Commit 3381411d authored by Rémy Coutable's avatar Rémy Coutable

Merge branch 'update-members-api-for-multiple-user_ids' into 'master'

Update Add Members Api to accept user_id list

See merge request gitlab-org/gitlab!44051
parents 93e52c14 a42efbf9
......@@ -7,7 +7,7 @@ module Members
def execute(source)
return error(s_('AddMember|No users specified.')) if params[:user_ids].blank?
user_ids = params[:user_ids].split(',').uniq
user_ids = params[:user_ids].split(',').uniq.flatten
return error(s_("AddMember|Too many users specified (limit is %{user_limit})") % { user_limit: user_limit }) if
user_limit && user_ids.size > user_limit
......
---
title: Update Add Members API to accept user_id array
merge_request: 44051
author:
type: added
......@@ -290,7 +290,7 @@ POST /projects/:id/members
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](README.md#namespaced-path-encoding) owned by the authenticated user |
| `user_id` | integer | yes | The user ID of the new member |
| `user_id` | integer/string | yes | The user ID of the new member or multiple IDs separated by commas |
| `access_level` | integer | yes | A valid access level |
| `expires_at` | string | no | A date string in the format YEAR-MONTH-DAY |
......
......@@ -88,8 +88,8 @@ module API
success Entities::Member
end
params do
requires :user_id, type: Integer, desc: 'The user ID of the new member'
requires :access_level, type: Integer, desc: 'A valid access level (defaults: `30`, developer access level)'
requires :user_id, types: [Integer, String], desc: 'The user ID of the new member or multiple IDs separated by commas.'
optional :expires_at, type: DateTime, desc: 'Date string in the format YEAR-MONTH-DAY'
end
# rubocop: disable CodeReuse/ActiveRecord
......@@ -97,20 +97,26 @@ module API
source = find_source(source_type, params[:id])
authorize_admin_source!(source_type, source)
member = source.members.find_by(user_id: params[:user_id])
conflict!('Member already exists') if member
if params[:user_id].to_s.include?(',')
create_service_params = params.except(:user_id).merge({ user_ids: params[:user_id] })
user = User.find_by_id(params[:user_id])
not_found!('User') unless user
::Members::CreateService.new(current_user, create_service_params).execute(source)
elsif params[:user_id].present?
member = source.members.find_by(user_id: params[:user_id])
conflict!('Member already exists') if member
member = create_member(current_user, user, source, params)
user = User.find_by_id(params[:user_id])
not_found!('User') unless user
if !member
not_allowed! # This currently can only be reached in EE
elsif member.valid? && member.persisted?
present_members(member)
else
render_validation_error!(member)
member = create_member(current_user, user, source, params)
if !member
not_allowed! # This currently can only be reached in EE
elsif member.valid? && member.persisted?
present_members(member)
else
render_validation_error!(member)
end
end
end
# rubocop: enable CodeReuse/ActiveRecord
......
......@@ -251,6 +251,36 @@ RSpec.describe API::Members do
expect(json_response['id']).to eq(stranger.id)
expect(json_response['access_level']).to eq(Member::DEVELOPER)
end
describe 'executes the Members::CreateService for multiple user_ids' do
it 'returns success when it successfully create all members' do
expect do
user_ids = [stranger.id, access_requester.id].join(',')
post api("/#{source_type.pluralize}/#{source.id}/members", maintainer),
params: { user_id: user_ids, access_level: Member::DEVELOPER }
expect(response).to have_gitlab_http_status(:created)
end.to change { source.members.count }.by(2)
expect(json_response['status']).to eq('success')
end
it 'returns the error message if there was an error adding members to group' do
error_message = 'Unable to find User ID'
user_ids = [stranger.id, access_requester.id].join(',')
allow_next_instance_of(::Members::CreateService) do |service|
expect(service).to receive(:execute).with(source).and_return({ status: :error, message: error_message })
end
expect do
post api("/#{source_type.pluralize}/#{source.id}/members", maintainer),
params: { user_id: user_ids, access_level: Member::DEVELOPER }
end.not_to change { source.members.count }
expect(json_response['status']).to eq('error')
expect(json_response['message']).to eq(error_message)
end
end
end
context 'access levels' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment