Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
gitlab-ce
Commits
63a8af67
Commit
63a8af67
authored
10 years ago
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'split-api-files' into 'master'
Move project members api to separate file
parents
7bce8748
7c60713e
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
271 additions
and
256 deletions
+271
-256
lib/api/api.rb
lib/api/api.rb
+1
-0
lib/api/project_hooks.rb
lib/api/project_hooks.rb
+0
-9
lib/api/project_members.rb
lib/api/project_members.rb
+114
-0
lib/api/projects.rb
lib/api/projects.rb
+0
-105
spec/requests/api/project_members_spec.rb
spec/requests/api/project_members_spec.rb
+156
-0
spec/requests/api/projects_spec.rb
spec/requests/api/projects_spec.rb
+0
-142
No files found.
lib/api/api.rb
View file @
63a8af67
...
...
@@ -38,6 +38,7 @@ module API
mount
Internal
mount
SystemHooks
mount
ProjectSnippets
mount
ProjectMembers
mount
DeployKeys
mount
ProjectHooks
mount
Services
...
...
This diff is collapsed.
Click to expand it.
lib/api/project_hooks.rb
View file @
63a8af67
...
...
@@ -5,15 +5,6 @@ module API
before
{
authorize_admin_project
}
resource
:projects
do
helpers
do
def
handle_project_member_errors
(
errors
)
if
errors
[
:project_access
].
any?
error!
(
errors
[
:project_access
],
422
)
end
not_found!
end
end
# Get project hooks
#
# Parameters:
...
...
This diff is collapsed.
Click to expand it.
lib/api/project_members.rb
0 → 100644
View file @
63a8af67
module
API
# Projects members API
class
ProjectMembers
<
Grape
::
API
before
{
authenticate!
}
resource
:projects
do
helpers
do
def
handle_project_member_errors
(
errors
)
if
errors
[
:project_access
].
any?
error!
(
errors
[
:project_access
],
422
)
end
not_found!
end
end
# Get a project team members
#
# Parameters:
# id (required) - The ID of a project
# query - Query string
# Example Request:
# GET /projects/:id/members
get
":id/members"
do
if
params
[
:query
].
present?
@members
=
paginate
user_project
.
users
.
where
(
"username LIKE ?"
,
"%
#{
params
[
:query
]
}
%"
)
else
@members
=
paginate
user_project
.
users
end
present
@members
,
with:
Entities
::
ProjectMember
,
project:
user_project
end
# Get a project team members
#
# Parameters:
# id (required) - The ID of a project
# user_id (required) - The ID of a user
# Example Request:
# GET /projects/:id/members/:user_id
get
":id/members/:user_id"
do
@member
=
user_project
.
users
.
find
params
[
:user_id
]
present
@member
,
with:
Entities
::
ProjectMember
,
project:
user_project
end
# Add a new project team member
#
# Parameters:
# id (required) - The ID of a project
# user_id (required) - The ID of a user
# access_level (required) - Project access level
# Example Request:
# POST /projects/:id/members
post
":id/members"
do
authorize!
:admin_project
,
user_project
required_attributes!
[
:user_id
,
:access_level
]
# either the user is already a team member or a new one
team_member
=
user_project
.
team_member_by_id
(
params
[
:user_id
])
if
team_member
.
nil?
team_member
=
user_project
.
users_projects
.
new
(
user_id:
params
[
:user_id
],
project_access:
params
[
:access_level
]
)
end
if
team_member
.
save
@member
=
team_member
.
user
present
@member
,
with:
Entities
::
ProjectMember
,
project:
user_project
else
handle_project_member_errors
team_member
.
errors
end
end
# Update project team member
#
# Parameters:
# id (required) - The ID of a project
# user_id (required) - The ID of a team member
# access_level (required) - Project access level
# Example Request:
# PUT /projects/:id/members/:user_id
put
":id/members/:user_id"
do
authorize!
:admin_project
,
user_project
required_attributes!
[
:access_level
]
team_member
=
user_project
.
users_projects
.
find_by
(
user_id:
params
[
:user_id
])
not_found!
(
"User can not be found"
)
if
team_member
.
nil?
if
team_member
.
update_attributes
(
project_access:
params
[
:access_level
])
@member
=
team_member
.
user
present
@member
,
with:
Entities
::
ProjectMember
,
project:
user_project
else
handle_project_member_errors
team_member
.
errors
end
end
# Remove a team member from project
#
# Parameters:
# id (required) - The ID of a project
# user_id (required) - The ID of a team member
# Example Request:
# DELETE /projects/:id/members/:user_id
delete
":id/members/:user_id"
do
authorize!
:admin_project
,
user_project
team_member
=
user_project
.
users_projects
.
find_by
(
user_id:
params
[
:user_id
])
unless
team_member
.
nil?
team_member
.
destroy
else
{
message:
"Access revoked"
,
id:
params
[
:user_id
].
to_i
}
end
end
end
end
end
This diff is collapsed.
Click to expand it.
lib/api/projects.rb
View file @
63a8af67
...
...
@@ -5,13 +5,6 @@ module API
resource
:projects
do
helpers
do
def
handle_project_member_errors
(
errors
)
if
errors
[
:project_access
].
any?
error!
(
errors
[
:project_access
],
422
)
end
not_found!
end
def
map_public_to_visibility_level
(
attrs
)
publik
=
attrs
.
delete
(
:public
)
publik
=
[
true
,
1
,
'1'
,
't'
,
'T'
,
'true'
,
'TRUE'
,
'on'
,
'ON'
].
include?
(
publik
)
...
...
@@ -196,104 +189,6 @@ module API
user_project
.
forked_project_link
.
destroy
end
end
# Get a project team members
#
# Parameters:
# id (required) - The ID of a project
# query - Query string
# Example Request:
# GET /projects/:id/members
get
":id/members"
do
if
params
[
:query
].
present?
@members
=
paginate
user_project
.
users
.
where
(
"username LIKE ?"
,
"%
#{
params
[
:query
]
}
%"
)
else
@members
=
paginate
user_project
.
users
end
present
@members
,
with:
Entities
::
ProjectMember
,
project:
user_project
end
# Get a project team members
#
# Parameters:
# id (required) - The ID of a project
# user_id (required) - The ID of a user
# Example Request:
# GET /projects/:id/members/:user_id
get
":id/members/:user_id"
do
@member
=
user_project
.
users
.
find
params
[
:user_id
]
present
@member
,
with:
Entities
::
ProjectMember
,
project:
user_project
end
# Add a new project team member
#
# Parameters:
# id (required) - The ID of a project
# user_id (required) - The ID of a user
# access_level (required) - Project access level
# Example Request:
# POST /projects/:id/members
post
":id/members"
do
authorize!
:admin_project
,
user_project
required_attributes!
[
:user_id
,
:access_level
]
# either the user is already a team member or a new one
team_member
=
user_project
.
team_member_by_id
(
params
[
:user_id
])
if
team_member
.
nil?
team_member
=
user_project
.
users_projects
.
new
(
user_id:
params
[
:user_id
],
project_access:
params
[
:access_level
]
)
end
if
team_member
.
save
@member
=
team_member
.
user
present
@member
,
with:
Entities
::
ProjectMember
,
project:
user_project
else
handle_project_member_errors
team_member
.
errors
end
end
# Update project team member
#
# Parameters:
# id (required) - The ID of a project
# user_id (required) - The ID of a team member
# access_level (required) - Project access level
# Example Request:
# PUT /projects/:id/members/:user_id
put
":id/members/:user_id"
do
authorize!
:admin_project
,
user_project
required_attributes!
[
:access_level
]
team_member
=
user_project
.
users_projects
.
find_by
(
user_id:
params
[
:user_id
])
not_found!
(
"User can not be found"
)
if
team_member
.
nil?
if
team_member
.
update_attributes
(
project_access:
params
[
:access_level
])
@member
=
team_member
.
user
present
@member
,
with:
Entities
::
ProjectMember
,
project:
user_project
else
handle_project_member_errors
team_member
.
errors
end
end
# Remove a team member from project
#
# Parameters:
# id (required) - The ID of a project
# user_id (required) - The ID of a team member
# Example Request:
# DELETE /projects/:id/members/:user_id
delete
":id/members/:user_id"
do
authorize!
:admin_project
,
user_project
team_member
=
user_project
.
users_projects
.
find_by
(
user_id:
params
[
:user_id
])
unless
team_member
.
nil?
team_member
.
destroy
else
{
message:
"Access revoked"
,
id:
params
[
:user_id
].
to_i
}
end
end
# search for projects current_user has access to
#
# Parameters:
...
...
This diff is collapsed.
Click to expand it.
spec/requests/api/project_members_spec.rb
0 → 100644
View file @
63a8af67
require
'spec_helper'
describe
API
::
API
do
include
ApiHelpers
before
(
:each
)
{
enable_observers
}
after
(
:each
)
{
disable_observers
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:user2
)
{
create
(
:user
)
}
let
(
:user3
)
{
create
(
:user
)
}
let
(
:project
)
{
create
(
:project
,
creator_id:
user
.
id
,
namespace:
user
.
namespace
)
}
let
(
:users_project
)
{
create
(
:users_project
,
user:
user
,
project:
project
,
project_access:
UsersProject
::
MASTER
)
}
let
(
:users_project2
)
{
create
(
:users_project
,
user:
user3
,
project:
project
,
project_access:
UsersProject
::
DEVELOPER
)
}
describe
"GET /projects/:id/members"
do
before
{
users_project
}
before
{
users_project2
}
it
"should return project team members"
do
get
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
)
response
.
status
.
should
==
200
json_response
.
should
be_an
Array
json_response
.
count
.
should
==
2
json_response
.
map
{
|
u
|
u
[
'email'
]
}.
should
include
user
.
email
end
it
"finds team members with query string"
do
get
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
query:
user
.
username
response
.
status
.
should
==
200
json_response
.
should
be_an
Array
json_response
.
count
.
should
==
1
json_response
.
first
[
'email'
].
should
==
user
.
email
end
it
"should return a 404 error if id not found"
do
get
api
(
"/projects/9999/members"
,
user
)
response
.
status
.
should
==
404
end
end
describe
"GET /projects/:id/members/:user_id"
do
before
{
users_project
}
it
"should return project team member"
do
get
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user
.
id
}
"
,
user
)
response
.
status
.
should
==
200
json_response
[
'email'
].
should
==
user
.
email
json_response
[
'access_level'
].
should
==
UsersProject
::
MASTER
end
it
"should return a 404 error if user id not found"
do
get
api
(
"/projects/
#{
project
.
id
}
/members/1234"
,
user
)
response
.
status
.
should
==
404
end
end
describe
"POST /projects/:id/members"
do
it
"should add user to project team"
do
expect
{
post
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
user_id:
user2
.
id
,
access_level:
UsersProject
::
DEVELOPER
}.
to
change
{
UsersProject
.
count
}.
by
(
1
)
response
.
status
.
should
==
201
json_response
[
'email'
].
should
==
user2
.
email
json_response
[
'access_level'
].
should
==
UsersProject
::
DEVELOPER
end
it
"should return a 201 status if user is already project member"
do
post
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
user_id:
user2
.
id
,
access_level:
UsersProject
::
DEVELOPER
expect
{
post
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
user_id:
user2
.
id
,
access_level:
UsersProject
::
DEVELOPER
}.
not_to
change
{
UsersProject
.
count
}.
by
(
1
)
response
.
status
.
should
==
201
json_response
[
'email'
].
should
==
user2
.
email
json_response
[
'access_level'
].
should
==
UsersProject
::
DEVELOPER
end
it
"should return a 400 error when user id is not given"
do
post
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
access_level:
UsersProject
::
MASTER
response
.
status
.
should
==
400
end
it
"should return a 400 error when access level is not given"
do
post
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
user_id:
user2
.
id
response
.
status
.
should
==
400
end
it
"should return a 422 error when access level is not known"
do
post
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
user_id:
user2
.
id
,
access_level:
1234
response
.
status
.
should
==
422
end
end
describe
"PUT /projects/:id/members/:user_id"
do
before
{
users_project2
}
it
"should update project team member"
do
put
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
),
access_level:
UsersProject
::
MASTER
response
.
status
.
should
==
200
json_response
[
'email'
].
should
==
user3
.
email
json_response
[
'access_level'
].
should
==
UsersProject
::
MASTER
end
it
"should return a 404 error if user_id is not found"
do
put
api
(
"/projects/
#{
project
.
id
}
/members/1234"
,
user
),
access_level:
UsersProject
::
MASTER
response
.
status
.
should
==
404
end
it
"should return a 400 error when access level is not given"
do
put
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
)
response
.
status
.
should
==
400
end
it
"should return a 422 error when access level is not known"
do
put
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
),
access_level:
123
response
.
status
.
should
==
422
end
end
describe
"DELETE /projects/:id/members/:user_id"
do
before
{
users_project
}
before
{
users_project2
}
it
"should remove user from project team"
do
expect
{
delete
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
)
}.
to
change
{
UsersProject
.
count
}.
by
(
-
1
)
end
it
"should return 200 if team member is not part of a project"
do
delete
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
)
expect
{
delete
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
)
}.
to_not
change
{
UsersProject
.
count
}.
by
(
1
)
end
it
"should return 200 if team member already removed"
do
delete
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
)
delete
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
)
response
.
status
.
should
==
200
end
it
"should return 200 OK when the user was not member"
do
expect
{
delete
api
(
"/projects/
#{
project
.
id
}
/members/1000000"
,
user
)
}.
to
change
{
UsersProject
.
count
}.
by
(
0
)
response
.
status
.
should
==
200
json_response
[
'message'
].
should
==
"Access revoked"
json_response
[
'id'
].
should
==
1000000
end
end
end
This diff is collapsed.
Click to expand it.
spec/requests/api/projects_spec.rb
View file @
63a8af67
...
...
@@ -311,148 +311,6 @@ describe API::API do
end
end
describe
"GET /projects/:id/members"
do
before
{
users_project
}
before
{
users_project2
}
it
"should return project team members"
do
get
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
)
response
.
status
.
should
==
200
json_response
.
should
be_an
Array
json_response
.
count
.
should
==
2
json_response
.
map
{
|
u
|
u
[
'email'
]
}.
should
include
user
.
email
end
it
"finds team members with query string"
do
get
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
query:
user
.
username
response
.
status
.
should
==
200
json_response
.
should
be_an
Array
json_response
.
count
.
should
==
1
json_response
.
first
[
'email'
].
should
==
user
.
email
end
it
"should return a 404 error if id not found"
do
get
api
(
"/projects/9999/members"
,
user
)
response
.
status
.
should
==
404
end
end
describe
"GET /projects/:id/members/:user_id"
do
before
{
users_project
}
it
"should return project team member"
do
get
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user
.
id
}
"
,
user
)
response
.
status
.
should
==
200
json_response
[
'email'
].
should
==
user
.
email
json_response
[
'access_level'
].
should
==
UsersProject
::
MASTER
end
it
"should return a 404 error if user id not found"
do
get
api
(
"/projects/
#{
project
.
id
}
/members/1234"
,
user
)
response
.
status
.
should
==
404
end
end
describe
"POST /projects/:id/members"
do
it
"should add user to project team"
do
expect
{
post
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
user_id:
user2
.
id
,
access_level:
UsersProject
::
DEVELOPER
}.
to
change
{
UsersProject
.
count
}.
by
(
1
)
response
.
status
.
should
==
201
json_response
[
'email'
].
should
==
user2
.
email
json_response
[
'access_level'
].
should
==
UsersProject
::
DEVELOPER
end
it
"should return a 201 status if user is already project member"
do
post
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
user_id:
user2
.
id
,
access_level:
UsersProject
::
DEVELOPER
expect
{
post
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
user_id:
user2
.
id
,
access_level:
UsersProject
::
DEVELOPER
}.
not_to
change
{
UsersProject
.
count
}.
by
(
1
)
response
.
status
.
should
==
201
json_response
[
'email'
].
should
==
user2
.
email
json_response
[
'access_level'
].
should
==
UsersProject
::
DEVELOPER
end
it
"should return a 400 error when user id is not given"
do
post
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
access_level:
UsersProject
::
MASTER
response
.
status
.
should
==
400
end
it
"should return a 400 error when access level is not given"
do
post
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
user_id:
user2
.
id
response
.
status
.
should
==
400
end
it
"should return a 422 error when access level is not known"
do
post
api
(
"/projects/
#{
project
.
id
}
/members"
,
user
),
user_id:
user2
.
id
,
access_level:
1234
response
.
status
.
should
==
422
end
end
describe
"PUT /projects/:id/members/:user_id"
do
before
{
users_project2
}
it
"should update project team member"
do
put
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
),
access_level:
UsersProject
::
MASTER
response
.
status
.
should
==
200
json_response
[
'email'
].
should
==
user3
.
email
json_response
[
'access_level'
].
should
==
UsersProject
::
MASTER
end
it
"should return a 404 error if user_id is not found"
do
put
api
(
"/projects/
#{
project
.
id
}
/members/1234"
,
user
),
access_level:
UsersProject
::
MASTER
response
.
status
.
should
==
404
end
it
"should return a 400 error when access level is not given"
do
put
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
)
response
.
status
.
should
==
400
end
it
"should return a 422 error when access level is not known"
do
put
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
),
access_level:
123
response
.
status
.
should
==
422
end
end
describe
"DELETE /projects/:id/members/:user_id"
do
before
{
users_project
}
before
{
users_project2
}
it
"should remove user from project team"
do
expect
{
delete
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
)
}.
to
change
{
UsersProject
.
count
}.
by
(
-
1
)
end
it
"should return 200 if team member is not part of a project"
do
delete
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
)
expect
{
delete
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
)
}.
to_not
change
{
UsersProject
.
count
}.
by
(
1
)
end
it
"should return 200 if team member already removed"
do
delete
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
)
delete
api
(
"/projects/
#{
project
.
id
}
/members/
#{
user3
.
id
}
"
,
user
)
response
.
status
.
should
==
200
end
it
"should return 200 OK when the user was not member"
do
expect
{
delete
api
(
"/projects/
#{
project
.
id
}
/members/1000000"
,
user
)
}.
to
change
{
UsersProject
.
count
}.
by
(
0
)
response
.
status
.
should
==
200
json_response
[
'message'
].
should
==
"Access revoked"
json_response
[
'id'
].
should
==
1000000
end
end
describe
"GET /projects/:id/snippets"
do
before
{
snippet
}
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment