Merge branch 'master' into ci/api-triggers

* master: Fix version Improve the consistency of commit titles, branch names, tag names, issue/MR titles, on their respective project pages Update CHANGELOG [ci skip] Add some cosmetic changes to variables API documentation [ci skip] Modify builds API documentation style [ci skip] Modify :ci_variable factory Add 'Build' prefix to Variables entry name in API docs index Fix some typos Add some fixes after review Remove blank line Update ./doc/api Change :variable_id to :key as resource ID in API Fix a typo in method description Add create feature to variables API Add missing 'not_found' checks in variables API Add delete feature to variables API Add update feature for variables API Add features for list and show details of variables in API Conflicts: doc/api/README.md lib/api/entities.rb

Merge branch 'master' into ci/api-triggers
* master: Fix version Improve the consistency of commit titles, branch names, tag names, issue/MR titles, on their respective project pages Update CHANGELOG [ci skip] Add some cosmetic changes to variables API documentation [ci skip] Modify builds API documentation style [ci skip] Modify :ci_variable factory Add 'Build' prefix to Variables entry name in API docs index Fix some typos Add some fixes after review Remove blank line Update ./doc/api Change :variable_id to :key as resource ID in API Fix a typo in method description Add create feature to variables API Add missing 'not_found' checks in variables API Add delete feature to variables API Add update feature for variables API Add features for list and show details of variables in API Conflicts: doc/api/README.md lib/api/entities.rb
af3b97cd · Tomasz Maczukin · 41eedd45 · f981da44 · af3b97cd · af3b97cd
Commit af3b97cd authored Jan 14, 2016 by Tomasz Maczukin
20 changed files
--- a/CHANGELOG
+++ b/CHANGELOG
 Please view this file on the master branch, on stable branches it's out of date.
 v 8.4.0 (unreleased)
+  - Improve the consistency of commit titles, branch names, tag names, issue/MR titles, on their respective project pages
  - Autocomplete data is now always loaded, instead of when focusing a comment text area (Yorick Peterse)
  - Improved performance of finding issues for an entire group (Yorick Peterse)
  - Added custom application performance measuring system powered by InfluxDB (Yorick Peterse)
@@ -45,6 +46,7 @@ v 8.4.0 (unreleased)
  - Show referenced MRs & Issues only when the current viewer can access them
  - Fix Encoding::CompatibilityError bug when markdown content has some complex URL (Jason Lee)
  - Add API support for managing project's build triggers
+  - Add API support for managing build variables of project
  - Allow broadcast messages to be edited
 v 8.3.4

--- a/app/assets/stylesheets/pages/branches.scss
+++ b/app/assets/stylesheets/pages/branches.scss
+.branch-name{
+  font-weight: 600;
+}
--- a/app/assets/stylesheets/pages/commit.scss
+++ b/app/assets/stylesheets/pages/commit.scss
@@ -2,6 +2,10 @@
  display: block;
 }
+.commit-row-title .commit-title {
+  font-weight: 600;
+}
 .commit-author, .commit-committer{
  display: block;
  color: #999;

--- a/app/assets/stylesheets/pages/groups.scss
+++ b/app/assets/stylesheets/pages/groups.scss
@@ -11,3 +11,8 @@
    height: 42px;
  }
 }
+.content-list .group-name {
+  font-weight: 600;
+  color: #4c4e54;
+}
--- a/app/assets/stylesheets/pages/issues.scss
+++ b/app/assets/stylesheets/pages/issues.scss
@@ -6,7 +6,7 @@
    .issue-title {
      margin-bottom: 5px;
      font-size: $list-font-size;
-      font-weight: bold;
+      font-weight: 600;
    }
    .issue-info {

--- a/app/assets/stylesheets/pages/merge_requests.scss
+++ b/app/assets/stylesheets/pages/merge_requests.scss
@@ -150,7 +150,7 @@
    .merge-request-title {
      margin-bottom: 5px;
      font-size: $list-font-size;
-      font-weight: bold;
+      font-weight: 600;
    }
    .merge-request-info {

--- a/app/assets/stylesheets/pages/tags.scss
+++ b/app/assets/stylesheets/pages/tags.scss
+.tag-name{
+  font-weight: 600;
+}
--- a/app/models/ci/variable.rb
+++ b/app/models/ci/variable.rb
@@ -18,8 +18,12 @@ module Ci
    belongs_to :project, class_name: '::Project', foreign_key: :gl_project_id
-    validates_presence_of :key
    validates_uniqueness_of :key, scope: :gl_project_id
+    validates :key,
+      presence: true,
+      length: { within: 0..255 },
+      format: { with: /\A[a-zA-Z0-9_]+\z/,
+                message: "can contain only letters, digits and '_'." }
    attr_encrypted :value, mode: :per_attribute_iv_and_salt, key: Gitlab::Application.secrets.db_key_base
  end

--- a/app/views/projects/branches/_branch.html.haml
+++ b/app/views/projects/branches/_branch.html.haml
@@ -6,7 +6,7 @@
 %li(class="js-branch-#{branch.name}")
  %div
    = link_to namespace_project_tree_path(@project.namespace, @project, branch.name) do
-      %strong.str-truncated= branch.name
+      .branch-name.str-truncated= branch.name
    &nbsp;
    - if branch.name == @repository.root_ref
      %span.label.label-primary default

--- a/app/views/projects/commits/_commit.html.haml
+++ b/app/views/projects/commits/_commit.html.haml
@@ -11,7 +11,7 @@
 = cache(cache_key) do
  %li.commit.js-toggle-container{ id: "commit-#{commit.short_id}" }
    .commit-row-title
-      %strong.str-truncated
+      .commit-title.str-truncated
        = link_to_gfm commit.title, namespace_project_commit_path(project.namespace, project, commit.id), class: "commit-row-message"
        - if commit.description?
          %a.text-expander.js-toggle-button ...

--- a/app/views/projects/tags/_tag.html.haml
+++ b/app/views/projects/tags/_tag.html.haml
@@ -3,7 +3,7 @@
 %li
  %div
    = link_to namespace_project_tag_path(@project.namespace, @project, tag.name) do
-      %strong
+      .tag-name
        = icon('tag')
        = tag.name
    - if tag.message.present?

--- a/app/views/projects/tags/show.html.haml
+++ b/app/views/projects/tags/show.html.haml
@@ -17,8 +17,8 @@
      .pull-right
        = link_to namespace_project_tag_path(@project.namespace, @project, @tag.name), class: 'btn btn-remove remove-row grouped has_tooltip', title: "Delete tag", method: :delete, data: { confirm: "Deleting the '#{@tag.name}' tag cannot be undone. Are you sure?" } do
          %i.fa.fa-trash-o
-  .title
+  .tag-name.title
-    %strong= @tag.name
+    = @tag.name
    - if @tag.message.present?
      %span.light
        &nbsp;

--- a/app/views/shared/groups/_group.html.haml
+++ b/app/views/shared/groups/_group.html.haml
@@ -10,8 +10,7 @@
        %i.fa.fa-sign-out
  = image_tag group_icon(group), class: "avatar s46 hidden-xs"
-  = link_to group, class: 'group-name' do
+  = link_to group.name, group, class: 'group-name'
-    %strong= group.name
  - if group_member
    as

--- a/doc/api/README.md
+++ b/doc/api/README.md
@@ -24,6 +24,7 @@
 - [Settings](settings.md)
 - [Keys](keys.md)
 - [Build triggers](build_triggers.md)
+- [Build Variables](build_variables.md)
 ## Clients

--- a/doc/api/build_variables.md
+++ b/doc/api/build_variables.md
+# Build Variables
+## List project variables
+Get list of a project's build variables.
+```
+GET /projects/:id/variables
+```
+| Attribute | Type    | required | Description         |
+|-----------|---------|----------|---------------------|
+| `id`      | integer | yes      | The ID of a project |
+```
+curl -H "PRIVATE_TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v3/projects/1/variables"
+```
+```json
+[
+    {
+        "key": "TEST_VARIABLE_1",
+        "value": "TEST_1"
+    },
+    {
+        "key": "TEST_VARIABLE_2",
+        "value": "TEST_2"
+    }
+]
+```
+## Show variable details
+Get the details of a project's specific build variable.
+```
+GET /projects/:id/variables/:key
+```
+| Attribute | Type    | required | Description           |
+|-----------|---------|----------|-----------------------|
+| `id`      | integer | yes      | The ID of a project   |
+| `key`     | string  | yes      | The `key` of a variable |
+```
+curl -H "PRIVATE_TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v3/projects/1/variables/TEST_VARIABLE_1"
+```
+```json
+{
+    "key": "TEST_VARIABLE_1",
+    "value": "TEST_1"
+}
+```
+## Create variable
+Create a new build variable.
+```
+POST /projects/:id/variables
+```
+| Attribute | Type    | required | Description           |
+|-----------|---------|----------|-----------------------|
+| `id`      | integer | yes      | The ID of a project   |
+| `key`     | string  | yes      | The `key` of a variable; must have no more than 255 characters; only `A-Z`, `a-z`, `0-9`, and `_` are allowed |
+| `value`   | string  | yes      | The `value` of a variable |
+```
+curl -X POST -H "PRIVATE_TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v3/projects/1/variables" -F "key=NEW_VARIABLE" -F "value=new value"
+```
+```json
+{
+    "key": "NEW_VARIABLE",
+    "value": "new value"
+}
+```
+## Update variable
+Update a project's build variable.
+```
+PUT /projects/:id/variables/:key
+```
+| Attribute | Type    | required | Description             |
+|-----------|---------|----------|-------------------------|
+| `id`      | integer | yes      | The ID of a project     |
+| `key`     | string  | yes      | The `key` of a variable   |
+| `value`   | string  | yes      | The `value` of a variable |
+```
+curl -X PUT -H "PRIVATE_TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v3/projects/1/variables/NEW_VARIABLE" -F "value=updated value"
+```
+```json
+{
+    "key": "NEW_VARIABLE",
+    "value": "updated value"
+}
+```
+## Remove variable
+Remove a project's build variable.
+```
+DELETE /projects/:id/variables/:key
+```
+| Attribute | Type    | required | Description             |
+|-----------|---------|----------|-------------------------|
+| `id`      | integer | yes      | The ID of a project     |
+| `key`     | string  | yes      | The `key` of a variable |
+```
+curl -X DELETE -H "PRIVATE_TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v3/projects/1/variables/VARIABLE_1"
+```
+```json
+{
+    "key": "VARIABLE_1",
+    "value": "VALUE_1"
+}
+```
--- a/lib/api/api.rb
+++ b/lib/api/api.rb
@@ -54,5 +54,6 @@ module API
    mount Keys
    mount Tags
    mount Triggers
+    mount Variables
  end
 end
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -370,5 +370,9 @@ module API
    class Trigger < Grape::Entity
      expose :token, :created_at, :updated_at, :deleted_at, :last_used
    end
+    class Variable < Grape::Entity
+      expose :key, :value
+    end
  end
 end
--- a/lib/api/variables.rb
+++ b/lib/api/variables.rb
+module API
+  # Projects variables API
+  class Variables < Grape::API
+    before { authenticate! }
+    before { authorize_admin_project }
+    resource :projects do
+      # Get project variables
+      #
+      # Parameters:
+      #   id (required) - The ID of a project
+      #   page (optional) - The page number for pagination
+      #   per_page (optional) - The value of items per page to show
+      # Example Request:
+      #   GET /projects/:id/variables
+      get ':id/variables' do
+        variables = user_project.variables
+        present paginate(variables), with: Entities::Variable
+      end
+      # Get specific variable of a project
+      #
+      # Parameters:
+      #   id (required) - The ID of a project
+      #   key (required) - The `key` of variable
+      # Example Request:
+      #   GET /projects/:id/variables/:key
+      get ':id/variables/:key' do
+        key = params[:key]
+        variable = user_project.variables.find_by(key: key.to_s)
+        return not_found!('Variable') unless variable
+        present variable, with: Entities::Variable
+      end
+      # Create a new variable in project
+      #
+      # Parameters:
+      #   id (required) - The ID of a project
+      #   key (required) - The key of variable
+      #   value (required) - The value of variable
+      # Example Request:
+      #   POST /projects/:id/variables
+      post ':id/variables' do
+        required_attributes! [:key, :value]
+        variable = user_project.variables.create(key: params[:key], value: params[:value])
+        if variable.valid?
+          present variable, with: Entities::Variable
+        else
+          render_validation_error!(variable)
+        end
+      end
+      # Update existing variable of a project
+      #
+      # Parameters:
+      #   id (required) - The ID of a project
+      #   key (optional) - The `key` of variable
+      #   value (optional) - New value for `value` field of variable
+      # Example Request:
+      #   PUT /projects/:id/variables/:key
+      put ':id/variables/:key' do
+        variable = user_project.variables.find_by(key: params[:key].to_s)
+        return not_found!('Variable') unless variable
+        attrs = attributes_for_keys [:value]
+        if variable.update(attrs)
+          present variable, with: Entities::Variable
+        else
+          render_validation_error!(variable)
+        end
+      end
+      # Delete existing variable of a project
+      #
+      # Parameters:
+      #   id (required) - The ID of a project
+      #   key (required) - The ID of a variable
+      # Example Request:
+      #   DELETE /projects/:id/variables/:key
+      delete ':id/variables/:key' do
+        variable = user_project.variables.find_by(key: params[:key].to_s)
+        return not_found!('Variable') unless variable
+        variable.destroy
+        present variable, with: Entities::Variable
+      end
+    end
+  end
+end
--- a/spec/factories/ci/variables.rb
+++ b/spec/factories/ci/variables.rb
+# == Schema Information
+#
+# Table name: ci_variables
+#
+#  id                   :integer          not null, primary key
+#  project_id           :integer          not null
+#  key                  :string(255)
+#  value                :text
+#  encrypted_value      :text
+#  encrypted_value_salt :string(255)
+#  encrypted_value_iv   :string(255)
+#  gl_project_id        :integer
+#
+# Read about factories at https://github.com/thoughtbot/factory_girl
+FactoryGirl.define do
+  factory :ci_variable, class: Ci::Variable do
+    sequence(:key) { |n| "VARIABLE_#{n}" }
+    value 'VARIABLE_VALUE'
+  end
+end
--- a/spec/requests/api/variables_spec.rb
+++ b/spec/requests/api/variables_spec.rb
+require 'spec_helper'
+describe API::API, api: true do
+  include ApiHelpers
+  let(:user) { create(:user) }
+  let(:user2) { create(:user) }
+  let!(:project) { create(:project, creator_id: user.id) }
+  let!(:master) { create(:project_member, user: user, project: project, access_level: ProjectMember::MASTER) }
+  let!(:developer) { create(:project_member, user: user2, project: project, access_level: ProjectMember::DEVELOPER) }
+  let!(:variable) { create(:ci_variable, project: project) }
+  describe 'GET /projects/:id/variables' do
+    context 'authorized user with proper permissions' do
+      it 'should return project variables' do
+        get api("/projects/#{project.id}/variables", user)
+        expect(response.status).to eq(200)
+        expect(json_response).to be_a(Array)
+      end
+    end
+    context 'authorized user with invalid permissions' do
+      it 'should not return project variables' do
+        get api("/projects/#{project.id}/variables", user2)
+        expect(response.status).to eq(403)
+      end
+    end
+    context 'unauthorized user' do
+      it 'should not return project variables' do
+        get api("/projects/#{project.id}/variables")
+        expect(response.status).to eq(401)
+      end
+    end
+  end
+  describe 'GET /projects/:id/variables/:key' do
+    context 'authorized user with proper permissions' do
+      it 'should return project variable details' do
+        get api("/projects/#{project.id}/variables/#{variable.key}", user)
+        expect(response.status).to eq(200)
+        expect(json_response['value']).to eq(variable.value)
+      end
+      it 'should respond with 404 Not Found if requesting non-existing variable' do
+        get api("/projects/#{project.id}/variables/non_existing_variable", user)
+        expect(response.status).to eq(404)
+      end
+    end
+    context 'authorized user with invalid permissions' do
+      it 'should not return project variable details' do
+        get api("/projects/#{project.id}/variables/#{variable.key}", user2)
+        expect(response.status).to eq(403)
+      end
+    end
+    context 'unauthorized user' do
+      it 'should not return project variable details' do
+        get api("/projects/#{project.id}/variables/#{variable.key}")
+        expect(response.status).to eq(401)
+      end
+    end
+  end
+  describe 'POST /projects/:id/variables' do
+    context 'authorized user with proper permissions' do
+      it 'should create variable' do
+        expect do
+          post api("/projects/#{project.id}/variables", user), key: 'TEST_VARIABLE_2', value: 'VALUE_2'
+        end.to change{project.variables.count}.by(1)
+        expect(response.status).to eq(201)
+        expect(json_response['key']).to eq('TEST_VARIABLE_2')
+        expect(json_response['value']).to eq('VALUE_2')
+      end
+      it 'should not allow to duplicate variable key' do
+        expect do
+          post api("/projects/#{project.id}/variables", user), key: variable.key, value: 'VALUE_2'
+        end.to change{project.variables.count}.by(0)
+        expect(response.status).to eq(400)
+      end
+    end
+    context 'authorized user with invalid permissions' do
+      it 'should not create variable' do
+        post api("/projects/#{project.id}/variables", user2)
+        expect(response.status).to eq(403)
+      end
+    end
+    context 'unauthorized user' do
+      it 'should not create variable' do
+        post api("/projects/#{project.id}/variables")
+        expect(response.status).to eq(401)
+      end
+    end
+  end
+  describe 'PUT /projects/:id/variables/:key' do
+    context 'authorized user with proper permissions' do
+      it 'should update variable data' do
+        initial_variable = project.variables.first
+        value_before = initial_variable.value
+        put api("/projects/#{project.id}/variables/#{variable.key}", user), value: 'VALUE_1_UP'
+        updated_variable = project.variables.first
+        expect(response.status).to eq(200)
+        expect(value_before).to eq(variable.value)
+        expect(updated_variable.value).to eq('VALUE_1_UP')
+      end
+      it 'should responde with 404 Not Found if requesting non-existing variable' do
+        put api("/projects/#{project.id}/variables/non_existing_variable", user)
+        expect(response.status).to eq(404)
+      end
+    end
+    context 'authorized user with invalid permissions' do
+      it 'should not update variable' do
+        put api("/projects/#{project.id}/variables/#{variable.key}", user2)
+        expect(response.status).to eq(403)
+      end
+    end
+    context 'unauthorized user' do
+      it 'should not update variable' do
+        put api("/projects/#{project.id}/variables/#{variable.key}")
+        expect(response.status).to eq(401)
+      end
+    end
+  end
+  describe 'DELETE /projects/:id/variables/:key' do
+    context 'authorized user with proper permissions' do
+      it 'should delete variable' do
+        expect do
+          delete api("/projects/#{project.id}/variables/#{variable.key}", user)
+        end.to change{project.variables.count}.by(-1)
+        expect(response.status).to eq(200)
+      end
+      it 'should responde with 404 Not Found if requesting non-existing variable' do
+        delete api("/projects/#{project.id}/variables/non_existing_variable", user)
+        expect(response.status).to eq(404)
+      end
+    end
+    context 'authorized user with invalid permissions' do
+      it 'should not delete variable' do
+        delete api("/projects/#{project.id}/variables/#{variable.key}", user2)
+        expect(response.status).to eq(403)
+      end
+    end
+    context 'unauthorized user' do
+      it 'should not delete variable' do
+        delete api("/projects/#{project.id}/variables/#{variable.key}")
+        expect(response.status).to eq(401)
+      end
+    end
+  end
+end