Merge branch 'feature/api_hide_service_password' of gitlab.com:cernvcs/gitlab-cecernvcs_hide_passwrd

author: Valery Sizov <vsv2711@gmail.com> 2015-10-14 14:15:34 +0300
committer: Valery Sizov <vsv2711@gmail.com> 2015-10-14 14:15:34 +0300
commit: 4117d9b310cbcdc1967163273ad63495542046cb (patch)
tree: ba28553726f93f961044b82589cc90088f87749c /spec/requests
parent: 82da19cecd6390d2372bad36da0a9f89b21abb38 (diff)
parent: 024e34e94d973842cf02d9177e9ec52bd587ceee (diff)
download: gitlab-ce-4117d9b310cbcdc1967163273ad63495542046cb.tar.gz
1 files changed, 32 insertions, 1 deletions
diff --git a/spec/requests/api/services_spec.rb b/spec/requests/api/services_spec.rb
index 9aa60826f21..c0226605a23 100644
--- a/spec/requests/api/services_spec.rb
+++ b/spec/requests/api/services_spec.rb
@@ -3,6 +3,8 @@ require "spec_helper"
 describe API::API, api: true  do
   include ApiHelpers
   let(:user) { create(:user) }
+  let(:admin) { create(:admin) }
+  let(:user2) { create(:user) }
   let(:project) {create(:project, creator_id: user.id, namespace: user.namespace) }
 
   Service.available_services_names.each do |service|
@@ -51,11 +53,40 @@ describe API::API, api: true  do
     describe "GET /projects/:id/services/#{service.dasherize}" do
       include_context service
 
-      it "should get #{service} settings" do
+      # inject some properties into the service
+      before do
+        project.build_missing_services
+        service_object = project.send(service_method)
+        service_object.properties = service_attrs
+        service_object.save
+      end
+
+      it 'should return authentication error when unauthenticated' do
+        get api("/projects/#{project.id}/services/#{dashed_service}")
+        expect(response.status).to eq(401)
+      end
+      
+      it "should return all properties of service #{service} when authenticated as admin" do
+        get api("/projects/#{project.id}/services/#{dashed_service}", admin)
+        
+        expect(response.status).to eq(200)
+        expect(json_response['properties'].keys.map(&:to_sym)).to match_array(service_attrs_list.map)
+      end
+
+      it "should return properties of service #{service} other than passwords when authenticated as project owner" do
         get api("/projects/#{project.id}/services/#{dashed_service}", user)
 
         expect(response.status).to eq(200)
+        expect(json_response['properties'].keys.map(&:to_sym)).to match_array(service_attrs_list_without_passwords)
       end
+
+      it "should return error when authenticated but not a project owner" do
+        project.team << [user2, :developer]
+        get api("/projects/#{project.id}/services/#{dashed_service}", user2)
+        
+        expect(response.status).to eq(403)
+      end
+
     end
   end
 end
author	Valery Sizov <vsv2711@gmail.com>	2015-10-14 14:15:34 +0300
committer	Valery Sizov <vsv2711@gmail.com>	2015-10-14 14:15:34 +0300
commit	4117d9b310cbcdc1967163273ad63495542046cb (patch)
tree	ba28553726f93f961044b82589cc90088f87749c /spec/requests
parent	82da19cecd6390d2372bad36da0a9f89b21abb38 (diff)
parent	024e34e94d973842cf02d9177e9ec52bd587ceee (diff)
download	gitlab-ce-4117d9b310cbcdc1967163273ad63495542046cb.tar.gz