Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
f2051d0c
Commit
f2051d0c
authored
Aug 19, 2019
by
Mark Chao
Committed by
Douwe Maan
Aug 19, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Rename approval_settings endpoints to approval_rules
Remove project API's "rules" segment
parent
dc35eaa3
Changes
14
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
14 changed files
with
740 additions
and
292 deletions
+740
-292
doc/api/merge_request_approvals.md
doc/api/merge_request_approvals.md
+238
-56
ee/changelogs/unreleased/11877-public-approval-api.yml
ee/changelogs/unreleased/11877-public-approval-api.yml
+5
-0
ee/lib/api/helpers/project_approval_rules_helpers.rb
ee/lib/api/helpers/project_approval_rules_helpers.rb
+72
-0
ee/lib/api/project_approval_rules.rb
ee/lib/api/project_approval_rules.rb
+26
-66
ee/lib/api/project_approval_settings.rb
ee/lib/api/project_approval_settings.rb
+62
-0
ee/lib/ee/api/endpoints.rb
ee/lib/ee/api/endpoints.rb
+1
-0
ee/lib/ee/api/entities.rb
ee/lib/ee/api/entities.rb
+8
-4
ee/spec/fixtures/api/schemas/public_api/v4/project_approval_rule.json
...ures/api/schemas/public_api/v4/project_approval_rule.json
+1
-1
ee/spec/fixtures/api/schemas/public_api/v4/project_approval_rules.json
...res/api/schemas/public_api/v4/project_approval_rules.json
+2
-9
ee/spec/fixtures/api/schemas/public_api/v4/project_approval_setting.json
...s/api/schemas/public_api/v4/project_approval_setting.json
+32
-0
ee/spec/fixtures/api/schemas/public_api/v4/project_approval_settings.json
.../api/schemas/public_api/v4/project_approval_settings.json
+11
-0
ee/spec/requests/api/project_approval_rules_spec.rb
ee/spec/requests/api/project_approval_rules_spec.rb
+24
-156
ee/spec/requests/api/project_approval_settings_spec.rb
ee/spec/requests/api/project_approval_settings_spec.rb
+111
-0
ee/spec/support/shared_examples/project_approval_rules_api_shared_examples.rb
...ed_examples/project_approval_rules_api_shared_examples.rb
+147
-0
No files found.
doc/api/merge_request_approvals.md
View file @
f2051d0c
This diff is collapsed.
Click to expand it.
ee/changelogs/unreleased/11877-public-approval-api.yml
0 → 100644
View file @
f2051d0c
---
title
:
Public project-level approval rule API
merge_request
:
13895
author
:
type
:
added
ee/lib/api/helpers/project_approval_rules_helpers.rb
0 → 100644
View file @
f2051d0c
# frozen_string_literal: true
module
API
module
Helpers
module
ProjectApprovalRulesHelpers
extend
Grape
::
API
::
Helpers
ARRAY_COERCION_LAMBDA
=
->
(
val
)
{
val
.
empty?
?
[]
:
Array
.
wrap
(
val
)
}
params
:create_project_approval_rule
do
requires
:name
,
type:
String
,
desc:
'The name of the approval rule'
requires
:approvals_required
,
type:
Integer
,
desc:
'The number of required approvals for this rule'
optional
:rule_type
,
type:
String
,
desc:
'The type of approval rule'
optional
:users
,
as: :user_ids
,
type:
Array
,
coerce_with:
ARRAY_COERCION_LAMBDA
,
desc:
'The user ids for this rule'
optional
:groups
,
as: :group_ids
,
type:
Array
,
coerce_with:
ARRAY_COERCION_LAMBDA
,
desc:
'The group ids for this rule'
end
params
:update_project_approval_rule
do
requires
:approval_rule_id
,
type:
Integer
,
desc:
'The ID of an approval_rule'
optional
:name
,
type:
String
,
desc:
'The name of the approval rule'
optional
:approvals_required
,
type:
Integer
,
desc:
'The number of required approvals for this rule'
optional
:users
,
as: :user_ids
,
type:
Array
,
coerce_with:
ARRAY_COERCION_LAMBDA
,
desc:
'The user ids for this rule'
optional
:groups
,
as: :group_ids
,
type:
Array
,
coerce_with:
ARRAY_COERCION_LAMBDA
,
desc:
'The group ids for this rule'
optional
:remove_hidden_groups
,
type:
Boolean
,
desc:
'Whether hidden groups should be removed'
end
params
:delete_project_approval_rule
do
requires
:approval_rule_id
,
type:
Integer
,
desc:
'The ID of an approval_rule'
end
def
authorize_create_merge_request_in_project
authorize!
:create_merge_request_in
,
user_project
end
def
create_project_approval_rule
(
present_with
:)
authorize!
:admin_project
,
user_project
result
=
::
ApprovalRules
::
CreateService
.
new
(
user_project
,
current_user
,
declared_params
(
include_missing:
false
)).
execute
if
result
[
:status
]
==
:success
present
result
[
:rule
],
with:
present_with
,
current_user:
current_user
else
render_api_error!
(
result
[
:message
],
400
)
end
end
def
update_project_approval_rule
(
present_with
:)
authorize!
:admin_project
,
user_project
params
=
declared_params
(
include_missing:
false
)
approval_rule
=
user_project
.
approval_rules
.
find
(
params
.
delete
(
:approval_rule_id
))
result
=
::
ApprovalRules
::
UpdateService
.
new
(
approval_rule
,
current_user
,
params
).
execute
if
result
[
:status
]
==
:success
present
result
[
:rule
],
with:
present_with
,
current_user:
current_user
else
render_api_error!
(
result
[
:message
],
400
)
end
end
def
destroy_project_approval_rule
authorize!
:admin_project
,
user_project
approval_rule
=
user_project
.
approval_rules
.
find
(
params
[
:approval_rule_id
])
destroy_conditionally!
(
approval_rule
)
do
|
rule
|
::
ApprovalRules
::
ProjectRuleDestroyService
.
new
(
rule
).
execute
end
end
end
end
end
ee/lib/api/project_approval_rules.rb
View file @
f2051d0c
...
...
@@ -4,89 +4,49 @@ module API
class
ProjectApprovalRules
<
::
Grape
::
API
before
{
authenticate!
}
ARRAY_COERCION_LAMBDA
=
->
(
val
)
{
val
.
empty?
?
[]
:
Array
.
wrap
(
val
)
}
helpers
::
API
::
Helpers
::
ProjectApprovalRulesHelpers
params
do
requires
:id
,
type:
String
,
desc:
'The ID of a project'
end
resource
:projects
,
requirements:
::
API
::
API
::
NAMESPACE_OR_PROJECT_REQUIREMENTS
do
segment
':id/approval_
setting
s'
do
segment
':id/approval_
rule
s'
do
desc
'Get all project approval rules'
do
detail
'Private API subject to change'
success
EE
::
API
::
Entities
::
ProjectApprovalRules
success
EE
::
API
::
Entities
::
ApprovalRule
end
get
do
authorize
!
:create_merge_request_in
,
user
_project
authorize
_create_merge_request_in
_project
present
user_project
,
with:
EE
::
API
::
Entities
::
ProjectApprovalRules
,
current_user:
current_user
present
user_project
.
visible_approval_rules
,
with:
EE
::
API
::
Entities
::
ApprovalRule
,
current_user:
current_user
end
segment
'rules'
do
desc
'Create new approval rule'
do
detail
'Private API subject to change'
desc
'Create new project approval rule'
do
success
EE
::
API
::
Entities
::
ApprovalRule
end
params
do
use
:create_project_approval_rule
end
post
do
create_project_approval_rule
(
present_with:
EE
::
API
::
Entities
::
ApprovalRule
)
end
segment
':approval_rule_id'
do
desc
'Update project approval rule'
do
success
EE
::
API
::
Entities
::
ApprovalRule
end
params
do
requires
:name
,
type:
String
,
desc:
'The name of the approval rule'
requires
:approvals_required
,
type:
Integer
,
desc:
'The number of required approvals for this rule'
optional
:rule_type
,
type:
String
,
desc:
'The type of approval rule'
optional
:users
,
as: :user_ids
,
type:
Array
,
coerce_with:
ARRAY_COERCION_LAMBDA
,
desc:
'The user ids for this rule'
optional
:groups
,
as: :group_ids
,
type:
Array
,
coerce_with:
ARRAY_COERCION_LAMBDA
,
desc:
'The group ids for this rule'
use
:update_project_approval_rule
end
post
do
authorize!
:admin_project
,
user_project
result
=
::
ApprovalRules
::
CreateService
.
new
(
user_project
,
current_user
,
declared_params
(
include_missing:
false
)).
execute
if
result
[
:status
]
==
:success
present
result
[
:rule
],
with:
EE
::
API
::
Entities
::
ApprovalRule
,
current_user:
current_user
else
render_api_error!
(
result
[
:message
],
400
)
end
put
do
update_project_approval_rule
(
present_with:
EE
::
API
::
Entities
::
ApprovalRule
)
end
segment
':approval_rule_id'
do
desc
'Update approval rule'
do
detail
'Private API subject to change'
success
EE
::
API
::
Entities
::
ApprovalRule
end
params
do
requires
:approval_rule_id
,
type:
Integer
,
desc:
'The ID of an approval_rule'
optional
:name
,
type:
String
,
desc:
'The name of the approval rule'
optional
:approvals_required
,
type:
Integer
,
desc:
'The number of required approvals for this rule'
optional
:users
,
as: :user_ids
,
type:
Array
,
coerce_with:
ARRAY_COERCION_LAMBDA
,
desc:
'The user ids for this rule'
optional
:groups
,
as: :group_ids
,
type:
Array
,
coerce_with:
ARRAY_COERCION_LAMBDA
,
desc:
'The group ids for this rule'
optional
:remove_hidden_groups
,
type:
Boolean
,
desc:
'Whether hidden groups should be removed'
end
put
do
authorize!
:admin_project
,
user_project
params
=
declared_params
(
include_missing:
false
)
approval_rule
=
user_project
.
approval_rules
.
find
(
params
.
delete
(
:approval_rule_id
))
result
=
::
ApprovalRules
::
UpdateService
.
new
(
approval_rule
,
current_user
,
params
).
execute
if
result
[
:status
]
==
:success
present
result
[
:rule
],
with:
EE
::
API
::
Entities
::
ApprovalRule
,
current_user:
current_user
else
render_api_error!
(
result
[
:message
],
400
)
end
end
desc
'Delete an approval rule'
do
detail
'Private API subject to change'
end
params
do
requires
:approval_rule_id
,
type:
Integer
,
desc:
'The ID of an approval_rule'
end
delete
do
authorize!
:admin_project
,
user_project
approval_rule
=
user_project
.
approval_rules
.
find
(
params
[
:approval_rule_id
])
destroy_conditionally!
(
approval_rule
)
do
|
rule
|
::
ApprovalRules
::
ProjectRuleDestroyService
.
new
(
rule
).
execute
end
end
desc
'Destroy project approval rule'
params
do
use
:delete_project_approval_rule
end
delete
do
destroy_project_approval_rule
end
end
end
...
...
ee/lib/api/project_approval_settings.rb
0 → 100644
View file @
f2051d0c
# frozen_string_literal: true
module
API
class
ProjectApprovalSettings
<
::
Grape
::
API
before
{
authenticate!
}
helpers
::
API
::
Helpers
::
ProjectApprovalRulesHelpers
params
do
requires
:id
,
type:
String
,
desc:
'The ID of a project'
end
resource
:projects
,
requirements:
::
API
::
API
::
NAMESPACE_OR_PROJECT_REQUIREMENTS
do
segment
':id/approval_settings'
do
desc
'Get all project approval rules'
do
detail
'Private API subject to change'
success
EE
::
API
::
Entities
::
ProjectApprovalSettings
end
get
do
authorize_create_merge_request_in_project
present
user_project
,
with:
EE
::
API
::
Entities
::
ProjectApprovalSettings
,
current_user:
current_user
end
segment
'rules'
do
desc
'Create new approval rule'
do
detail
'Private API subject to change'
success
EE
::
API
::
Entities
::
ApprovalSettingRule
end
params
do
use
:create_project_approval_rule
end
post
do
create_project_approval_rule
(
present_with:
EE
::
API
::
Entities
::
ApprovalSettingRule
)
end
segment
':approval_rule_id'
do
desc
'Update approval rule'
do
detail
'Private API subject to change'
success
EE
::
API
::
Entities
::
ApprovalSettingRule
end
params
do
use
:update_project_approval_rule
end
put
do
update_project_approval_rule
(
present_with:
EE
::
API
::
Entities
::
ApprovalSettingRule
)
end
desc
'Delete an approval rule'
do
detail
'Private API subject to change'
end
params
do
use
:delete_project_approval_rule
end
delete
do
destroy_project_approval_rule
end
end
end
end
end
end
end
ee/lib/ee/api/endpoints.rb
View file @
f2051d0c
...
...
@@ -10,6 +10,7 @@ module EE
mount
::
EE
::
API
::
GroupBoards
mount
::
API
::
ProjectApprovalRules
mount
::
API
::
ProjectApprovalSettings
mount
::
API
::
Unleash
mount
::
API
::
EpicIssues
mount
::
API
::
EpicLinks
...
...
ee/lib/ee/api/entities.rb
View file @
f2051d0c
...
...
@@ -309,7 +309,7 @@ module EE
expose
:id
,
:name
,
:rule_type
end
class
ApprovalRule
<
ApprovalRuleShort
class
Approval
Setting
Rule
<
ApprovalRuleShort
def
initialize
(
object
,
options
=
{})
presenter
=
::
ApprovalRulePresenter
.
new
(
object
,
current_user:
options
[
:current_user
])
super
(
presenter
,
options
)
...
...
@@ -322,7 +322,11 @@ module EE
expose
:contains_hidden_groups?
,
as: :contains_hidden_groups
end
class
MergeRequestApprovalRule
<
ApprovalRule
class
ApprovalRule
<
ApprovalSettingRule
expose
:approvers
,
as: :eligible_approvers
,
using:
::
API
::
Entities
::
UserBasic
,
override:
true
end
class
MergeRequestApprovalRule
<
ApprovalSettingRule
class
SourceRule
<
Grape
::
Entity
expose
:approvals_required
end
...
...
@@ -343,8 +347,8 @@ module EE
end
# Decorates Project
class
ProjectApproval
Rule
s
<
Grape
::
Entity
expose
:visible_approval_rules
,
as: :rules
,
using:
ApprovalRule
class
ProjectApproval
Setting
s
<
Grape
::
Entity
expose
:visible_approval_rules
,
as: :rules
,
using:
Approval
Setting
Rule
expose
:min_fallback_approvals
,
as: :fallback_approvals_required
end
...
...
ee/spec/fixtures/api/schemas/public_api/v4/project_approval_rule.json
View file @
f2051d0c
...
...
@@ -6,7 +6,7 @@
"approvals_required"
:
{
"type"
:
"integer"
},
"contains_hidden_groups"
:
{
"type"
:
"boolean"
},
"rule_type"
:
{
"type"
:
"tring"
},
"approvers"
:
{
"
eligible_
approvers"
:
{
"type"
:
"array"
,
"items"
:
{
"type"
:
"object"
,
...
...
ee/spec/fixtures/api/schemas/public_api/v4/project_approval_rules.json
View file @
f2051d0c
{
"type"
:
"object"
,
"properties"
:
{
"rules"
:
{
"type"
:
"array"
,
"items"
:
{
"$ref"
:
"project_approval_rule.json"
}
},
"fallback_approvals_required"
:
{
"type"
:
"integer"
}
},
"additionalProperties"
:
false
"type"
:
"array"
,
"items"
:
{
"$ref"
:
"./project_approval_rule.json"
}
}
ee/spec/fixtures/api/schemas/public_api/v4/project_approval_setting.json
0 → 100644
View file @
f2051d0c
{
"type"
:
"object"
,
"properties"
:
{
"id"
:
{
"type"
:
"integer"
},
"name"
:
{
"type"
:
"string"
},
"approvals_required"
:
{
"type"
:
"integer"
},
"contains_hidden_groups"
:
{
"type"
:
"boolean"
},
"rule_type"
:
{
"type"
:
"tring"
},
"approvers"
:
{
"type"
:
"array"
,
"items"
:
{
"type"
:
"object"
,
"properties"
:
{}
}
},
"groups"
:
{
"type"
:
"array"
,
"items"
:
{
"type"
:
"object"
,
"properties"
:
{}
}
},
"users"
:
{
"type"
:
"array"
,
"items"
:
{
"type"
:
"object"
,
"properties"
:
{}
}
}
},
"additionalProperties"
:
false
}
ee/spec/fixtures/api/schemas/public_api/v4/project_approval_settings.json
0 → 100644
View file @
f2051d0c
{
"type"
:
"object"
,
"properties"
:
{
"rules"
:
{
"type"
:
"array"
,
"items"
:
{
"$ref"
:
"project_approval_setting.json"
}
},
"fallback_approvals_required"
:
{
"type"
:
"integer"
}
},
"additionalProperties"
:
false
}
ee/spec/requests/api/project_approval_rules_spec.rb
View file @
f2051d0c
...
...
@@ -3,17 +3,15 @@
require
'spec_helper'
describe
API
::
ProjectApprovalRules
do
set
(
:group
)
{
create
(
:group_with_members
)
}
set
(
:user
)
{
create
(
:user
)
}
set
(
:user2
)
{
create
(
:user
)
}
set
(
:admin
)
{
create
(
:user
,
:admin
)
}
set
(
:project
)
{
create
(
:project
,
:public
,
:repository
,
creator:
user
,
namespace:
user
.
namespace
,
only_allow_merge_if_pipeline_succeeds:
false
)
}
set
(
:group
)
{
create
(
:group_with_members
)
}
set
(
:user
)
{
create
(
:user
)
}
set
(
:user2
)
{
create
(
:user
)
}
set
(
:admin
)
{
create
(
:user
,
:admin
)
}
set
(
:project
)
{
create
(
:project
,
:public
,
:repository
,
creator:
user
,
namespace:
user
.
namespace
,
only_allow_merge_if_pipeline_succeeds:
false
)
}
set
(
:approver
)
{
create
(
:user
)
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_settings/rules"
}
describe
'GET /projects/:id/approval_settings'
do
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_settings"
}
describe
'GET /projects/:id/approval_rules'
do
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_rules"
}
context
'when the request is correct'
do
let!
(
:rule
)
do
...
...
@@ -36,9 +34,9 @@ describe API::ProjectApprovalRules do
json
=
json_response
expect
(
json
[
'rules'
]
.
size
).
to
eq
(
1
)
expect
(
json
.
size
).
to
eq
(
1
)
rule
=
json
[
'rules'
]
.
first
rule
=
json
.
first
expect
(
rule
[
'approvals_required'
]).
to
eq
(
7
)
expect
(
rule
[
'name'
]).
to
eq
(
'security'
)
...
...
@@ -55,7 +53,7 @@ describe API::ProjectApprovalRules do
get
api
(
url
,
developer
)
json
=
json_response
rule
=
json
[
'rules'
]
.
first
rule
=
json
.
first
expect
(
rule
[
'groups'
].
size
).
to
eq
(
0
)
end
...
...
@@ -66,7 +64,7 @@ describe API::ProjectApprovalRules do
get
api
(
url
,
developer
)
json
=
json_response
rule
=
json
[
'rules'
]
.
first
rule
=
json
.
first
expect
(
rule
[
'groups'
].
size
).
to
eq
(
1
)
end
...
...
@@ -82,162 +80,32 @@ describe API::ProjectApprovalRules do
json
=
json_response
expect
(
json
[
'rules'
]
.
size
).
to
eq
(
2
)
expect
(
json
[
'rules'
]
.
map
{
|
rule
|
rule
[
'name'
]
}).
to
contain_exactly
(
rule
.
name
,
report_approver_rule
.
name
)
expect
(
json
.
size
).
to
eq
(
2
)
expect
(
json
.
map
{
|
rule
|
rule
[
'name'
]
}).
to
contain_exactly
(
rule
.
name
,
report_approver_rule
.
name
)
end
end
end
end
describe
'POST /projects/:id/approval_settings/rules'
do
let
(
:current_user
)
{
user
}
let
(
:params
)
do
{
name:
'security'
,
approvals_required:
10
}
end
context
'when missing parameters'
do
it
'returns 400 status'
do
post
api
(
url
,
current_user
)
expect
(
response
).
to
have_gitlab_http_status
(
400
)
end
end
context
'when user is without access'
do
it
'returns 403'
do
post
api
(
url
,
user2
),
params:
params
expect
(
response
).
to
have_gitlab_http_status
(
403
)
end
end
context
'when the request is correct'
do
it
'returns 201 status'
do
post
api
(
url
,
current_user
),
params:
params
expect
(
response
).
to
have_gitlab_http_status
(
201
)
expect
(
response
).
to
match_response_schema
(
'public_api/v4/project_approval_rule'
,
dir:
'ee'
)
end
it
'changes settings properly'
do
create
(
:approval_project_rule
,
project:
project
,
approvals_required:
2
)
describe
'POST /projects/:id/approval_rules'
do
let
(
:schema
)
{
'public_api/v4/project_approval_rule'
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_rules"
}
project
.
reset_approvals_on_push
=
false
project
.
disable_overriding_approvers_per_merge_request
=
true
project
.
save
post
api
(
url
,
current_user
),
params:
params
expect
(
json_response
.
symbolize_keys
).
to
include
(
params
)
end
it
'sets rule_type as report_approver if name matches default name for security reports'
do
expect
do
post
api
(
url
,
current_user
),
params:
params
.
merge
(
name:
ApprovalProjectRule
::
DEFAULT_NAME_FOR_SECURITY_REPORT
)
end
.
to
change
{
ApprovalProjectRule
.
report_approver
.
count
}.
from
(
0
).
to
(
1
)
expect
(
response
).
to
have_gitlab_http_status
(
201
)
end
end
it_behaves_like
'an API endpoint for creating project approval rule'
end
describe
'PUT /projects/:id/approval_
setting
s/:approval_rule_id'
do
describe
'PUT /projects/:id/approval_
rule
s/:approval_rule_id'
do
let!
(
:approval_rule
)
{
create
(
:approval_project_rule
,
project:
project
)
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_settings/rules/
#{
approval_rule
.
id
}
"
}
shared_examples_for
'a user with access'
do
before
do
project
.
add_developer
(
approver
)
end
context
'when approver already exists'
do
before
do
approval_rule
.
users
<<
approver
approval_rule
.
groups
<<
group
end
context
'when sending json data'
do
it
'removes all approvers if empty params are given'
do
expect
do
put
api
(
url
,
current_user
),
params:
{
users:
[],
groups:
[]
}.
to_json
,
headers:
{
CONTENT_TYPE
:
'application/json'
}
end
.
to
change
{
approval_rule
.
users
.
count
+
approval_rule
.
groups
.
count
}.
from
(
2
).
to
(
0
)
expect
(
response
).
to
have_gitlab_http_status
(
200
)
end
end
end
it
'sets approvers'
do
expect
do
put
api
(
url
,
current_user
),
params:
{
users:
[
approver
.
id
]
}
end
.
to
change
{
approval_rule
.
users
.
count
}.
from
(
0
).
to
(
1
)
expect
(
approval_rule
.
users
).
to
contain_exactly
(
approver
)
expect
(
approval_rule
.
groups
).
to
be_empty
expect
(
response
).
to
have_gitlab_http_status
(
200
)
expect
(
json_response
[
'approvers'
][
0
][
'id'
]).
to
eq
(
approver
.
id
)
end
end
context
'as a project admin'
do
it_behaves_like
'a user with access'
do
let
(
:current_user
)
{
user
}
let
(
:visible_approver_groups_count
)
{
0
}
end
end
context
'as a global admin'
do
it_behaves_like
'a user with access'
do
let
(
:current_user
)
{
admin
}
let
(
:visible_approver_groups_count
)
{
1
}
end
end
context
'as a random user'
do
it
'returns 403'
do
project
.
approvers
.
create
(
user:
approver
)
let
(
:schema
)
{
'public_api/v4/project_approval_rule'
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_rules/
#{
approval_rule
.
id
}
"
}
expect
do
put
api
(
url
,
user2
),
params:
{
users:
[],
groups:
[]
}.
to_json
,
headers:
{
CONTENT_TYPE
:
'application/json'
}
end
.
not_to
change
{
approval_rule
.
approvers
.
size
}
expect
(
response
).
to
have_gitlab_http_status
(
403
)
end
end
it_behaves_like
'an API endpoint for updating project approval rule'
end
describe
'DELETE /projects/:id/approval_
settings/
rules/:approval_rule_id'
do
describe
'DELETE /projects/:id/approval_rules/:approval_rule_id'
do
let!
(
:approval_rule
)
{
create
(
:approval_project_rule
,
project:
project
)
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_settings/rules/
#{
approval_rule
.
id
}
"
}
it
'destroys'
do
delete
api
(
url
,
user
)
expect
(
ApprovalProjectRule
.
exists?
(
id:
approval_rule
.
id
)).
to
eq
(
false
)
expect
(
response
).
to
have_gitlab_http_status
(
204
)
end
context
'when approval rule not found'
do
let!
(
:approval_rule_2
)
{
create
(
:approval_project_rule
)
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_settings/
#{
approval_rule_2
.
id
}
"
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_rules/
#{
approval_rule
.
id
}
"
}
it
'returns not found'
do
delete
api
(
url
,
user
)
expect
(
response
).
to
have_gitlab_http_status
(
404
)
end
end
context
'when user is not eligible to delete'
do
it
'returns forbidden'
do
delete
api
(
url
,
user2
)
expect
(
response
).
to
have_gitlab_http_status
(
403
)
end
end
it_behaves_like
'an API endpoint for deleting project approval rule'
end
end
ee/spec/requests/api/project_approval_settings_spec.rb
0 → 100644
View file @
f2051d0c
# frozen_string_literal: true
require
'spec_helper'
describe
API
::
ProjectApprovalSettings
do
set
(
:group
)
{
create
(
:group_with_members
)
}
set
(
:user
)
{
create
(
:user
)
}
set
(
:user2
)
{
create
(
:user
)
}
set
(
:admin
)
{
create
(
:user
,
:admin
)
}
set
(
:project
)
{
create
(
:project
,
:public
,
:repository
,
creator:
user
,
namespace:
user
.
namespace
,
only_allow_merge_if_pipeline_succeeds:
false
)
}
set
(
:approver
)
{
create
(
:user
)
}
describe
'GET /projects/:id/approval_settings'
do
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_settings"
}
context
'when the request is correct'
do
let!
(
:rule
)
do
rule
=
create
(
:approval_project_rule
,
name:
'security'
,
project:
project
,
approvals_required:
7
)
rule
.
users
<<
approver
rule
end
let
(
:developer
)
do
user
=
create
(
:user
)
project
.
add_guest
(
user
)
user
end
it
'matches the response schema'
do
get
api
(
url
,
developer
)
expect
(
response
).
to
have_gitlab_http_status
(
200
)
expect
(
response
).
to
match_response_schema
(
'public_api/v4/project_approval_settings'
,
dir:
'ee'
)
json
=
json_response
expect
(
json
[
'rules'
].
size
).
to
eq
(
1
)
rule
=
json
[
'rules'
].
first
expect
(
rule
[
'approvals_required'
]).
to
eq
(
7
)
expect
(
rule
[
'name'
]).
to
eq
(
'security'
)
end
context
'private group filtering'
do
set
(
:private_group
)
{
create
:group
,
:private
}
before
do
rule
.
groups
<<
private_group
end
it
'excludes private groups if user has no access'
do
get
api
(
url
,
developer
)
json
=
json_response
rule
=
json
[
'rules'
].
first
expect
(
rule
[
'groups'
].
size
).
to
eq
(
0
)
end
it
'includes private groups if user has access'
do
private_group
.
add_owner
(
developer
)
get
api
(
url
,
developer
)
json
=
json_response
rule
=
json
[
'rules'
].
first
expect
(
rule
[
'groups'
].
size
).
to
eq
(
1
)
end
end
context
'report_approver rules'
do
let!
(
:report_approver_rule
)
do
create
(
:approval_project_rule
,
:security_report
,
project:
project
)
end
it
'includes report_approver rules'
do
get
api
(
url
,
developer
)
json
=
json_response
expect
(
json
[
'rules'
].
size
).
to
eq
(
2
)
expect
(
json
[
'rules'
].
map
{
|
rule
|
rule
[
'name'
]
}).
to
contain_exactly
(
rule
.
name
,
report_approver_rule
.
name
)
end
end
end
end
describe
'POST /projects/:id/approval_settings/rules'
do
let
(
:schema
)
{
'public_api/v4/project_approval_setting'
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_settings/rules"
}
it_behaves_like
'an API endpoint for creating project approval rule'
end
describe
'PUT /projects/:id/approval_settings/:approval_rule_id'
do
let!
(
:approval_rule
)
{
create
(
:approval_project_rule
,
project:
project
)
}
let
(
:schema
)
{
'public_api/v4/project_approval_setting'
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_settings/rules/
#{
approval_rule
.
id
}
"
}
it_behaves_like
'an API endpoint for updating project approval rule'
end
describe
'DELETE /projects/:id/approval_settings/rules/:approval_rule_id'
do
let!
(
:approval_rule
)
{
create
(
:approval_project_rule
,
project:
project
)
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_settings/rules/
#{
approval_rule
.
id
}
"
}
it_behaves_like
'an API endpoint for deleting project approval rule'
end
end
ee/spec/support/shared_examples/project_approval_rules_api_shared_examples.rb
0 → 100644
View file @
f2051d0c
# frozen_string_literal: true
shared_examples_for
'an API endpoint for creating project approval rule'
do
let
(
:current_user
)
{
user
}
let
(
:params
)
do
{
name:
'security'
,
approvals_required:
10
}
end
context
'when missing parameters'
do
it
'returns 400 status'
do
post
api
(
url
,
current_user
)
expect
(
response
).
to
have_gitlab_http_status
(
400
)
end
end
context
'when user is without access'
do
it
'returns 403'
do
post
api
(
url
,
user2
),
params:
params
expect
(
response
).
to
have_gitlab_http_status
(
403
)
end
end
context
'when the request is correct'
do
it
'returns 201 status'
do
post
api
(
url
,
current_user
),
params:
params
expect
(
response
).
to
have_gitlab_http_status
(
201
)
expect
(
response
).
to
match_response_schema
(
schema
,
dir:
'ee'
)
end
it
'changes settings properly'
do
create
(
:approval_project_rule
,
project:
project
,
approvals_required:
2
)
project
.
reset_approvals_on_push
=
false
project
.
disable_overriding_approvers_per_merge_request
=
true
project
.
save
post
api
(
url
,
current_user
),
params:
params
expect
(
json_response
.
symbolize_keys
).
to
include
(
params
)
end
it
'sets rule_type as report_approver if name matches default name for security reports'
do
expect
do
post
api
(
url
,
current_user
),
params:
params
.
merge
(
name:
ApprovalProjectRule
::
DEFAULT_NAME_FOR_SECURITY_REPORT
)
end
.
to
change
{
ApprovalProjectRule
.
report_approver
.
count
}.
from
(
0
).
to
(
1
)
expect
(
response
).
to
have_gitlab_http_status
(
201
)
end
end
end
shared_examples_for
'an API endpoint for updating project approval rule'
do
shared_examples_for
'a user with access'
do
before
do
project
.
add_developer
(
approver
)
end
context
'when approver already exists'
do
before
do
approval_rule
.
users
<<
approver
approval_rule
.
groups
<<
group
end
context
'when sending json data'
do
it
'removes all approvers if empty params are given'
do
expect
do
put
api
(
url
,
current_user
),
params:
{
users:
[],
groups:
[]
}.
to_json
,
headers:
{
CONTENT_TYPE
:
'application/json'
}
end
.
to
change
{
approval_rule
.
users
.
count
+
approval_rule
.
groups
.
count
}.
from
(
2
).
to
(
0
)
expect
(
response
).
to
have_gitlab_http_status
(
200
)
expect
(
response
).
to
match_response_schema
(
schema
,
dir:
'ee'
)
end
end
end
it
'sets approvers'
do
expect
do
put
api
(
url
,
current_user
),
params:
{
users:
[
approver
.
id
]
}
end
.
to
change
{
approval_rule
.
users
.
count
}.
from
(
0
).
to
(
1
)
expect
(
approval_rule
.
users
).
to
contain_exactly
(
approver
)
expect
(
approval_rule
.
groups
).
to
be_empty
expect
(
response
).
to
have_gitlab_http_status
(
200
)
end
end
context
'as a project admin'
do
it_behaves_like
'a user with access'
do
let
(
:current_user
)
{
user
}
let
(
:visible_approver_groups_count
)
{
0
}
end
end
context
'as a global admin'
do
it_behaves_like
'a user with access'
do
let
(
:current_user
)
{
admin
}
let
(
:visible_approver_groups_count
)
{
1
}
end
end
context
'as a random user'
do
it
'returns 403'
do
project
.
approvers
.
create
(
user:
approver
)
expect
do
put
api
(
url
,
user2
),
params:
{
users:
[],
groups:
[]
}.
to_json
,
headers:
{
CONTENT_TYPE
:
'application/json'
}
end
.
not_to
change
{
approval_rule
.
approvers
.
size
}
expect
(
response
).
to
have_gitlab_http_status
(
403
)
end
end
end
shared_examples_for
'an API endpoint for deleting project approval rule'
do
it
'destroys'
do
delete
api
(
url
,
user
)
expect
(
ApprovalProjectRule
.
exists?
(
id:
approval_rule
.
id
)).
to
eq
(
false
)
expect
(
response
).
to
have_gitlab_http_status
(
204
)
end
context
'when approval rule not found'
do
let!
(
:approval_rule_2
)
{
create
(
:approval_project_rule
)
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/approval_settings/
#{
approval_rule_2
.
id
}
"
}
it
'returns not found'
do
delete
api
(
url
,
user
)
expect
(
response
).
to
have_gitlab_http_status
(
404
)
end
end
context
'when user is not eligible to delete'
do
it
'returns forbidden'
do
delete
api
(
url
,
user2
)
expect
(
response
).
to
have_gitlab_http_status
(
403
)
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment