Commit 8bb755ab authored by Etienne Baqué's avatar Etienne Baqué

Merge branch 'vij-member-approve-all-api' into 'master'

Add member approve_all API endpoint

See merge request gitlab-org/gitlab!73849
parents cb04023e fb949a57
...@@ -76,6 +76,24 @@ module EE ...@@ -76,6 +76,24 @@ module EE
end end
end end
desc 'Approves all pending members'
post ':id/members/approve_all' do
group = find_group!(params[:id])
bad_request! unless group.root?
bad_request! unless can?(current_user, :admin_group_member, group)
result = ::Members::ActivateService
.new(group, activate_all: true, current_user: current_user)
.execute
if result[:status] == :success
no_content!
else
bad_request!(result[:message])
end
end
desc 'Gets a list of billable users of root group.' do desc 'Gets a list of billable users of root group.' do
success Entities::Member success Entities::Member
end end
......
...@@ -956,13 +956,13 @@ RSpec.describe API::Members do ...@@ -956,13 +956,13 @@ RSpec.describe API::Members do
let_it_be(:project) { create(:project, group: group) } let_it_be(:project) { create(:project, group: group) }
let_it_be(:not_an_owner) { create(:user) } let_it_be(:not_an_owner) { create(:user) }
let(:url) { "/groups/#{group.id}/members/#{developer.id}/approve" }
before do before do
group.add_owner(owner) group.add_owner(owner)
end end
describe 'PUT /groups/:id/members/:user_id/approve' do describe 'PUT /groups/:id/members/:user_id/approve' do
let(:url) { "/groups/#{group.id}/members/#{developer.id}/approve" }
context 'with invalid params' do context 'with invalid params' do
context 'when a subgroup is used' do context 'when a subgroup is used' do
let(:url) { "/groups/#{subgroup.id}/members/#{developer.id}/approve" } let(:url) { "/groups/#{subgroup.id}/members/#{developer.id}/approve" }
...@@ -1047,5 +1047,61 @@ RSpec.describe API::Members do ...@@ -1047,5 +1047,61 @@ RSpec.describe API::Members do
end end
end end
end end
describe 'PUT /groups/:id/members/approve_all' do
let(:url) { "/groups/#{group.id}/members/approve_all" }
context 'when the current user is not authorized' do
it 'returns a bad request response' do
post api(url, not_an_owner)
expect(response).to have_gitlab_http_status(:bad_request)
end
end
context 'when the current user is authorized' do
before do
group.add_owner(owner)
end
context 'when the group ID is a subgroup' do
let(:url) { "/groups/#{subgroup.id}/members/approve_all" }
it 'returns a bad request response' do
post api(url, owner)
expect(response).to have_gitlab_http_status(:bad_request)
end
end
context 'when params are valid' do
it 'approves all pending members' do
pending_group_member = create(:group_member, :awaiting, group: group)
pending_subgroup_member = create(:group_member, :awaiting, group: subgroup)
pending_project_member = create(:project_member, :awaiting, project: project)
post api(url, owner)
expect(response).to have_gitlab_http_status(:success)
[pending_group_member, pending_subgroup_member, pending_subgroup_member, pending_project_member].each do |member|
expect(member.reload.active?).to be true
end
end
end
context 'when activation fails' do
it 'returns a bad request response' do
allow_next_instance_of(::Members::ActivateService) do |service|
allow(service).to receive(:execute).and_return({ status: :error })
end
post api(url, owner)
expect(response).to have_gitlab_http_status(:bad_request)
end
end
end
end
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment