,7 +17,7 @@ describe Ci::API::API, 'Commits' do
     before { commit }
 
     it "should return commits per project" do
-      get api("/commits"), options
+      get ci_api("/commits"), options
 
       expect(response.status).to eq(200)
       expect(json_response.count).to eq(1)
@@ -49,14 +49,14 @@ describe Ci::API::API, 'Commits' do
     end
 
     it "should create a build" do
-      post api("/commits"), options.merge(data: data)
+      post ci_api("/commits"), options.merge(data: data)
 
       expect(response.status).to eq(201)
       expect(json_response['sha']).to eq("da1560886d4f094c3e6c9ef40349f7d38b5d27d7")
     end
 
     it "should return 400 error if no data passed" do
-      post api("/commits"), options
+      post ci_api("/commits"), options
 
       expect(response.status).to eq(400)
       expect(json_response['message']).to eq("400 (Bad request) \"data\" not given")

spec/requests/ci/api/forks_spec.rb

@@ -4,13 +4,12 @@ describe Ci::API::API do
   include ApiHelpers
 
   let(:project) { FactoryGirl.create(:ci_project) }
-  let(:gitlab_url) { GitlabCi.config.gitlab_server.url }
-  let(:private_token) { Network.new.authenticate(access_token: "some_token")["private_token"] }
+  let(:private_token) { create(:user).private_token }
 
   let(:options) do
     {
       private_token: private_token,
-      url: gitlab_url
+      url: GitlabCi.config.gitlab_ci.url
     }
   end
 
@@ -25,7 +24,7 @@ describe Ci::API::API do
         project_id: project.gitlab_id,
         project_token: project.token,
         data: {
-          id:                  2,
+          id:                  create(:empty_project).id,
           name_with_namespace: "Gitlab.org / Underscore",
           path_with_namespace: "gitlab-org/underscore",
           default_branch:      "master",
@@ -40,7 +39,7 @@ describe Ci::API::API do
       end
 
       it "should create a project with valid data" do
-        post api("/forks"), options
+        post ci_api("/forks"), options
         expect(response.status).to eq(201)
         expect(json_response['name']).to eq("Gitlab.org / Underscore")
       end
@@ -52,7 +51,7 @@ describe Ci::API::API do
       end
 
       it "should error with invalid data" do
-        post api("/forks"), options
+        post ci_api("/forks"), options
         expect(response.status).to eq(400)
       end
     end

spec/requests/ci/api/projects_spec.rb

@@ -66,10 +66,10 @@ describe Ci::API::API do
 
       before do
         options.merge!(webhook)
-        project.gl_project.team << [user, :master]
       end
 
       it "should create webhook for specified project" do
+        project.gl_project.team << [user, :master]
         post ci_api("/projects/#{project.id}/webhooks"), options
         expect(response.status).to eq(201)
         expect(json_response["url"]).to eq(webhook[:web_hook])
@@ -81,7 +81,6 @@ describe Ci::API::API do
       end
 
       it "non-manager is not authorized" do
-        allow_any_instance_of(User).to receive(:can_manage_project?).and_return(false)
         post ci_api("/projects/#{project.id}/webhooks"), options
         expect(response.status).to eq(401)
       end
@@ -95,6 +94,7 @@ describe Ci::API::API do
       end
 
       it "fails to create webhook for not valid url" do
+        project.gl_project.team << [user, :master]
         post ci_api("/projects/#{project.id}/webhooks"), options
         expect(response.status).to eq(400)
       end
@@ -102,6 +102,7 @@ describe Ci::API::API do
 
     context "Missed web_hook parameter" do
       it "fails to create webhook for not provided url" do
+        project.gl_project.team << [user, :master]
         post ci_api("/projects/#{project.id}/webhooks"), options
         expect(response.status).to eq(400)
       end
@@ -140,6 +141,7 @@ describe Ci::API::API do
     end
 
     it "should update a specific project's information" do
+      project.gl_project.team << [user, :master]
       put ci_api("/projects/#{project.id}"), options
       expect(response.status).to eq(200)
       expect(json_response["name"]).to eq(project_info[:name])
@@ -151,7 +153,6 @@ describe Ci::API::API do
     end
 
     it "non-manager is not authorized" do
-      allow_any_instance_of(User).to receive(:can_manage_project?).and_return(false)
       put ci_api("/projects/#{project.id}"), options
       expect(response.status).to eq(401)
     end
@@ -161,14 +162,13 @@ describe Ci::API::API do
     let!(:project) { FactoryGirl.create(:ci_project) }
 
     it "should delete a specific project" do
+      project.gl_project.team << [user, :master]
       delete ci_api("/projects/#{project.id}"), options
       expect(response.status).to eq(200)
-
       expect { project.reload }.to raise_error
     end
 
     it "non-manager is not authorized" do
-      allow_any_instance_of(User).to receive(:can_manage_project?).and_return(false)
       delete ci_api("/projects/#{project.id}"), options
       expect(response.status).to eq(401)
     end
@@ -219,6 +219,7 @@ describe Ci::API::API do
       let(:runner) { FactoryGirl.create(:ci_runner) }
 
       it "should add the project to the runner" do
+        project.gl_project.team << [user, :master]
         post ci_api("/projects/#{project.id}/runners/#{runner.id}"), options
         expect(response.status).to eq(201)
 
@@ -245,11 +246,10 @@ describe Ci::API::API do
       let(:project) { FactoryGirl.create(:ci_project) }
       let(:runner) { FactoryGirl.create(:ci_runner) }
 
-      before do
+      it "should remove the project from the runner" do
+        project.gl_project.team << [user, :master]
         post ci_api("/projects/#{project.id}/runners/#{runner.id}"), options
-      end
 
-      it "should remove the project from the runner" do
         expect(project.runners).to be_present
         delete ci_api("/projects/#{project.id}/runners/#{runner.id}"), options
         expect(response.status).to eq(200)
@@ -259,8 +259,7 @@ describe Ci::API::API do
       end
 
       it "non-manager is not authorized" do
-        allow_any_instance_of(User).to receive(:can_manage_project?).and_return(false)
-        post ci_api("/projects/#{project.id}/runners/#{runner.id}"), options
+        delete ci_api("/projects/#{project.id}/runners/#{runner.id}"), options
         expect(response.status).to eq(401)
       end
     end

spec/requests/ci/api/triggers_spec.rb

@@ -16,17 +16,17 @@ describe Ci::API::API do
 
     context 'Handles errors' do
       it 'should return bad request if token is missing' do
-        post api("/projects/#{project.id}/refs/master/trigger")
+        post ci_api("/projects/#{project.id}/refs/master/trigger")
         expect(response.status).to eq(400)
       end
 
       it 'should return not found if project is not found' do
-        post api('/projects/0/refs/master/trigger'), options
+        post ci_api('/projects/0/refs/master/trigger'), options
         expect(response.status).to eq(404)
       end
 
       it 'should return unauthorized if token is for different project' do
-        post api("/projects/#{project2.id}/refs/master/trigger"), options
+        post ci_api("/projects/#{project2.id}/refs/master/trigger"), options
         expect(response.status).to eq(401)
       end
     end
@@ -37,14 +37,14 @@ describe Ci::API::API do
       end
 
       it 'should create builds' do
-        post api("/projects/#{project.id}/refs/master/trigger"), options
+        post ci_api("/projects/#{project.id}/refs/master/trigger"), options
         expect(response.status).to eq(201)
         @commit.builds.reload
         expect(@commit.builds.size).to eq(2)
       end
 
       it 'should return bad request with no builds created if there\'s no commit for that ref' do
-        post api("/projects/#{project.id}/refs/other-branch/trigger"), options
+        post ci_api("/projects/#{project.id}/refs/other-branch/trigger"), options
         expect(response.status).to eq(400)
         expect(json_response['message']).to eq('No builds created')
       end
@@ -55,19 +55,19 @@ describe Ci::API::API do
         end
 
         it 'should validate variables to be a hash' do
-          post api("/projects/#{project.id}/refs/master/trigger"), options.merge(variables: 'value')
+          post ci_api("/projects/#{project.id}/refs/master/trigger"), options.merge(variables: 'value')
           expect(response.status).to eq(400)
           expect(json_response['message']).to eq('variables needs to be a hash')
         end
 
         it 'should validate variables needs to be a map of key-valued strings' do
-          post api("/projects/#{project.id}/refs/master/trigger"), options.merge(variables: { key: %w(1 2) })
+          post ci_api("/projects/#{project.id}/refs/master/trigger"), options.merge(variables: { key: %w(1 2) })
           expect(response.status).to eq(400)
           expect(json_response['message']).to eq('variables needs to be a map of key-valued strings')
         end
 
         it 'create trigger request with variables' do
-          post api("/projects/#{project.id}/refs/master/trigger"), options.merge(variables: variables)
+          post ci_api("/projects/#{project.id}/refs/master/trigger"), options.merge(variables: variables)
           expect(response.status).to eq(201)
           @commit.builds.reload
           expect(@commit.builds.first.trigger_request.variables).to eq(variables)