Add spec for Release API

Add spec for all release API - GET, POST, PUT, DELETE.
Also, fixes some minior bugs.

4 files changed, 87 insertions, 65 deletions

diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 98ae4f83ad2..7116ab2882b 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -1099,20 +1099,6 @@ module API
       expose :created_at
       expose :author, using: Entities::UserBasic, if: -> (release, _) { release.author.present? }
       expose :commit, using: Entities::Commit
-
-      expose :assets do
-        expose :assets_count, as: :count
-        expose :links
-        expose :sources do |release, _opts|
-          archive_path = "#{release.project.path}-#{release.tag.tr('/', '-')}"
-          release.sources_formats.map do |format|
-            {
-              format: format,
-              url: Gitlab::Routing.url_helpers.project_archive_url(release.project, id: File.join(release.tag, archive_path), format: format)
-            }
-          end
-        end
-      end
     end
 
     class Tag < Grape::Entity
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 742d3760533..c3eca713712 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -255,18 +255,6 @@ module API
       authorize! :update_build, user_project
     end
 
-    def authorize_create_release!
-      authorize! :create_release, user_project
-    end
-
-    def authorize_read_release!
-      authorize! :read_release, user_project
-    end
-
-    def authorize_update_release!
-      authorize! :update_release, user_project
-    end
-
     def require_gitlab_workhorse!
       unless env['HTTP_GITLAB_WORKHORSE'].present?
         forbidden!('Request should be executed via GitLab Workhorse')
diff --git a/lib/api/releases.rb b/lib/api/releases.rb
index fe226a5ec4c..37d06988e64 100644
--- a/lib/api/releases.rb
+++ b/lib/api/releases.rb
@@ -4,10 +4,11 @@ module API
   class Releases < Grape::API
     include PaginationParams
 
-    RELEASE_ENDPOINT_REQUIREMETS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS.merge(tag_name: API::NO_SLASH_URL_PART_REGEX)
+    RELEASE_ENDPOINT_REQUIREMETS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS
+      .merge(tag_name: API::NO_SLASH_URL_PART_REGEX)
 
     before { error!('404 Not Found', 404) unless Feature.enabled?(:releases_page, user_project) }
-    before { authorize_read_release! }
+    before { authorize_read_releases! }
 
     params do
       requires :id, type: String, desc: 'The ID of a project'
@@ -31,11 +32,10 @@ module API
         success Entities::Release
       end
       params do
-        requires :tag_name, type: String, desc: 'The name of the tag'
+        requires :tag_name, type: String, desc: 'The name of the tag', as: :tag
       end
       get ':id/releases/:tag_name', requirements: RELEASE_ENDPOINT_REQUIREMETS do
-        release = user_project.releases.find_by_tag(params[:tag_name])
-        not_found!('Release') unless release
+        authorize_read_release!
 
         present release, with: Entities::Release
       end
@@ -45,25 +45,22 @@ module API
         success Entities::Release
       end
       params do
-        requires :name,                type: String, desc: 'The name of the release'
-        requires :tag_name,            type: String, desc: 'The name of the tag', as: :tag
-        requires :description,         type: String, desc: 'The release notes'
-        optional :ref,                 type: String, desc: 'The commit sha or branch name'
+        requires :tag_name,    type: String, desc: 'The name of the tag', as: :tag
+        requires :name,        type: String, desc: 'The name of the release'
+        requires :description, type: String, desc: 'The release notes'
+        optional :ref,         type: String, desc: 'The commit sha or branch name'
       end
       post ':id/releases' do
         authorize_create_release!
 
-        attributes = declared(params)
-        ref = attributes.delete(:ref)
-        attributes.delete(:id)
-
-        result = ::CreateReleaseService.new(user_project, current_user, attributes)
-          .execute(ref)
+        result = ::Releases::CreateService
+          .new(user_project, current_user, declared_params(include_missing: false))
+          .execute
 
         if result[:status] == :success
           present result[:release], with: Entities::Release
         else
-          render_api_error!(result[:message], 400)
+          render_api_error!(result[:message], result[:http_status])
         end
       end
 
@@ -73,15 +70,15 @@ module API
       end
       params do
         requires :tag_name,    type: String, desc: 'The name of the tag', as: :tag
-        requires :name,        type: String, desc: 'The name of the release'
-        requires :description, type: String, desc: 'Release notes with markdown support'
+        optional :name,        type: String, desc: 'The name of the release'
+        optional :description, type: String, desc: 'Release notes with markdown support'
       end
       put ':id/releases/:tag_name', requirements: RELEASE_ENDPOINT_REQUIREMETS do
         authorize_update_release!
 
-        attributes = declared(params)
-        attributes.delete(:id)
-        result = UpdateReleaseService.new(user_project, current_user, attributes).execute
+        result = ::Releases::UpdateService
+          .new(user_project, current_user, declared_params(include_missing: false))
+          .execute
 
         if result[:status] == :success
           present result[:release], with: Entities::Release
@@ -98,11 +95,11 @@ module API
         requires :tag_name,    type: String, desc: 'The name of the tag', as: :tag
       end
       delete ':id/releases/:tag_name', requirements: RELEASE_ENDPOINT_REQUIREMETS do
-        authorize_update_release!
+        authorize_destroy_release!
 
-        attributes = declared(params)
-        attributes.delete(:id)
-        result = DeleteReleaseService.new(user_project, current_user, attributes).execute
+        result = ::Releases::DestroyService
+          .new(user_project, current_user, declared_params(include_missing: false))
+          .execute
 
         if result[:status] == :success
           present result[:release], with: Entities::Release
@@ -111,5 +108,31 @@ module API
         end
       end
     end
+
+    helpers do
+      def authorize_create_release!
+        authorize! :create_release, user_project
+      end
+
+      def authorize_read_releases!
+        authorize! :read_release, user_project
+      end
+
+      def authorize_read_release!
+        authorize! :read_release, release
+      end
+
+      def authorize_update_release!
+        authorize! :update_release, release
+      end
+
+      def authorize_destroy_release!
+        authorize! :destroy_release, release
+      end
+
+      def release
+        @release ||= user_project.releases.find_by_tag(params[:tag])
+      end
+    end
   end
 end
diff --git a/lib/api/tags.rb b/lib/api/tags.rb
index e1e9a7fbae5..aacdca3871a 100644
--- a/lib/api/tags.rb
+++ b/lib/api/tags.rb
@@ -60,10 +60,15 @@ module API
         if result[:status] == :success
           # Release creation with Tags API was deprecated in GitLab 11.7
           if params[:release_description].present?
-            CreateReleaseService.new(
-              user_project, current_user,
-              tag: params[:tag_name], description: params[:release_description]
-            ).execute
+            release_create_params = {
+              tag: params[:tag_name],
+              name: params[:tag_name], # Name can be specified in new API
+              description: params[:release_description]
+            }
+
+            ::Releases::CreateService
+              .new(user_project, current_user, release_create_params)
+              .execute
           end
 
           present result[:tag],
@@ -107,9 +112,18 @@ module API
       post ':id/repository/tags/:tag_name/release', requirements: TAG_ENDPOINT_REQUIREMENTS do
         authorize_create_release!
 
-        attributes = declared(params)
-        attributes.delete(:id)
-        result = CreateReleaseService.new(user_project, current_user, attributes)
+        ##
+        # Legacy API does not support tag auto creation.
+        not_found!('Tag') unless user_project.repository.find_tag(params[:tag])
+
+        release_create_params = {
+          tag: params[:tag],
+          name: params[:tag], # Name can be specified in new API
+          description: params[:description]
+        }
+
+        result = ::Releases::CreateService
+          .new(user_project, current_user, release_create_params)
           .execute
 
         if result[:status] == :success
@@ -124,18 +138,15 @@ module API
         success Entities::TagRelease
       end
       params do
-        requires :tag_name,    type: String, desc: 'The name of the tag'
+        requires :tag_name,    type: String, desc: 'The name of the tag', as: :tag
         requires :description, type: String, desc: 'Release notes with markdown support'
       end
       put ':id/repository/tags/:tag_name/release', requirements: TAG_ENDPOINT_REQUIREMENTS do
         authorize_update_release!
 
-        result = UpdateReleaseService.new(
-          user_project,
-          current_user,
-          tag: params[:tag_name],
-          description: params[:description]
-        ).execute
+        result = ::Releases::UpdateService
+          .new(user_project, current_user, declared_params(include_missing: false))
+          .execute
 
         if result[:status] == :success
           present result[:release], with: Entities::TagRelease
@@ -144,5 +155,19 @@ module API
         end
       end
     end
+
+    helpers do
+      def authorize_create_release!
+        authorize! :create_release, user_project
+      end
+
+      def authorize_update_release!
+        authorize! :update_release, release
+      end
+
+      def release
+        @release ||= user_project.releases.find_by_tag(params[:tag])
+      end
+    end
   end
 end