diff options
Diffstat (limited to 'spec/requests/api/issues_spec.rb')
-rw-r--r-- | spec/requests/api/issues_spec.rb | 87 |
1 files changed, 71 insertions, 16 deletions
diff --git a/spec/requests/api/issues_spec.rb b/spec/requests/api/issues_spec.rb index 7bae055b241..5c80dd98dc7 100644 --- a/spec/requests/api/issues_spec.rb +++ b/spec/requests/api/issues_spec.rb @@ -1,7 +1,8 @@ require 'spec_helper' -describe API::API, api: true do +describe API::Issues, api: true do include ApiHelpers + include EmailHelpers let(:user) { create(:user) } let(:user2) { create(:user) } @@ -71,13 +72,6 @@ describe API::API, api: true do expect(json_response.last).to have_key('web_url') end - it "adds pagination headers and keep query params" do - get api("/issues?state=closed&per_page=3", user) - expect(response.headers['Link']).to eq( - '<http://www.example.com/api/v3/issues?page=1&per_page=3&private_token=%s&state=closed>; rel="first", <http://www.example.com/api/v3/issues?page=1&per_page=3&private_token=%s&state=closed>; rel="last"' % [user.private_token, user.private_token] - ) - end - it 'returns an array of closed issues' do get api('/issues?state=closed', user) expect(response).to have_http_status(200) @@ -365,6 +359,24 @@ describe API::API, api: true do let(:base_url) { "/projects/#{project.id}" } let(:title) { milestone.title } + it "returns 404 on private projects for other users" do + private_project = create(:empty_project, :private) + create(:issue, project: private_project) + + get api("/projects/#{private_project.id}/issues", non_member) + + expect(response).to have_http_status(404) + end + + it 'returns no issues when user has access to project but not issues' do + restricted_project = create(:empty_project, :public, issues_access_level: ProjectFeature::PRIVATE) + create(:issue, project: restricted_project) + + get api("/projects/#{restricted_project.id}/issues", non_member) + + expect(json_response).to eq([]) + end + it 'returns project issues without confidential issues for non project members' do get api("#{base_url}/issues", non_member) expect(response).to have_http_status(200) @@ -630,9 +642,8 @@ describe API::API, api: true do post api("/projects/#{project.id}/issues", user), title: 'new issue', confidential: 'foo' - expect(response).to have_http_status(201) - expect(json_response['title']).to eq('new issue') - expect(json_response['confidential']).to be_falsy + expect(response).to have_http_status(400) + expect(json_response['error']).to eq('confidential is invalid') end it "sends notifications for subscribers of newly added labels" do @@ -673,6 +684,32 @@ describe API::API, api: true do ]) end + context 'resolving issues in a merge request' do + let(:discussion) { Discussion.for_diff_notes([create(:diff_note_on_merge_request)]).first } + let(:merge_request) { discussion.noteable } + let(:project) { merge_request.source_project } + before do + project.team << [user, :master] + post api("/projects/#{project.id}/issues", user), + title: 'New Issue', + merge_request_for_resolving_discussions: merge_request.iid + end + + it 'creates a new project issue' do + expect(response).to have_http_status(:created) + end + + it 'resolves the discussions in a merge request' do + discussion.first_note.reload + + expect(discussion.resolved?).to be(true) + end + + it 'assigns a description to the issue mentioning the merge request' do + expect(json_response['description']).to include(merge_request.to_reference) + end + end + context 'with due date' do it 'creates a new project issue' do due_date = 2.weeks.from_now.strftime('%Y-%m-%d') @@ -697,6 +734,14 @@ describe API::API, api: true do expect(Time.parse(json_response['created_at'])).to be_like_time(creation_time) end end + + context 'the user can only read the issue' do + it 'cannot create new labels' do + expect do + post api("/projects/#{project.id}/issues", non_member), title: 'new issue', labels: 'label, label2' + end.not_to change { project.labels.count } + end + end end describe 'POST /projects/:id/issues with spam filtering' do @@ -809,8 +854,8 @@ describe API::API, api: true do put api("/projects/#{project.id}/issues/#{confidential_issue.id}", user), confidential: 'foo' - expect(response).to have_http_status(200) - expect(json_response['confidential']).to be_truthy + expect(response).to have_http_status(400) + expect(json_response['error']).to eq('confidential is invalid') end end end @@ -839,8 +884,8 @@ describe API::API, api: true do end it 'removes all labels' do - put api("/projects/#{project.id}/issues/#{issue.id}", user), - labels: '' + put api("/projects/#{project.id}/issues/#{issue.id}", user), labels: '' + expect(response).to have_http_status(200) expect(json_response['labels']).to eq([]) end @@ -892,8 +937,8 @@ describe API::API, api: true do update_time = 2.weeks.ago put api("/projects/#{project.id}/issues/#{issue.id}", user), labels: 'label3', state_event: 'close', updated_at: update_time - expect(response).to have_http_status(200) + expect(response).to have_http_status(200) expect(json_response['labels']).to include 'label3' expect(Time.parse(json_response['updated_at'])).to be_like_time(update_time) end @@ -932,6 +977,14 @@ describe API::API, api: true do expect(json_response['state']).to eq 'opened' end end + + context 'when issue does not exist' do + it 'returns 404 when trying to move an issue' do + delete api("/projects/#{project.id}/issues/123", user) + + expect(response).to have_http_status(404) + end + end end describe '/projects/:id/issues/:issue_id/move' do @@ -980,6 +1033,7 @@ describe API::API, api: true do to_project_id: target_project.id expect(response).to have_http_status(404) + expect(json_response['message']).to eq('404 Issue Not Found') end end @@ -989,6 +1043,7 @@ describe API::API, api: true do to_project_id: target_project.id expect(response).to have_http_status(404) + expect(json_response['message']).to eq('404 Project Not Found') end end |