API: extracted helper method to validate required parameters, code clean up

Added a helper method to check if required parameters are given in an API call. Can be used
to return a `400 Bad Request` return code if a required attribute is missing.
Code clean up and fixed tests.
This commit is contained in:
Sebastian Ziebell 2013-02-27 17:50:30 +01:00
parent 43d7596030
commit 7499f65014
10 changed files with 35 additions and 42 deletions

View file

@ -368,7 +368,7 @@ Removes a hook from project. This is an idempotent method and can be called mult
Either the hook is available or not. Either the hook is available or not.
``` ```
DELETE /projects/:id/hooks/:hook_id DELETE /projects/:id/hooks/
``` ```
Parameters: Parameters:
@ -379,6 +379,7 @@ Parameters:
Return values: Return values:
+ `200 Ok` on succes + `200 Ok` on succes
+ `403 Forbidden` if user is not allowed to delete a hook
+ `404 Not Found` if the project can not be found + `404 Not Found` if the project can not be found
Note the JSON response differs if the hook is available or not. If the project hook Note the JSON response differs if the hook is available or not. If the project hook

View file

@ -29,9 +29,7 @@ module Gitlab
# POST /groups # POST /groups
post do post do
authenticated_as_admin! authenticated_as_admin!
required_attributes! [:name, :path]
bad_request!(:name) unless params[:name].present?
bad_request!(:path) unless params[:path].present?
attrs = attributes_for_keys [:name, :path] attrs = attributes_for_keys [:name, :path]
@group = Group.new(attrs) @group = Group.new(attrs)

View file

@ -41,6 +41,17 @@ module Gitlab
abilities.allowed?(object, action, subject) abilities.allowed?(object, action, subject)
end end
# Checks the occurrences of required attributes, each attribute must be present in the params hash
# or a Bad Request error is invoked.
#
# Parameters:
# keys (required) - A hash consisting of keys that must be present
def required_attributes!(keys)
keys.each do |key|
bad_request!(key) unless params[key].present?
end
end
def attributes_for_keys(keys) def attributes_for_keys(keys)
attrs = {} attrs = {}
keys.each do |key| keys.each do |key|

View file

@ -48,7 +48,7 @@ module Gitlab
# Example Request: # Example Request:
# POST /projects/:id/issues # POST /projects/:id/issues
post ":id/issues" do post ":id/issues" do
bad_request!(:title) unless params[:title].present? required_attributes! [:title]
attrs = attributes_for_keys [:title, :description, :assignee_id, :milestone_id] attrs = attributes_for_keys [:title, :description, :assignee_id, :milestone_id]
attrs[:label_list] = params[:labels] if params[:labels].present? attrs[:label_list] = params[:labels] if params[:labels].present?
@issue = user_project.issues.new attrs @issue = user_project.issues.new attrs

View file

@ -68,10 +68,7 @@ module Gitlab
# #
post ":id/merge_requests" do post ":id/merge_requests" do
authorize! :write_merge_request, user_project authorize! :write_merge_request, user_project
required_attributes! [:source_branch, :target_branch, :title]
bad_request!(:source_branch) unless params[:source_branch].present?
bad_request!(:target_branch) unless params[:target_branch].present?
bad_request!(:title) unless params[:title].present?
attrs = attributes_for_keys [:source_branch, :target_branch, :assignee_id, :title] attrs = attributes_for_keys [:source_branch, :target_branch, :assignee_id, :title]
merge_request = user_project.merge_requests.new(attrs) merge_request = user_project.merge_requests.new(attrs)
@ -125,7 +122,7 @@ module Gitlab
# POST /projects/:id/merge_request/:merge_request_id/comments # POST /projects/:id/merge_request/:merge_request_id/comments
# #
post ":id/merge_request/:merge_request_id/comments" do post ":id/merge_request/:merge_request_id/comments" do
bad_request!(:note) unless params[:note].present? required_attributes! [:note]
merge_request = user_project.merge_requests.find(params[:merge_request_id]) merge_request = user_project.merge_requests.find(params[:merge_request_id])
note = merge_request.notes.new(note: params[:note], project_id: user_project.id) note = merge_request.notes.new(note: params[:note], project_id: user_project.id)

View file

@ -41,8 +41,7 @@ module Gitlab
# POST /projects/:id/milestones # POST /projects/:id/milestones
post ":id/milestones" do post ":id/milestones" do
authorize! :admin_milestone, user_project authorize! :admin_milestone, user_project
required_attributes! [:title]
bad_request!(:title) unless params[:title].present?
attrs = attributes_for_keys [:title, :description, :due_date] attrs = attributes_for_keys [:title, :description, :due_date]
@milestone = user_project.milestones.new attrs @milestone = user_project.milestones.new attrs

View file

@ -37,7 +37,7 @@ module Gitlab
# Example Request: # Example Request:
# POST /projects/:id/notes # POST /projects/:id/notes
post ":id/notes" do post ":id/notes" do
bad_request!(:body) unless params[:body].present? required_attributes! [:body]
@note = user_project.notes.new(note: params[:body]) @note = user_project.notes.new(note: params[:body])
@note.author = current_user @note.author = current_user
@ -93,8 +93,7 @@ module Gitlab
# POST /projects/:id/issues/:noteable_id/notes # POST /projects/:id/issues/:noteable_id/notes
# POST /projects/:id/snippets/:noteable_id/notes # POST /projects/:id/snippets/:noteable_id/notes
post ":id/#{noteables_str}/:#{noteable_id_str}/notes" do post ":id/#{noteables_str}/:#{noteable_id_str}/notes" do
bad_request!(:"#{noteable_id_str}") unless params[:"#{noteable_id_str}"].present? required_attributes! [:"#{noteable_id_str}"]
bad_request!(:body) unless params[:body].present?
@noteable = user_project.send(:"#{noteables_str}").find(params[:"#{noteable_id_str}"]) @noteable = user_project.send(:"#{noteables_str}").find(params[:"#{noteable_id_str}"])
@note = @noteable.notes.new(note: params[:body]) @note = @noteable.notes.new(note: params[:body])

View file

@ -45,7 +45,7 @@ module Gitlab
# Example Request # Example Request
# POST /projects # POST /projects
post do post do
bad_request!(:name) if !params.has_key? :name required_attributes! [:name]
attrs = attributes_for_keys [:name, attrs = attributes_for_keys [:name,
:description, :description,
:default_branch, :default_branch,
@ -103,9 +103,7 @@ module Gitlab
# POST /projects/:id/members # POST /projects/:id/members
post ":id/members" do post ":id/members" do
authorize! :admin_project, user_project authorize! :admin_project, user_project
required_attributes! [:user_id, :access_level]
bad_request!(:user_id) if !params.has_key? :user_id
bad_request!(:access_level) if !params.has_key? :access_level
# either the user is already a team member or a new one # either the user is already a team member or a new one
team_member = user_project.team_member_by_id(params[:user_id]) team_member = user_project.team_member_by_id(params[:user_id])
@ -134,9 +132,9 @@ module Gitlab
# PUT /projects/:id/members/:user_id # PUT /projects/:id/members/:user_id
put ":id/members/:user_id" do put ":id/members/:user_id" do
authorize! :admin_project, user_project authorize! :admin_project, user_project
required_attributes! [:access_level]
team_member = user_project.users_projects.find_by_user_id(params[:user_id]) team_member = user_project.users_projects.find_by_user_id(params[:user_id])
bad_request!(:access_level) if !params.has_key? :access_level
not_found!("User can not be found") if team_member.nil? not_found!("User can not be found") if team_member.nil?
if team_member.update_attributes(project_access: params[:access_level]) if team_member.update_attributes(project_access: params[:access_level])
@ -199,8 +197,7 @@ module Gitlab
# POST /projects/:id/hooks # POST /projects/:id/hooks
post ":id/hooks" do post ":id/hooks" do
authorize! :admin_project, user_project authorize! :admin_project, user_project
required_attributes! [:url]
bad_request!(:url) unless params.has_key? :url
@hook = user_project.hooks.new({"url" => params[:url]}) @hook = user_project.hooks.new({"url" => params[:url]})
if @hook.save if @hook.save
@ -224,8 +221,7 @@ module Gitlab
put ":id/hooks/:hook_id" do put ":id/hooks/:hook_id" do
@hook = user_project.hooks.find(params[:hook_id]) @hook = user_project.hooks.find(params[:hook_id])
authorize! :admin_project, user_project authorize! :admin_project, user_project
required_attributes! [:url]
bad_request!(:url) unless params.has_key? :url
attrs = attributes_for_keys [:url] attrs = attributes_for_keys [:url]
if @hook.update_attributes attrs if @hook.update_attributes attrs
@ -245,9 +241,9 @@ module Gitlab
# hook_id (required) - The ID of hook to delete # hook_id (required) - The ID of hook to delete
# Example Request: # Example Request:
# DELETE /projects/:id/hooks/:hook_id # DELETE /projects/:id/hooks/:hook_id
delete ":id/hooks/:hook_id" do delete ":id/hooks" do
authorize! :admin_project, user_project authorize! :admin_project, user_project
bad_request!(:hook_id) unless params.has_key? :hook_id required_attributes! [:hook_id]
begin begin
@hook = ProjectHook.find(params[:hook_id]) @hook = ProjectHook.find(params[:hook_id])
@ -381,10 +377,7 @@ module Gitlab
# POST /projects/:id/snippets # POST /projects/:id/snippets
post ":id/snippets" do post ":id/snippets" do
authorize! :write_snippet, user_project authorize! :write_snippet, user_project
required_attributes! [:title, :file_name, :code]
bad_request!(:title) if !params[:title].present?
bad_request!(:file_name) if !params[:file_name].present?
bad_request!(:code) if !params[:code].present?
attrs = attributes_for_keys [:title, :file_name] attrs = attributes_for_keys [:title, :file_name]
attrs[:expires_at] = params[:lifetime] if params[:lifetime].present? attrs[:expires_at] = params[:lifetime] if params[:lifetime].present?
@ -464,8 +457,7 @@ module Gitlab
# GET /projects/:id/repository/commits/:sha/blob # GET /projects/:id/repository/commits/:sha/blob
get ":id/repository/commits/:sha/blob" do get ":id/repository/commits/:sha/blob" do
authorize! :download_code, user_project authorize! :download_code, user_project
required_attributes! [:filepath]
bad_request!(:filepath) if !params.has_key? :filepath
ref = params[:sha] ref = params[:sha]

View file

@ -41,11 +41,7 @@ module Gitlab
# POST /users # POST /users
post do post do
authenticated_as_admin! authenticated_as_admin!
required_attributes! [:email, :password, :name, :username]
bad_request!(:email) if !params.has_key? :email
bad_request!(:password) if !params.has_key? :password
bad_request!(:name) if !params.has_key? :name
bad_request!(:username) if !params.has_key? :username
attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio] attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio]
user = User.new attrs, as: :admin user = User.new attrs, as: :admin
@ -135,8 +131,7 @@ module Gitlab
# Example Request: # Example Request:
# POST /user/keys # POST /user/keys
post "keys" do post "keys" do
bad_request!(:title) unless params[:title].present? required_attributes! [:title, :key]
bad_request!(:key) unless params[:key].present?
attrs = attributes_for_keys [:title, :key] attrs = attributes_for_keys [:title, :key]
key = current_user.keys.new attrs key = current_user.keys.new attrs

View file

@ -424,10 +424,10 @@ describe Gitlab::API do
end end
end end
describe "DELETE /projects/:id/hooks/:hook_id" do describe "DELETE /projects/:id/hooks" do
it "should delete hook from project" do it "should delete hook from project" do
expect { expect {
delete api("/projects/#{project.id}/hooks/#{hook.id}", user) delete api("/projects/#{project.id}/hooks", user), hook_id: hook.id
}.to change {project.hooks.count}.by(-1) }.to change {project.hooks.count}.by(-1)
response.status.should == 200 response.status.should == 200
end end
@ -466,7 +466,8 @@ describe Gitlab::API do
response.status.should == 200 response.status.should == 200
json_response.should be_an Array json_response.should be_an Array
json_response.first['id'].should == project.repository.commit.id #json_response.first['id'].should == project.repository.commit.id
json_response.size.should == 1
end end
end end