Merge branch 'master' into remove-forks-from-projects-settings

6 files changed, 193 insertions, 7 deletions

diff --git a/spec/requests/api/commit_status_spec.rb b/spec/requests/api/commit_status_spec.rb
new file mode 100644
index 00000000000..b9e6dfc15a7
--- /dev/null
+++ b/spec/requests/api/commit_status_spec.rb
@@ -0,0 +1,135 @@
+require 'spec_helper'
+
+describe API::API, api: true do
+  include ApiHelpers
+  let(:user) { create(:user) }
+  let(:user2) { create(:user) }
+  let!(:project) { create(:project, creator_id: user.id) }
+  let!(:reporter) { create(:project_member, user: user, project: project, access_level: ProjectMember::REPORTER) }
+  let!(:guest) { create(:project_member, user: user2, project: project, access_level: ProjectMember::GUEST) }
+  let(:commit) { project.repository.commit }
+  let!(:ci_commit) { project.ensure_ci_commit(commit.id) }
+  let(:commit_status) { create(:commit_status, commit: ci_commit) }
+
+  describe "GET /projects/:id/repository/commits/:sha/statuses" do
+    context "reporter user" do
+      let(:statuses_id) { json_response.map { |status| status['id'] } }
+
+      before do
+        @status1 = create(:commit_status, commit: ci_commit, status: 'running')
+        @status2 = create(:commit_status, commit: ci_commit, name: 'coverage', status: 'pending')
+        @status3 = create(:commit_status, commit: ci_commit, name: 'coverage', ref: 'develop', status: 'running')
+        @status4 = create(:commit_status, commit: ci_commit, name: 'coverage', status: 'success')
+        @status5 = create(:commit_status, commit: ci_commit, ref: 'develop', status: 'success')
+        @status6 = create(:commit_status, commit: ci_commit, status: 'success')
+      end
+
+      it "should return latest commit statuses" do
+        get api("/projects/#{project.id}/repository/commits/#{commit.id}/statuses", user)
+        expect(response.status).to eq(200)
+
+        expect(json_response).to be_an Array
+        expect(statuses_id).to contain_exactly(@status3.id, @status4.id, @status5.id, @status6.id)
+      end
+
+      it "should return all commit statuses" do
+        get api("/projects/#{project.id}/repository/commits/#{commit.id}/statuses?all=1", user)
+        expect(response.status).to eq(200)
+
+        expect(json_response).to be_an Array
+        expect(statuses_id).to contain_exactly(@status1.id, @status2.id, @status3.id, @status4.id, @status5.id, @status6.id)
+      end
+
+      it "should return latest commit statuses for specific ref" do
+        get api("/projects/#{project.id}/repository/commits/#{commit.id}/statuses?ref=develop", user)
+        expect(response.status).to eq(200)
+
+        expect(json_response).to be_an Array
+        expect(statuses_id).to contain_exactly(@status3.id, @status5.id)
+      end
+
+      it "should return latest commit statuses for specific name" do
+        get api("/projects/#{project.id}/repository/commits/#{commit.id}/statuses?name=coverage", user)
+        expect(response.status).to eq(200)
+
+        expect(json_response).to be_an Array
+        expect(statuses_id).to contain_exactly(@status3.id, @status4.id)
+      end
+    end
+
+    context "guest user" do
+      it "should not return project commits" do
+        get api("/projects/#{project.id}/repository/commits/#{commit.id}/statuses", user2)
+        expect(response.status).to eq(403)
+      end
+    end
+
+    context "unauthorized user" do
+      it "should not return project commits" do
+        get api("/projects/#{project.id}/repository/commits/#{commit.id}/statuses")
+        expect(response.status).to eq(401)
+      end
+    end
+  end
+
+  describe 'POST /projects/:id/statuses/:sha' do
+    let(:post_url) { "/projects/#{project.id}/statuses/#{commit.id}" }
+
+    context 'reporter user' do
+      context 'should create commit status' do
+        it 'with only required parameters' do
+          post api(post_url, user), state: 'success'
+          expect(response.status).to eq(201)
+          expect(json_response['sha']).to eq(commit.id)
+          expect(json_response['status']).to eq('success')
+          expect(json_response['name']).to eq('default')
+          expect(json_response['ref']).to be_nil
+          expect(json_response['target_url']).to be_nil
+          expect(json_response['description']).to be_nil
+        end
+
+        it 'with all optional parameters' do
+          post api(post_url, user), state: 'success', context: 'coverage', ref: 'develop', target_url: 'url', description: 'test'
+          expect(response.status).to eq(201)
+          expect(json_response['sha']).to eq(commit.id)
+          expect(json_response['status']).to eq('success')
+          expect(json_response['name']).to eq('coverage')
+          expect(json_response['ref']).to eq('develop')
+          expect(json_response['target_url']).to eq('url')
+          expect(json_response['description']).to eq('test')
+        end
+      end
+
+      context 'should not create commit status' do
+        it 'with invalid state' do
+          post api(post_url, user), state: 'invalid'
+          expect(response.status).to eq(400)
+        end
+
+        it 'without state' do
+          post api(post_url, user)
+          expect(response.status).to eq(400)
+        end
+
+        it 'invalid commit' do
+          post api("/projects/#{project.id}/statuses/invalid_sha", user), state: 'running'
+          expect(response.status).to eq(404)
+        end
+      end
+    end
+
+    context 'guest user' do
+      it 'should not create commit status' do
+        post api(post_url, user2)
+        expect(response.status).to eq(403)
+      end
+    end
+
+    context 'unauthorized user' do
+      it 'should not create commit status' do
+        post api(post_url)
+        expect(response.status).to eq(401)
+      end
+    end
+  end
+end
diff --git a/spec/requests/api/commits_spec.rb b/spec/requests/api/commits_spec.rb
index a1c248c636e..49acc3368f4 100644
--- a/spec/requests/api/commits_spec.rb
+++ b/spec/requests/api/commits_spec.rb
@@ -47,6 +47,19 @@ describe API::API, api: true  do
         get api("/projects/#{project.id}/repository/commits/invalid_sha", user)
         expect(response.status).to eq(404)
       end
+
+      it "should return not_found for CI status" do
+        get api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}", user)
+        expect(response.status).to eq(200)
+        expect(json_response['status']).to eq('not_found')
+      end
+
+      it "should return status for CI" do
+        ci_commit = project.ensure_ci_commit(project.repository.commit.sha)
+        get api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}", user)
+        expect(response.status).to eq(200)
+        expect(json_response['status']).to eq(ci_commit.status)
+      end
     end
 
     context "unauthorized user" do
diff --git a/spec/requests/api/merge_requests_spec.rb b/spec/requests/api/merge_requests_spec.rb
index 35b3d3e296a..a68c7b1e461 100644
--- a/spec/requests/api/merge_requests_spec.rb
+++ b/spec/requests/api/merge_requests_spec.rb
@@ -379,9 +379,14 @@ describe API::API, api: true  do
 
   describe "POST /projects/:id/merge_request/:merge_request_id/comments" do
     it "should return comment" do
+      original_count = merge_request.notes.size
+
       post api("/projects/#{project.id}/merge_request/#{merge_request.id}/comments", user), note: "My comment"
       expect(response.status).to eq(201)
       expect(json_response['note']).to eq('My comment')
+      expect(json_response['author']['name']).to eq(user.name)
+      expect(json_response['author']['username']).to eq(user.username)
+      expect(merge_request.notes.size).to eq(original_count + 1)
     end
 
     it "should return 400 if note is missing" do
diff --git a/spec/requests/api/repositories_spec.rb b/spec/requests/api/repositories_spec.rb
index 09a79553f72..1149f7e7989 100644
--- a/spec/requests/api/repositories_spec.rb
+++ b/spec/requests/api/repositories_spec.rb
@@ -166,24 +166,21 @@ describe API::API, api: true  do
       get api("/projects/#{project.id}/repository/archive", user)
       repo_name = project.repository.name.gsub("\.git", "")
       expect(response.status).to eq(200)
-      expect(response.headers['Content-Disposition']).to match(/filename\=\"#{repo_name}\-[^\.]+\.tar.gz\"/)
-      expect(response.content_type).to eq(MIME::Types.type_for('file.tar.gz').first.content_type)
+      expect(json_response['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.tar.gz/)
     end
 
     it "should get the archive.zip" do
       get api("/projects/#{project.id}/repository/archive.zip", user)
       repo_name = project.repository.name.gsub("\.git", "")
       expect(response.status).to eq(200)
-      expect(response.headers['Content-Disposition']).to match(/filename\=\"#{repo_name}\-[^\.]+\.zip\"/)
-      expect(response.content_type).to eq(MIME::Types.type_for('file.zip').first.content_type)
+      expect(json_response['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.zip/)
     end
 
     it "should get the archive.tar.bz2" do
       get api("/projects/#{project.id}/repository/archive.tar.bz2", user)
       repo_name = project.repository.name.gsub("\.git", "")
       expect(response.status).to eq(200)
-      expect(response.headers['Content-Disposition']).to match(/filename\=\"#{repo_name}\-[^\.]+\.tar.bz2\"/)
-      expect(response.content_type).to eq(MIME::Types.type_for('file.tar.bz2').first.content_type)
+      expect(json_response['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.tar.bz2/)
     end
 
     it "should return 404 for invalid sha" do
diff --git a/spec/requests/api/services_spec.rb b/spec/requests/api/services_spec.rb
index 9aa60826f21..c0226605a23 100644
--- a/spec/requests/api/services_spec.rb
+++ b/spec/requests/api/services_spec.rb
@@ -3,6 +3,8 @@ require "spec_helper"
 describe API::API, api: true  do
   include ApiHelpers
   let(:user) { create(:user) }
+  let(:admin) { create(:admin) }
+  let(:user2) { create(:user) }
   let(:project) {create(:project, creator_id: user.id, namespace: user.namespace) }
 
   Service.available_services_names.each do |service|
@@ -51,11 +53,40 @@ describe API::API, api: true  do
     describe "GET /projects/:id/services/#{service.dasherize}" do
       include_context service
 
-      it "should get #{service} settings" do
+      # inject some properties into the service
+      before do
+        project.build_missing_services
+        service_object = project.send(service_method)
+        service_object.properties = service_attrs
+        service_object.save
+      end
+
+      it 'should return authentication error when unauthenticated' do
+        get api("/projects/#{project.id}/services/#{dashed_service}")
+        expect(response.status).to eq(401)
+      end
+      
+      it "should return all properties of service #{service} when authenticated as admin" do
+        get api("/projects/#{project.id}/services/#{dashed_service}", admin)
+        
+        expect(response.status).to eq(200)
+        expect(json_response['properties'].keys.map(&:to_sym)).to match_array(service_attrs_list.map)
+      end
+
+      it "should return properties of service #{service} other than passwords when authenticated as project owner" do
         get api("/projects/#{project.id}/services/#{dashed_service}", user)
 
         expect(response.status).to eq(200)
+        expect(json_response['properties'].keys.map(&:to_sym)).to match_array(service_attrs_list_without_passwords)
       end
+
+      it "should return error when authenticated but not a project owner" do
+        project.team << [user2, :developer]
+        get api("/projects/#{project.id}/services/#{dashed_service}", user2)
+        
+        expect(response.status).to eq(403)
+      end
+
     end
   end
 end
diff --git a/spec/requests/ci/api/builds_spec.rb b/spec/requests/ci/api/builds_spec.rb
index 54c1d0199f6..88218a93e1f 100644
--- a/spec/requests/ci/api/builds_spec.rb
+++ b/spec/requests/ci/api/builds_spec.rb
@@ -76,6 +76,8 @@ describe Ci::API::API do
 
         expect(response.status).to eq(201)
         expect(json_response["variables"]).to eq([
+          { "key" => "CI_BUILD_NAME", "value" => "spinach", "public" => true },
+          { "key" => "CI_BUILD_STAGE", "value" => "test", "public" => true },
           { "key" => "DB_NAME", "value" => "postgres", "public" => true },
           { "key" => "SECRET_KEY", "value" => "secret_value", "public" => false },
         ])
@@ -93,6 +95,9 @@ describe Ci::API::API do
 
         expect(response.status).to eq(201)
         expect(json_response["variables"]).to eq([
+          { "key" => "CI_BUILD_NAME", "value" => "spinach", "public" => true },
+          { "key" => "CI_BUILD_STAGE", "value" => "test", "public" => true },
+          { "key" => "CI_BUILD_TRIGGERED", "value" => "true", "public" => true },
           { "key" => "DB_NAME", "value" => "postgres", "public" => true },
           { "key" => "SECRET_KEY", "value" => "secret_value", "public" => false },
           { "key" => "TRIGGER_KEY", "value" => "TRIGGER_VALUE", "public" => false },