diff options
Diffstat (limited to 'spec/requests/api/v3')
22 files changed, 208 insertions, 123 deletions
diff --git a/spec/requests/api/v3/award_emoji_spec.rb b/spec/requests/api/v3/award_emoji_spec.rb index 9234710f488..681e8e04295 100644 --- a/spec/requests/api/v3/award_emoji_spec.rb +++ b/spec/requests/api/v3/award_emoji_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' describe API::V3::AwardEmoji do let(:user) { create(:user) } - let!(:project) { create(:empty_project) } + let!(:project) { create(:project) } let(:issue) { create(:issue, project: project) } let!(:award_emoji) { create(:award_emoji, awardable: issue, user: user) } let!(:merge_request) { create(:merge_request, source_project: project, target_project: project) } diff --git a/spec/requests/api/v3/boards_spec.rb b/spec/requests/api/v3/boards_spec.rb index 4d786331d1b..b86aab2ec70 100644 --- a/spec/requests/api/v3/boards_spec.rb +++ b/spec/requests/api/v3/boards_spec.rb @@ -4,7 +4,7 @@ describe API::V3::Boards do let(:user) { create(:user) } let(:guest) { create(:user) } let(:non_member) { create(:user) } - let!(:project) { create(:empty_project, :public, creator_id: user.id, namespace: user.namespace ) } + let!(:project) { create(:project, :public, creator_id: user.id, namespace: user.namespace ) } let!(:dev_label) do create(:label, title: 'Development', color: '#FFAABB', project: project) @@ -99,7 +99,7 @@ describe API::V3::Boards do context "when the user is project owner" do let(:owner) { create(:user) } - let(:project) { create(:empty_project, namespace: owner.namespace) } + let(:project) { create(:project, namespace: owner.namespace) } it "deletes the list if an admin requests it" do delete v3_api("#{base_url}/#{dev_list.id}", owner) diff --git a/spec/requests/api/v3/deploy_keys_spec.rb b/spec/requests/api/v3/deploy_keys_spec.rb index 94f4d93a8dc..13a62423b1d 100644 --- a/spec/requests/api/v3/deploy_keys_spec.rb +++ b/spec/requests/api/v3/deploy_keys_spec.rb @@ -3,8 +3,8 @@ require 'spec_helper' describe API::V3::DeployKeys do let(:user) { create(:user) } let(:admin) { create(:admin) } - let(:project) { create(:empty_project, creator_id: user.id) } - let(:project2) { create(:empty_project, creator_id: user.id) } + let(:project) { create(:project, creator_id: user.id) } + let(:project2) { create(:project, creator_id: user.id) } let(:deploy_key) { create(:deploy_key, public: true) } let!(:deploy_keys_project) do @@ -133,7 +133,7 @@ describe API::V3::DeployKeys do end describe "POST /projects/:id/#{path}/:key_id/enable" do - let(:project2) { create(:empty_project) } + let(:project2) { create(:project) } context 'when the user can admin the project' do it 'enables the key' do diff --git a/spec/requests/api/v3/environments_spec.rb b/spec/requests/api/v3/environments_spec.rb index 99f35723974..39264e819a3 100644 --- a/spec/requests/api/v3/environments_spec.rb +++ b/spec/requests/api/v3/environments_spec.rb @@ -3,7 +3,7 @@ require 'spec_helper' describe API::V3::Environments do let(:user) { create(:user) } let(:non_member) { create(:user) } - let(:project) { create(:empty_project, :private, namespace: user.namespace) } + let(:project) { create(:project, :private, namespace: user.namespace) } let!(:environment) { create(:environment, project: project) } before do diff --git a/spec/requests/api/v3/files_spec.rb b/spec/requests/api/v3/files_spec.rb index 378ca1720ff..4ffa5d1784e 100644 --- a/spec/requests/api/v3/files_spec.rb +++ b/spec/requests/api/v3/files_spec.rb @@ -74,7 +74,7 @@ describe API::V3::Files do context 'when unauthenticated', 'and project is public' do it_behaves_like 'repository files' do - let(:project) { create(:project, :public) } + let(:project) { create(:project, :public, :repository) } let(:current_user) { nil } end end @@ -126,8 +126,8 @@ describe API::V3::Files do end it "returns a 400 if editor fails to create file" do - allow_any_instance_of(Repository).to receive(:create_file). - and_raise(Repository::CommitError, 'Cannot create file') + allow_any_instance_of(Repository).to receive(:create_file) + .and_raise(Repository::CommitError, 'Cannot create file') post v3_api("/projects/#{project.id}/repository/files", user), valid_params diff --git a/spec/requests/api/v3/groups_spec.rb b/spec/requests/api/v3/groups_spec.rb index 98e8c954909..10756e494c3 100644 --- a/spec/requests/api/v3/groups_spec.rb +++ b/spec/requests/api/v3/groups_spec.rb @@ -9,9 +9,9 @@ describe API::V3::Groups do let(:admin) { create(:admin) } let!(:group1) { create(:group, avatar: File.open(uploaded_image_temp_path)) } let!(:group2) { create(:group, :private) } - let!(:project1) { create(:empty_project, namespace: group1) } - let!(:project2) { create(:empty_project, namespace: group2) } - let!(:project3) { create(:empty_project, namespace: group1, path: 'test', visibility_level: Gitlab::VisibilityLevel::PRIVATE) } + let!(:project1) { create(:project, namespace: group1) } + let!(:project2) { create(:project, namespace: group2) } + let!(:project3) { create(:project, namespace: group1, path: 'test', visibility_level: Gitlab::VisibilityLevel::PRIVATE) } before do group1.add_owner(user1) @@ -165,7 +165,7 @@ describe API::V3::Groups do describe "GET /groups/:id" do context "when authenticated as user" do it "returns one of user1's groups" do - project = create(:empty_project, namespace: group2, path: 'Foo') + project = create(:project, namespace: group2, path: 'Foo') create(:project_group_link, project: project, group: group1) get v3_api("/groups/#{group1.id}", user1) @@ -307,7 +307,7 @@ describe API::V3::Groups do end it 'filters the groups projects' do - public_project = create(:empty_project, :public, path: 'test1', group: group1) + public_project = create(:project, :public, path: 'test1', group: group1) get v3_api("/groups/#{group1.id}/projects", user1), visibility: 'public' @@ -501,12 +501,12 @@ describe API::V3::Groups do end describe "POST /groups/:id/projects/:project_id" do - let(:project) { create(:empty_project) } - let(:project_path) { "#{project.namespace.path}%2F#{project.path}" } + let(:project) { create(:project) } + let(:project_path) { CGI.escape(project.full_path) } before(:each) do - allow_any_instance_of(Projects::TransferService). - to receive(:execute).and_return(true) + allow_any_instance_of(Projects::TransferService) + .to receive(:execute).and_return(true) end context "when authenticated as user" do diff --git a/spec/requests/api/v3/issues_spec.rb b/spec/requests/api/v3/issues_spec.rb index cc81922697a..b092c863c8a 100644 --- a/spec/requests/api/v3/issues_spec.rb +++ b/spec/requests/api/v3/issues_spec.rb @@ -10,7 +10,7 @@ describe API::V3::Issues do let(:author) { create(:author) } let(:assignee) { create(:assignee) } let(:admin) { create(:user, :admin) } - let!(:project) { create(:empty_project, :public, creator_id: user.id, namespace: user.namespace ) } + let!(:project) { create(:project, :public, creator_id: user.id, namespace: user.namespace ) } let!(:closed_issue) do create :closed_issue, author: user, @@ -243,7 +243,7 @@ describe API::V3::Issues do describe "GET /groups/:id/issues" do let!(:group) { create(:group) } - let!(:group_project) { create(:empty_project, :public, creator_id: user.id, namespace: group) } + let!(:group_project) { create(:project, :public, creator_id: user.id, namespace: group) } let!(:group_closed_issue) do create :closed_issue, author: user, @@ -453,7 +453,7 @@ describe API::V3::Issues do end it "returns 404 on private projects for other users" do - private_project = create(:empty_project, :private) + private_project = create(:project, :private) create(:issue, project: private_project) get v3_api("/projects/#{private_project.id}/issues", non_member) @@ -462,7 +462,7 @@ describe API::V3::Issues do end it 'returns no issues when user has access to project but not issues' do - restricted_project = create(:empty_project, :public, issues_access_level: ProjectFeature::PRIVATE) + restricted_project = create(:project, :public, issues_access_level: ProjectFeature::PRIVATE) create(:issue, project: restricted_project) get v3_api("/projects/#{restricted_project.id}/issues", non_member) @@ -1114,7 +1114,7 @@ describe API::V3::Issues do put v3_api("/projects/#{project.id}/issues/#{closed_issue.id}", user), state_event: 'reopen' expect(response).to have_http_status(200) - expect(json_response['state']).to eq 'reopened' + expect(json_response['state']).to eq 'opened' end context 'when an admin or owner makes the request' do @@ -1172,7 +1172,7 @@ describe API::V3::Issues do context "when the user is project owner" do let(:owner) { create(:user) } - let(:project) { create(:empty_project, namespace: owner.namespace) } + let(:project) { create(:project, namespace: owner.namespace) } it "deletes the issue if an admin requests it" do delete v3_api("/projects/#{project.id}/issues/#{issue.id}", owner) @@ -1192,8 +1192,8 @@ describe API::V3::Issues do end describe '/projects/:id/issues/:issue_id/move' do - let!(:target_project) { create(:empty_project, path: 'project2', creator_id: user.id, namespace: user.namespace ) } - let!(:target_project2) { create(:empty_project, creator_id: non_member.id, namespace: non_member.namespace ) } + let!(:target_project) { create(:project, path: 'project2', creator_id: user.id, namespace: user.namespace ) } + let!(:target_project2) { create(:project, creator_id: non_member.id, namespace: non_member.namespace ) } it 'moves an issue' do post v3_api("/projects/#{project.id}/issues/#{issue.id}/move", user), diff --git a/spec/requests/api/v3/labels_spec.rb b/spec/requests/api/v3/labels_spec.rb index 62faa1cb129..32f37a08024 100644 --- a/spec/requests/api/v3/labels_spec.rb +++ b/spec/requests/api/v3/labels_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' describe API::V3::Labels do let(:user) { create(:user) } - let(:project) { create(:empty_project, creator_id: user.id, namespace: user.namespace) } + let(:project) { create(:project, creator_id: user.id, namespace: user.namespace) } let!(:label1) { create(:label, title: 'label1', project: project) } let!(:priority_label) { create(:label, title: 'bug', project: project, priority: 3) } diff --git a/spec/requests/api/v3/members_spec.rb b/spec/requests/api/v3/members_spec.rb index 623f02902b8..bc918a8eb02 100644 --- a/spec/requests/api/v3/members_spec.rb +++ b/spec/requests/api/v3/members_spec.rb @@ -7,7 +7,7 @@ describe API::V3::Members do let(:stranger) { create(:user) } let(:project) do - create(:empty_project, :public, :access_requestable, creator_id: master.id, namespace: master.namespace) do |project| + create(:project, :public, :access_requestable, creator_id: master.id, namespace: master.namespace) do |project| project.team << [developer, :developer] project.team << [master, :master] project.request_access(access_requester) diff --git a/spec/requests/api/v3/merge_requests_spec.rb b/spec/requests/api/v3/merge_requests_spec.rb index f6ff96be566..ef7516fc28f 100644 --- a/spec/requests/api/v3/merge_requests_spec.rb +++ b/spec/requests/api/v3/merge_requests_spec.rb @@ -312,8 +312,8 @@ describe API::MergeRequests do context 'forked projects' do let!(:user2) { create(:user) } - let!(:fork_project) { create(:empty_project, forked_from_project: project, namespace: user2.namespace, creator_id: user2.id) } - let!(:unrelated_project) { create(:empty_project, namespace: create(:user).namespace, creator_id: user2.id) } + let!(:fork_project) { create(:project, forked_from_project: project, namespace: user2.namespace, creator_id: user2.id) } + let!(:unrelated_project) { create(:project, namespace: create(:user).namespace, creator_id: user2.id) } before :each do |each| fork_project.team << [user2, :reporter] @@ -432,8 +432,8 @@ describe API::MergeRequests do end it "returns 406 if branch can't be merged" do - allow_any_instance_of(MergeRequest). - to receive(:can_be_merged?).and_return(false) + allow_any_instance_of(MergeRequest) + .to receive(:can_be_merged?).and_return(false) put v3_api("/projects/#{project.id}/merge_requests/#{merge_request.id}/merge", user) @@ -635,7 +635,7 @@ describe API::MergeRequests do end it 'handles external issues' do - jira_project = create(:jira_project, :public, name: 'JIR_EXT1') + jira_project = create(:jira_project, :public, :repository, name: 'JIR_EXT1') issue = ExternalIssue.new("#{jira_project.name}-123", jira_project) merge_request = create(:merge_request, :simple, author: user, assignee: user, source_project: jira_project) merge_request.update_attribute(:description, "Closes #{issue.to_reference(jira_project)}") @@ -650,7 +650,7 @@ describe API::MergeRequests do end it 'returns 403 if the user has no access to the merge request' do - project = create(:empty_project, :private) + project = create(:project, :private, :repository) merge_request = create(:merge_request, :simple, source_project: project) guest = create(:user) project.team << [guest, :guest] diff --git a/spec/requests/api/v3/milestones_spec.rb b/spec/requests/api/v3/milestones_spec.rb index f04efc990a7..feaa87faec7 100644 --- a/spec/requests/api/v3/milestones_spec.rb +++ b/spec/requests/api/v3/milestones_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' describe API::V3::Milestones do let(:user) { create(:user) } - let!(:project) { create(:empty_project, namespace: user.namespace ) } + let!(:project) { create(:project, namespace: user.namespace ) } let!(:closed_milestone) { create(:closed_milestone, project: project) } let!(:milestone) { create(:milestone, project: project) } @@ -194,7 +194,7 @@ describe API::V3::Milestones do end describe 'confidential issues' do - let(:public_project) { create(:empty_project, :public) } + let(:public_project) { create(:project, :public) } let(:milestone) { create(:milestone, project: public_project) } let(:issue) { create(:issue, project: public_project) } let(:confidential_issue) { create(:issue, confidential: true, project: public_project) } diff --git a/spec/requests/api/v3/notes_spec.rb b/spec/requests/api/v3/notes_spec.rb index 2bae4a60931..56729692eed 100644 --- a/spec/requests/api/v3/notes_spec.rb +++ b/spec/requests/api/v3/notes_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' describe API::V3::Notes do let(:user) { create(:user) } - let!(:project) { create(:empty_project, :public, namespace: user.namespace) } + let!(:project) { create(:project, :public, namespace: user.namespace) } let!(:issue) { create(:issue, project: project, author: user) } let!(:merge_request) { create(:merge_request, source_project: project, target_project: project, author: user) } let!(:snippet) { create(:project_snippet, project: project, author: user) } @@ -13,12 +13,12 @@ describe API::V3::Notes do # For testing the cross-reference of a private issue in a public issue let(:private_user) { create(:user) } let(:private_project) do - create(:empty_project, namespace: private_user.namespace). - tap { |p| p.team << [private_user, :master] } + create(:project, namespace: private_user.namespace) + .tap { |p| p.team << [private_user, :master] } end let(:private_issue) { create(:issue, project: private_project) } - let(:ext_proj) { create(:empty_project, :public) } + let(:ext_proj) { create(:project, :public) } let(:ext_issue) { create(:issue, project: ext_proj) } let!(:cross_reference_note) do @@ -268,7 +268,7 @@ describe API::V3::Notes do context 'when user does not have access to read the noteable' do it 'responds with 404' do - project = create(:empty_project, :private) { |p| p.add_guest(user) } + project = create(:project, :private) { |p| p.add_guest(user) } issue = create(:issue, :confidential, project: project) post v3_api("/projects/#{project.id}/issues/#{issue.id}/notes", user), @@ -279,7 +279,7 @@ describe API::V3::Notes do end context 'when user does not have access to create noteable' do - let(:private_issue) { create(:issue, project: create(:empty_project, :private)) } + let(:private_issue) { create(:issue, project: create(:project, :private)) } ## # We are posting to project user has access to, but we use issue id diff --git a/spec/requests/api/v3/project_hooks_spec.rb b/spec/requests/api/v3/project_hooks_spec.rb index 1969d1c7f2b..b0eddbb5dd2 100644 --- a/spec/requests/api/v3/project_hooks_spec.rb +++ b/spec/requests/api/v3/project_hooks_spec.rb @@ -87,7 +87,7 @@ describe API::ProjectHooks, 'ProjectHooks' do it "adds hook to project" do expect do post v3_api("/projects/#{project.id}/hooks", user), - url: "http://example.com", issues_events: true, wiki_page_events: true + url: "http://example.com", issues_events: true, wiki_page_events: true, build_events: true end.to change {project.hooks.count}.by(1) expect(response).to have_http_status(201) @@ -97,7 +97,7 @@ describe API::ProjectHooks, 'ProjectHooks' do expect(json_response['merge_requests_events']).to eq(false) expect(json_response['tag_push_events']).to eq(false) expect(json_response['note_events']).to eq(false) - expect(json_response['build_events']).to eq(false) + expect(json_response['build_events']).to eq(true) expect(json_response['pipeline_events']).to eq(false) expect(json_response['wiki_page_events']).to eq(true) expect(json_response['enable_ssl_verification']).to eq(true) @@ -135,7 +135,7 @@ describe API::ProjectHooks, 'ProjectHooks' do describe "PUT /projects/:id/hooks/:hook_id" do it "updates an existing project hook" do put v3_api("/projects/#{project.id}/hooks/#{hook.id}", user), - url: 'http://example.org', push_events: false + url: 'http://example.org', push_events: false, build_events: true expect(response).to have_http_status(200) expect(json_response['url']).to eq('http://example.org') expect(json_response['issues_events']).to eq(hook.issues_events) diff --git a/spec/requests/api/v3/project_snippets_spec.rb b/spec/requests/api/v3/project_snippets_spec.rb index 365e7365fda..758fb482374 100644 --- a/spec/requests/api/v3/project_snippets_spec.rb +++ b/spec/requests/api/v3/project_snippets_spec.rb @@ -1,7 +1,7 @@ require 'rails_helper' describe API::ProjectSnippets do - let(:project) { create(:empty_project, :public) } + let(:project) { create(:project, :public) } let(:user) { create(:user) } let(:admin) { create(:admin) } @@ -85,23 +85,23 @@ describe API::ProjectSnippets do context 'when the snippet is private' do it 'creates the snippet' do - expect { create_snippet(project, visibility_level: Snippet::PRIVATE) }. - to change { Snippet.count }.by(1) + expect { create_snippet(project, visibility_level: Snippet::PRIVATE) } + .to change { Snippet.count }.by(1) end end context 'when the snippet is public' do it 'rejects the shippet' do - expect { create_snippet(project, visibility_level: Snippet::PUBLIC) }. - not_to change { Snippet.count } + expect { create_snippet(project, visibility_level: Snippet::PUBLIC) } + .not_to change { Snippet.count } expect(response).to have_http_status(400) expect(json_response['message']).to eq({ "error" => "Spam detected" }) end it 'creates a spam log' do - expect { create_snippet(project, visibility_level: Snippet::PUBLIC) }. - to change { SpamLog.count }.by(1) + expect { create_snippet(project, visibility_level: Snippet::PUBLIC) } + .to change { SpamLog.count }.by(1) end end end @@ -147,8 +147,8 @@ describe API::ProjectSnippets do let(:visibility_level) { Snippet::PRIVATE } it 'creates the snippet' do - expect { update_snippet(title: 'Foo') }. - to change { snippet.reload.title }.to('Foo') + expect { update_snippet(title: 'Foo') } + .to change { snippet.reload.title }.to('Foo') end end @@ -156,13 +156,13 @@ describe API::ProjectSnippets do let(:visibility_level) { Snippet::PUBLIC } it 'rejects the snippet' do - expect { update_snippet(title: 'Foo') }. - not_to change { snippet.reload.title } + expect { update_snippet(title: 'Foo') } + .not_to change { snippet.reload.title } end it 'creates a spam log' do - expect { update_snippet(title: 'Foo') }. - to change { SpamLog.count }.by(1) + expect { update_snippet(title: 'Foo') } + .to change { SpamLog.count }.by(1) end end @@ -170,16 +170,16 @@ describe API::ProjectSnippets do let(:visibility_level) { Snippet::PRIVATE } it 'rejects the snippet' do - expect { update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC) }. - not_to change { snippet.reload.title } + expect { update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC) } + .not_to change { snippet.reload.title } expect(response).to have_http_status(400) expect(json_response['message']).to eq({ "error" => "Spam detected" }) end it 'creates a spam log' do - expect { update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC) }. - to change { SpamLog.count }.by(1) + expect { update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC) } + .to change { SpamLog.count }.by(1) end end end diff --git a/spec/requests/api/v3/projects_spec.rb b/spec/requests/api/v3/projects_spec.rb index 47cca4275af..c211cc20e53 100644 --- a/spec/requests/api/v3/projects_spec.rb +++ b/spec/requests/api/v3/projects_spec.rb @@ -7,8 +7,8 @@ describe API::V3::Projects do let(:user2) { create(:user) } let(:user3) { create(:user) } let(:admin) { create(:admin) } - let(:project) { create(:empty_project, creator_id: user.id, namespace: user.namespace) } - let(:project2) { create(:empty_project, path: 'project2', creator_id: user.id, namespace: user.namespace) } + let(:project) { create(:project, creator_id: user.id, namespace: user.namespace) } + let(:project2) { create(:project, path: 'project2', creator_id: user.id, namespace: user.namespace) } let(:snippet) { create(:project_snippet, :public, author: user, project: project, title: 'example') } let(:project_member) { create(:project_member, :developer, user: user3, project: project) } let(:user4) { create(:user) } @@ -31,7 +31,7 @@ describe API::V3::Projects do access_level: ProjectMember::MASTER) end let(:project4) do - create(:empty_project, + create(:project, name: 'third_project', path: 'third_project', creator_id: user4.id, @@ -124,6 +124,36 @@ describe API::V3::Projects do end end + context 'and using archived' do + let!(:archived_project) { create(:project, creator_id: user.id, namespace: user.namespace, archived: true) } + + it 'returns archived project' do + get v3_api('/projects?archived=true', user) + + expect(response).to have_http_status(200) + expect(json_response).to be_an Array + expect(json_response.length).to eq(1) + expect(json_response.first['id']).to eq(archived_project.id) + end + + it 'returns non-archived project' do + get v3_api('/projects?archived=false', user) + + expect(response).to have_http_status(200) + expect(json_response).to be_an Array + expect(json_response.length).to eq(1) + expect(json_response.first['id']).to eq(project.id) + end + + it 'returns all project' do + get v3_api('/projects', user) + + expect(response).to have_http_status(200) + expect(json_response).to be_an Array + expect(json_response.length).to eq(2) + end + end + context 'and using sorting' do before do project2 @@ -251,7 +281,7 @@ describe API::V3::Projects do end end - let!(:public_project) { create(:empty_project, :public) } + let!(:public_project) { create(:project, :public) } before do project project2 @@ -282,7 +312,7 @@ describe API::V3::Projects do end describe 'GET /projects/starred' do - let(:public_project) { create(:empty_project, :public) } + let(:public_project) { create(:project, :public) } before do project_member @@ -301,15 +331,15 @@ describe API::V3::Projects do context 'maximum number of projects reached' do it 'does not create new project and respond with 403' do allow_any_instance_of(User).to receive(:projects_limit_left).and_return(0) - expect { post v3_api('/projects', user2), name: 'foo' }. - to change {Project.count}.by(0) + expect { post v3_api('/projects', user2), name: 'foo' } + .to change {Project.count}.by(0) expect(response).to have_http_status(403) end end it 'creates new project without path but with name and returns 201' do - expect { post v3_api('/projects', user), name: 'Foo Project' }. - to change { Project.count }.by(1) + expect { post v3_api('/projects', user), name: 'Foo Project' } + .to change { Project.count }.by(1) expect(response).to have_http_status(201) project = Project.first @@ -319,8 +349,8 @@ describe API::V3::Projects do end it 'creates new project without name but with path and returns 201' do - expect { post v3_api('/projects', user), path: 'foo_project' }. - to change { Project.count }.by(1) + expect { post v3_api('/projects', user), path: 'foo_project' } + .to change { Project.count }.by(1) expect(response).to have_http_status(201) project = Project.first @@ -330,8 +360,8 @@ describe API::V3::Projects do end it 'creates new project name and path and returns 201' do - expect { post v3_api('/projects', user), path: 'foo-Project', name: 'Foo Project' }. - to change { Project.count }.by(1) + expect { post v3_api('/projects', user), path: 'foo-Project', name: 'Foo Project' } + .to change { Project.count }.by(1) expect(response).to have_http_status(201) project = Project.first @@ -489,8 +519,8 @@ describe API::V3::Projects do end it 'responds with 400 on failure and not project' do - expect { post v3_api("/projects/user/#{user.id}", admin) }. - not_to change { Project.count } + expect { post v3_api("/projects/user/#{user.id}", admin) } + .not_to change { Project.count } expect(response).to have_http_status(400) expect(json_response['error']).to eq('name is missing') @@ -607,7 +637,7 @@ describe API::V3::Projects do describe 'GET /projects/:id' do context 'when unauthenticated' do it 'returns the public projects' do - public_project = create(:empty_project, :public) + public_project = create(:project, :public) get v3_api("/projects/#{public_project.id}") @@ -688,9 +718,9 @@ describe API::V3::Projects do it 'handles users with dots' do dot_user = create(:user, username: 'dot.user') - project = create(:empty_project, creator_id: dot_user.id, namespace: dot_user.namespace) + project = create(:project, creator_id: dot_user.id, namespace: dot_user.namespace) - get v3_api("/projects/#{dot_user.namespace.name}%2F#{project.path}", dot_user) + get v3_api("/projects/#{CGI.escape(project.full_path)}", dot_user) expect(response).to have_http_status(200) expect(json_response['name']).to eq(project.name) end @@ -704,7 +734,8 @@ describe API::V3::Projects do 'name' => user.namespace.name, 'path' => user.namespace.path, 'kind' => user.namespace.kind, - 'full_path' => user.namespace.full_path + 'full_path' => user.namespace.full_path, + 'parent_id' => nil }) end @@ -716,8 +747,8 @@ describe API::V3::Projects do get v3_api("/projects", user) expect(response).to have_http_status(200) - expect(json_response.first['permissions']['project_access']['access_level']). - to eq(Gitlab::Access::MASTER) + expect(json_response.first['permissions']['project_access']['access_level']) + .to eq(Gitlab::Access::MASTER) expect(json_response.first['permissions']['group_access']).to be_nil end end @@ -728,14 +759,14 @@ describe API::V3::Projects do get v3_api("/projects/#{project.id}", user) expect(response).to have_http_status(200) - expect(json_response['permissions']['project_access']['access_level']). - to eq(Gitlab::Access::MASTER) + expect(json_response['permissions']['project_access']['access_level']) + .to eq(Gitlab::Access::MASTER) expect(json_response['permissions']['group_access']).to be_nil end end context 'group project' do - let(:project2) { create(:empty_project, group: create(:group)) } + let(:project2) { create(:project, group: create(:group)) } before { project2.group.add_owner(user) } @@ -744,8 +775,8 @@ describe API::V3::Projects do expect(response).to have_http_status(200) expect(json_response['permissions']['project_access']).to be_nil - expect(json_response['permissions']['group_access']['access_level']). - to eq(Gitlab::Access::OWNER) + expect(json_response['permissions']['group_access']['access_level']) + .to eq(Gitlab::Access::OWNER) end end end @@ -780,7 +811,7 @@ describe API::V3::Projects do context 'when unauthenticated' do it_behaves_like 'project events response' do - let(:project) { create(:empty_project, :public) } + let(:project) { create(:project, :public) } let(:current_user) { nil } end end @@ -830,7 +861,7 @@ describe API::V3::Projects do context 'when unauthenticated' do it_behaves_like 'project users response' do - let(:project) { create(:empty_project, :public) } + let(:project) { create(:project, :public) } let(:current_user) { nil } end end @@ -944,11 +975,11 @@ describe API::V3::Projects do end describe 'fork management' do - let(:project_fork_target) { create(:empty_project) } - let(:project_fork_source) { create(:empty_project, :public) } + let(:project_fork_target) { create(:project) } + let(:project_fork_source) { create(:project, :public) } describe 'POST /projects/:id/fork/:forked_from_id' do - let(:new_project_fork_source) { create(:empty_project, :public) } + let(:new_project_fork_source) { create(:project, :public) } it "is not available for non admin users" do post v3_api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", user) @@ -989,7 +1020,7 @@ describe API::V3::Projects do end context 'when users belong to project group' do - let(:project_fork_target) { create(:empty_project, group: create(:group)) } + let(:project_fork_target) { create(:project, group: create(:group)) } before do project_fork_target.group.add_owner user @@ -1109,16 +1140,16 @@ describe API::V3::Projects do describe 'GET /projects/search/:query' do let!(:query) { 'query'} - let!(:search) { create(:empty_project, name: query, creator_id: user.id, namespace: user.namespace) } - let!(:pre) { create(:empty_project, name: "pre_#{query}", creator_id: user.id, namespace: user.namespace) } - let!(:post) { create(:empty_project, name: "#{query}_post", creator_id: user.id, namespace: user.namespace) } - let!(:pre_post) { create(:empty_project, name: "pre_#{query}_post", creator_id: user.id, namespace: user.namespace) } - let!(:unfound) { create(:empty_project, name: 'unfound', creator_id: user.id, namespace: user.namespace) } - let!(:internal) { create(:empty_project, :internal, name: "internal #{query}") } - let!(:unfound_internal) { create(:empty_project, :internal, name: 'unfound internal') } - let!(:public) { create(:empty_project, :public, name: "public #{query}") } - let!(:unfound_public) { create(:empty_project, :public, name: 'unfound public') } - let!(:one_dot_two) { create(:empty_project, :public, name: "one.dot.two") } + let!(:search) { create(:project, name: query, creator_id: user.id, namespace: user.namespace) } + let!(:pre) { create(:project, name: "pre_#{query}", creator_id: user.id, namespace: user.namespace) } + let!(:post) { create(:project, name: "#{query}_post", creator_id: user.id, namespace: user.namespace) } + let!(:pre_post) { create(:project, name: "pre_#{query}_post", creator_id: user.id, namespace: user.namespace) } + let!(:unfound) { create(:project, name: 'unfound', creator_id: user.id, namespace: user.namespace) } + let!(:internal) { create(:project, :internal, name: "internal #{query}") } + let!(:unfound_internal) { create(:project, :internal, name: 'unfound internal') } + let!(:public) { create(:project, :public, name: "public #{query}") } + let!(:unfound_public) { create(:project, :public, name: 'unfound public') } + let!(:one_dot_two) { create(:project, :public, name: "one.dot.two") } shared_examples_for 'project search response' do |args = {}| it 'returns project search responses' do diff --git a/spec/requests/api/v3/runners_spec.rb b/spec/requests/api/v3/runners_spec.rb index dbda2cf34c3..78660afd840 100644 --- a/spec/requests/api/v3/runners_spec.rb +++ b/spec/requests/api/v3/runners_spec.rb @@ -5,8 +5,8 @@ describe API::V3::Runners do let(:user) { create(:user) } let(:user2) { create(:user) } - let(:project) { create(:empty_project, creator_id: user.id) } - let(:project2) { create(:empty_project, creator_id: user.id) } + let(:project) { create(:project, creator_id: user.id) } + let(:project2) { create(:project, creator_id: user.id) } let!(:shared_runner) { create(:ci_runner, :shared) } let!(:unused_specific_runner) { create(:ci_runner) } diff --git a/spec/requests/api/v3/services_spec.rb b/spec/requests/api/v3/services_spec.rb index 3ba62de822a..f0fa48e22df 100644 --- a/spec/requests/api/v3/services_spec.rb +++ b/spec/requests/api/v3/services_spec.rb @@ -2,7 +2,7 @@ require "spec_helper" describe API::V3::Services do let(:user) { create(:user) } - let(:project) { create(:empty_project, creator_id: user.id, namespace: user.namespace) } + let(:project) { create(:project, creator_id: user.id, namespace: user.namespace) } available_services = Service.available_services_names available_services.delete('prometheus') diff --git a/spec/requests/api/v3/settings_spec.rb b/spec/requests/api/v3/settings_spec.rb index 41d039b7da0..291f6dcc2aa 100644 --- a/spec/requests/api/v3/settings_spec.rb +++ b/spec/requests/api/v3/settings_spec.rb @@ -10,7 +10,7 @@ describe API::V3::Settings, 'Settings' do expect(response).to have_http_status(200) expect(json_response).to be_an Hash expect(json_response['default_projects_limit']).to eq(42) - expect(json_response['signin_enabled']).to be_truthy + expect(json_response['password_authentication_enabled']).to be_truthy expect(json_response['repository_storage']).to eq('default') expect(json_response['koding_enabled']).to be_falsey expect(json_response['koding_url']).to be_nil @@ -28,11 +28,11 @@ describe API::V3::Settings, 'Settings' do it "updates application settings" do put v3_api("/application/settings", admin), - default_projects_limit: 3, signin_enabled: false, repository_storage: 'custom', koding_enabled: true, koding_url: 'http://koding.example.com', + default_projects_limit: 3, password_authentication_enabled: false, repository_storage: 'custom', koding_enabled: true, koding_url: 'http://koding.example.com', plantuml_enabled: true, plantuml_url: 'http://plantuml.example.com' expect(response).to have_http_status(200) expect(json_response['default_projects_limit']).to eq(3) - expect(json_response['signin_enabled']).to be_falsey + expect(json_response['password_authentication_enabled']).to be_falsey expect(json_response['repository_storage']).to eq('custom') expect(json_response['repository_storages']).to eq(['custom']) expect(json_response['koding_enabled']).to be_truthy diff --git a/spec/requests/api/v3/snippets_spec.rb b/spec/requests/api/v3/snippets_spec.rb index 4f02b7b1a54..1bc2258ebd3 100644 --- a/spec/requests/api/v3/snippets_spec.rb +++ b/spec/requests/api/v3/snippets_spec.rb @@ -112,21 +112,21 @@ describe API::V3::Snippets do context 'when the snippet is private' do it 'creates the snippet' do - expect { create_snippet(visibility_level: Snippet::PRIVATE) }. - to change { Snippet.count }.by(1) + expect { create_snippet(visibility_level: Snippet::PRIVATE) } + .to change { Snippet.count }.by(1) end end context 'when the snippet is public' do it 'rejects the shippet' do - expect { create_snippet(visibility_level: Snippet::PUBLIC) }. - not_to change { Snippet.count } + expect { create_snippet(visibility_level: Snippet::PUBLIC) } + .not_to change { Snippet.count } expect(response).to have_http_status(400) end it 'creates a spam log' do - expect { create_snippet(visibility_level: Snippet::PUBLIC) }. - to change { SpamLog.count }.by(1) + expect { create_snippet(visibility_level: Snippet::PUBLIC) } + .to change { SpamLog.count }.by(1) end end end diff --git a/spec/requests/api/v3/todos_spec.rb b/spec/requests/api/v3/todos_spec.rb index 9c2c4d64257..8f5c3fbf8dd 100644 --- a/spec/requests/api/v3/todos_spec.rb +++ b/spec/requests/api/v3/todos_spec.rb @@ -1,8 +1,8 @@ require 'spec_helper' describe API::V3::Todos do - let(:project_1) { create(:empty_project) } - let(:project_2) { create(:empty_project) } + let(:project_1) { create(:project) } + let(:project_2) { create(:project) } let(:author_1) { create(:user) } let(:author_2) { create(:user) } let(:john_doe) { create(:user, username: 'john_doe') } diff --git a/spec/requests/api/v3/triggers_spec.rb b/spec/requests/api/v3/triggers_spec.rb index d3de6bf13bc..60212660fb6 100644 --- a/spec/requests/api/v3/triggers_spec.rb +++ b/spec/requests/api/v3/triggers_spec.rb @@ -52,7 +52,8 @@ describe API::V3::Triggers do it 'returns bad request with no builds created if there\'s no commit for that ref' do post v3_api("/projects/#{project.id}/trigger/builds"), options.merge(ref: 'other-branch') expect(response).to have_http_status(400) - expect(json_response['message']).to eq('No builds created') + expect(json_response['message']['base']) + .to contain_exactly('Reference not found') end context 'Validates variables' do diff --git a/spec/requests/api/v3/users_spec.rb b/spec/requests/api/v3/users_spec.rb index e9c57f7c6c3..bc0a4ab20a3 100644 --- a/spec/requests/api/v3/users_spec.rb +++ b/spec/requests/api/v3/users_spec.rb @@ -7,6 +7,38 @@ describe API::V3::Users do let(:email) { create(:email, user: user) } let(:ldap_blocked_user) { create(:omniauth_user, provider: 'ldapmain', state: 'ldap_blocked') } + describe 'GET /users' do + context 'when authenticated' do + it 'returns an array of users' do + get v3_api('/users', user) + + expect(response).to have_http_status(200) + expect(response).to include_pagination_headers + expect(json_response).to be_an Array + username = user.username + expect(json_response.detect do |user| + user['username'] == username + end['username']).to eq(username) + end + end + + context 'when authenticated as user' do + it 'does not reveal the `is_admin` flag of the user' do + get v3_api('/users', user) + + expect(json_response.first.keys).not_to include 'is_admin' + end + end + + context 'when authenticated as admin' do + it 'reveals the `is_admin` flag of the user' do + get v3_api('/users', admin) + + expect(json_response.first.keys).to include 'is_admin' + end + end + end + describe 'GET /user/:id/keys' do before { admin } @@ -35,6 +67,19 @@ describe API::V3::Users do expect(json_response.first['title']).to eq(key.title) end end + + context "scopes" do + let(:user) { admin } + let(:path) { "/users/#{user.id}/keys" } + let(:api_call) { method(:v3_api) } + + before do + user.keys << key + user.save + end + + include_examples 'allows the "read_user" scope' + end end describe 'GET /user/:id/emails' do @@ -187,7 +232,7 @@ describe API::V3::Users do describe 'GET /users/:id/events' do let(:user) { create(:user) } - let(:project) { create(:empty_project) } + let(:project) { create(:project) } let(:note) { create(:note_on_issue, note: 'What an awesome day!', project: project) } before do @@ -231,7 +276,7 @@ describe API::V3::Users do end context 'when there are multiple events from different projects' do - let(:second_note) { create(:note_on_issue, project: create(:empty_project)) } + let(:second_note) { create(:note_on_issue, project: create(:project)) } let(:third_note) { create(:note_on_issue, project: project) } before do @@ -255,7 +300,7 @@ describe API::V3::Users do end it 'returns a 404 error if not found' do - get v3_api('/users/42/events', user) + get v3_api('/users/420/events', user) expect(response).to have_http_status(404) expect(json_response['message']).to eq('404 User Not Found') @@ -280,5 +325,13 @@ describe API::V3::Users do expect(json_response['is_admin']).to be_nil end + + context "scopes" do + let(:user) { admin } + let(:path) { '/users' } + let(:api_call) { method(:v3_api) } + + include_examples 'does not allow the "read_user" scope' + end end end |