Fix API specs behaviour for invalid routing

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

4 files changed, 51 insertions, 20 deletions

diff --git a/CHANGELOG b/CHANGELOG
index 72e146f4f3f..aec47dd66f2 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -82,6 +82,7 @@ v 8.13.0 (unreleased)
   - Add Container Registry on/off status to Admin Area !6638 (the-undefined)
   - Grouped pipeline dropdown is a scrollable container
   - Fix a typo in doc/api/labels.md
+  - API: all unknown routing will be handled with 400 Bad Request
 
 v 8.12.5 (unreleased)
 
diff --git a/doc/api/README.md b/doc/api/README.md
index bbd5bcfb386..8004a00659c 100644
--- a/doc/api/README.md
+++ b/doc/api/README.md
@@ -355,6 +355,19 @@ follows:
 }
 ```
 
+## Bad request
+
+When you try to access API URL that does not exist you will receive 400 Bad Request. 
+
+```
+HTTP/1.1 400 Bad Request
+Content-Type: application/json
+{
+    "error": "400 Bad Request"
+}
+```
+
+
 ## Clients
 
 There are many unofficial GitLab API Clients for most of the popular
diff --git a/spec/requests/api/project_hooks_spec.rb b/spec/requests/api/project_hooks_spec.rb
index 765dc8a8f66..5d739802095 100644
--- a/spec/requests/api/project_hooks_spec.rb
+++ b/spec/requests/api/project_hooks_spec.rb
@@ -163,9 +163,10 @@ describe API::API, 'ProjectHooks', api: true do
       expect(response).to have_http_status(404)
     end
 
-    it "returns a 405 error if hook id not given" do
+    it "returns a 400 error if hook id not given" do
       delete api("/projects/#{project.id}/hooks", user)
-      expect(response).to have_http_status(405)
+
+      expect(response).to have_http_status(400)
     end
 
     it "returns a 404 if a user attempts to delete project hooks he/she does not own" do
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb
index c040000e8bb..9537b0ec83d 100644
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -92,6 +92,7 @@ describe API::API, api: true  do
 
     it "returns a 400 if invalid ID" do
       get api("/users/1ASDF", user)
+
       expect(response).to have_http_status(400)
     end
   end
@@ -340,8 +341,10 @@ describe API::API, api: true  do
       expect(json_response['message']).to eq('404 Not found')
     end
 
-    it "raises error for invalid ID" do
-      expect{put api("/users/ASDF", admin) }.to raise_error(ActionController::RoutingError)
+    it "returns a 400 if invalid ID" do
+      put api("/users/ASDF", admin)
+
+      expect(response).to have_http_status(400)
     end
 
     it 'returns 400 error if user does not validate' do
@@ -525,9 +528,10 @@ describe API::API, api: true  do
         expect(json_response.first['email']).to eq(email.email)
       end
 
-      it "raises error for invalid ID" do
+      it "returns a 400 for invalid ID" do
         put api("/users/ASDF/emails", admin)
-        expect(response).to have_http_status(405)
+
+        expect(response).to have_http_status(400)
       end
     end
   end
@@ -566,8 +570,10 @@ describe API::API, api: true  do
         expect(json_response['message']).to eq('404 Email Not Found')
       end
 
-      it "raises error for invalid ID" do
-        expect{delete api("/users/ASDF/emails/bar", admin) }.to raise_error(ActionController::RoutingError)
+      it "returns a 400 for invalid ID" do
+        delete api("/users/ASDF/emails/bar", admin)
+
+        expect(response).to have_http_status(400)
       end
     end
   end
@@ -600,8 +606,10 @@ describe API::API, api: true  do
       expect(json_response['message']).to eq('404 User Not Found')
     end
 
-    it "raises error for invalid ID" do
-      expect{delete api("/users/ASDF", admin) }.to raise_error(ActionController::RoutingError)
+    it "returns a 400 for invalid ID" do
+      delete api("/users/ASDF", admin)
+
+      expect(response).to have_http_status(400)
     end
   end
 
@@ -667,9 +675,10 @@ describe API::API, api: true  do
       expect(json_response['message']).to eq('404 Not found')
     end
 
-    it "returns 404 for invalid ID" do
+    it "returns 400 for invalid ID" do
       get api("/users/keys/ASDF", admin)
-      expect(response).to have_http_status(404)
+
+      expect(response).to have_http_status(400)
     end
   end
 
@@ -727,8 +736,10 @@ describe API::API, api: true  do
       expect(response).to have_http_status(401)
     end
 
-    it "raises error for invalid ID" do
-      expect{delete api("/users/keys/ASDF", admin) }.to raise_error(ActionController::RoutingError)
+    it "returns a 400 for invalid ID" do
+      delete api("/users/keys/ASDF", admin)
+
+      expect(response).to have_http_status(400)
     end
   end
 
@@ -776,9 +787,10 @@ describe API::API, api: true  do
       expect(json_response['message']).to eq('404 Not found')
     end
 
-    it "returns 404 for invalid ID" do
+    it "returns 400 for invalid ID" do
       get api("/users/emails/ASDF", admin)
-      expect(response).to have_http_status(404)
+
+      expect(response).to have_http_status(400)
     end
   end
 
@@ -825,8 +837,10 @@ describe API::API, api: true  do
       expect(response).to have_http_status(401)
     end
 
-    it "raises error for invalid ID" do
-      expect{delete api("/users/emails/ASDF", admin) }.to raise_error(ActionController::RoutingError)
+    it "returns a 400 for invalid ID" do
+      delete api("/users/emails/ASDF", admin)
+
+      expect(response).to have_http_status(400)
     end
   end
 
@@ -891,8 +905,10 @@ describe API::API, api: true  do
       expect(json_response['message']).to eq('404 User Not Found')
     end
 
-    it "raises error for invalid ID" do
-      expect{put api("/users/ASDF/block", admin) }.to raise_error(ActionController::RoutingError)
+    it "returns a 400 for invalid ID" do
+      put api("/users/ASDF/block", admin)
+
+      expect(response).to have_http_status(400)
     end
   end
 end