Commit graph

186 commits

Author SHA1 Message Date
Sebastian Ziebell e9d3b96595 API: fixes visibility of project hook
When a user is not authorized to see the list of hooks for a project, he is
still able to access the hooks separately. For example if access to
`GET /projects/:id/hooks` fails and returns a `403 Unauthorized` error it is
still possible to access a hook directly via `GET /projects/:id/hooks/:hook_id`.

Fixes access, also added tests to check access and status codes of hooks.
2013-02-16 14:42:49 +01:00
Dmitriy Zaporozhets b729728536 uppercase Gitlab version and revision constants. check api return gitlab version now 2013-02-16 14:42:22 +02:00
livedata bbd1bfd155 fixed API access to the project 2013-02-15 15:37:06 +01:00
Sebastian Ziebell c305eb31aa API: tests that check status codes for project branches and hooks
Status code 422 (Unprocessable Entity) returned if invalid url is given when creating
or updating a project hook.
2013-02-14 16:55:33 +01:00
Sebastian Ziebell 6df02adc7a API: status code 403 returned if new project would exceed limit
When the project limit is reached the user is not allowed to create new ones.
Instead of error code 404 the status code 403 (Forbidden) is returned with error
message via API.
2013-02-14 15:51:56 +01:00
Sebastian Ziebell 6fc3263e15 API: extracted helper method to provide 400 bad request error with description
Extracted a method for 400 error (Bad request) and adjusted code accordingly. The name of
the missing attribute is used to show which one was missing from the request. It is used to
give an appropriate message in the json response.
2013-02-13 15:48:52 +01:00
Sebastian Ziebell 54ab9bb6df API: return status code 400 if filepath of raw file blob not given 2013-02-13 14:47:59 +01:00
Sebastian Ziebell fd01f3aacd API: fixes a few return codes for project snippets
When using project snippets via API the functions now provide status codes for
different situations other then only returning 404 error. If required parameters are missing,
e.g. `title` when creating a project snippet a 400 (Bad request) error is returned. The snippet
delete function now is idempotent and returns a 200 (Ok) regardless if the snippet with the
given id is available or not. Changing return codes of these functions has the advantage that
the 404 error is used only for resources, which are not available.

Tests added to check these status codes when handling project snippets.
2013-02-13 12:09:16 +01:00
Sebastian Ziebell 375caeefcf Merge branch 'master' into fixes/api 2013-02-13 10:31:06 +01:00
Sebastian Ziebell 7cc4339f71 API: changed status codes for project hooks functions
Different status codes in the API lib are returned on hook creation, update or deletion.
If a required parameter is not given (e.g. `url` in `/projects/:id/hooks/:hook_id`) status
code 400 (Bad request) is returned. On hook deletion a 200 status code is returned, regardless if
the hook is present or not. This makes the DELETE function an idempotent operation. Appropriate tests
are added to check these status codes.
2013-02-12 17:44:42 +01:00
Sebastian Ziebell 2bd955961c Changed function to not_found.
Instead of using funtion `error!` the function `not_found!` is used to return 404 error. Adjusted documentation accordingly.
2013-02-09 21:01:17 +01:00
Sebastian Ziebell 40e7846f3e Status code 404 returned when retrieving non existent branch (issue #2922)
Accessing a repository branch that does not exist returns a 404 error instead
of 200 now. Added a test.
2013-02-08 17:04:08 +01:00
Sebastian Ziebell 9544f90389 Adding a project hook returns status code 400 if url is not given
When adding a project hook a url must be specified or a 400 error code is returned

* Specs added to check status code on handling project hooks
* refactored code, extracted a method
2013-02-08 16:48:05 +01:00
Sebastian Ziebell 818caf0b5d API: refined status code handling when adding or updating a project member
When a user is added to a project that is already a member of, a status code 201 is now returned to
signal an idempotent operation. If something fails then instead of returning error code 404 different
more specific error codes are returned. Status code 400 (Bad request) is returned when a required
attribute, e.g. `access_level` is not given or 422 if there is a semantic error, e.g. should
the `access_level` have an unsupported value.

Specs are added to check these status codes.
2013-02-08 14:33:29 +01:00
Sebastian Ziebell 8045a81bcf Merge branch 'master' into fixes/api 2013-02-08 10:32:42 +01:00
Dmitriy Zaporozhets 4e1757bfda Merge branch 'gitlab-shell' of dev.gitlabhq.com:gitlab/gitlabhq 2013-02-07 08:26:39 +00:00
Dmitriy Zaporozhets 8ae1d812dc deploy keys support for gitlab-shell api 2013-02-07 09:56:13 +02:00
Sebastian Ziebell bb24275f8d Status code 400 is returned if body is missing on note creation.
If a note is created with a POST request via API (`/projects/:id/notes`) status
code 400 is returned instead of 404. The resource itself exists but the request
is incomplete. Specs added to check different status codes when accessing, creating
and updating notes.
2013-02-06 17:11:00 +01:00
Sebastian Ziebell 5be0265fe7 Status code 400 returned if title not given in a milestone (via API)
If a milestone is created via API but no title given then status code 400 (Bad request)
is returned instead of 404. A small helper method handles the errors collection of a
milestone.
2013-02-06 17:10:29 +01:00
Sebastian Ziebell f978a71f41 Creating MR comment without a note returns status code 400 (Bad request)
Creating a comment to an existing merge request via API without providing a note
returns a status code 400 now, suggesting a bad request. The reason for this
is the resource itself (MR) exists but the required property is not set.
2013-02-06 17:02:30 +01:00
Sebastian Ziebell 3f4e215c80 Extracted helper method to avoid code duplication 2013-02-06 17:02:30 +01:00
Sebastian Ziebell 413952ff94 Creating or updating a MR returns more informative status codes.
Using the API library to create or update a merge request at the moment a 404 error is returned.
This is fine when the merge request in question does not exist, but does not provide good
information that for example a required attribute is missing.
A status code of 400 (Bad request) is returned when creating or updating a merge request
when either `source_branch` or `target_branch` is missing. A status code of 409 is returned
when `source_branch` and `target_branch` are the same. Tests are added for these cases.
2013-02-06 16:57:00 +01:00
Dmitriy Zaporozhets bd3288e320 api check call 2013-02-05 15:55:49 +02:00
Dmitriy Zaporozhets 70e3bffd95 Fixed: post-receive, project remove, tests 2013-02-05 12:47:50 +02:00
Dmitriy Zaporozhets 935b6ae653 Internal API 2013-02-04 17:53:43 +02:00
Christian Simon 33c48ecd35 Code deduplication using inheritance for GroupDetail 2013-02-03 19:38:33 +01:00
Christian Simon 149ccd5d91 Fix groups api: differ between users and admin 2013-02-01 15:00:12 +01:00
Felix Gilcher ce6436b98a Don't crash when removing a user that's not project member
The attempt to revoke project access for a user that was not member of the
project results in a 500 Internal Server error where it actually should
result in a 200 OK since after the operation, the user is not member of
the project. This turns the operation into an idempotent call that can
be repeated with no ill effects.

Updated the spec and changed the code accordingly. However, the result differs
slightly, as we can't return the users project access level if the user was not
member. I'm not aware if anybody relies on the result of this call.

Fixes #2832
2013-02-01 13:53:35 +00:00
Christian Simon 8edc6b6a8c Add api for creating/listing/viewing groups 2013-02-01 12:11:19 +01:00
Dmitriy Zaporozhets 5857a7a9ce Merge pull request #2839 from m4tthumphrey/protected-branches-api
Added methods to protect and unprotect branches in from the API
2013-01-31 10:44:20 -08:00
Dmitriy Zaporozhets fd1b9fdc12 Merge branch 'extend_user_api' of https://github.com/bladealslayer/gitlabhq into bladealslayer-extend_user_api
Conflicts:
	spec/requests/api/users_spec.rb
2013-01-31 13:00:50 +02:00
Matt Humphrey 2c7554e897 Added methods to protect and unprotect branches 2013-01-31 09:26:03 +00:00
Dmitriy Zaporozhets 193a5624b2 add path and path_with_namespace to api project entity 2013-01-31 09:11:35 +02:00
Micah Huff 1694dc8fe2 Expose MergeRequest object as a notable in the API to allow for easy retrieval of comments 2013-01-29 21:15:13 -08:00
Dmitriy Zaporozhets 6f05ea4f6e Improve CreateContext call. Fixed test 2013-01-18 20:21:13 +02:00
GitLab 232d61d598 Refactor project creation. Added logout link to profile page 2013-01-17 17:35:57 +02:00
Dmitriy Zaporozhets 4c93d77f24 Merge pull request #2460 from calmh/expose-namespace
'namespace' should be exposed via the API
2013-01-16 05:05:45 -08:00
Dmitriy Zaporozhets afbdbb0c95 Rspec fixes 2013-01-04 18:50:31 +02:00
Jakob Borg 0f07922f19 'namespace' should be exposed via the API
Since it's now an integral part of the project name, it should be
visible via the API.
2013-01-02 21:31:20 +01:00
Dmitriy Zaporozhets 67896ea9a2 Fixed missing current user for issue observer 2013-01-02 20:25:25 +02:00
Dmitriy Zaporozhets d431e43392 Fix few bugs and tests after refactoring ownership logic 2013-01-02 19:32:34 +02:00
Riyad Preukschas 056fa05b86 Remove path parameter from projects API 2012-12-22 20:06:18 +01:00
Riyad Preukschas 8f01190eb5 Remove all references tp the project code parameter from the API 2012-12-21 18:47:04 +01:00
Riyad Preukschas 931ec399bd Remove the code parameter from the projects API 2012-12-21 18:43:46 +01:00
Valeriy Sizov 77d632890b refactoring gfm_autocomplete 2012-12-20 20:52:12 +02:00
Boyan Tabakov e954438a1d Extended users API to support updating and deleting users.
Also added tests.
2012-12-18 21:24:31 +02:00
Cyril d3b8952f8f Add username to User and UserBasic entities in API and in examples in doc. 2012-12-12 18:51:20 +01:00
Cyril 63d9373aa8 Validates presence of User#name
The 2 reasons are :
- creation of user fail if name is empty : in after_save, it tries to create a
namespace with namespace.name = user.name and namespece validates presence
Namespace#name
- in the web app links to team members are broken with empty User#name because
they are of the form <a href'...'> user.name </a>
2012-12-12 17:53:43 +01:00
Dmitriy Zaporozhets 439d03bbed Fix namespace api autocomplete 2012-12-12 12:54:28 +02:00
Nihad Abbasov 270a43370a API: get a single wall note 2012-12-01 02:20:45 -08:00
Nihad Abbasov 42ef89c98a API: expose created date for project hooks and user SSH keys 2012-12-01 02:04:44 -08:00
Nihad Abbasov ee6187bd55 API: ability to create a wall note 2012-11-29 15:52:56 -08:00
Nihad Abbasov 2a98a060ca API: don't expose 'updated_at' for notes 2012-11-29 14:41:24 -08:00
Nihad Abbasov 961cb285b0 API: restore broken merge request commenting 2012-11-29 12:11:01 -08:00
Nihad Abbasov c946bf886c API: create new notes 2012-11-29 12:11:00 -08:00
Nihad Abbasov 1c5aa848ce API: get a single note 2012-11-29 12:11:00 -08:00
Nihad Abbasov 9a4974b760 correct example 2012-11-29 12:11:00 -08:00
Nihad Abbasov 01eab583d0 API: list wall, snippet and issue notes 2012-11-29 12:11:00 -08:00
Dmitriy Zaporozhets 0693215c30 Fixed spinach and tests. Build should pass now 2012-11-23 22:55:38 +02:00
Dmitriy Zaporozhets 0e1635a68a Fixing requests after namespaces. Fixed admin bug with access to project 2012-11-23 22:25:28 +02:00
Dmitriy Zaporozhets 9304d049de Fixed some tests and snippet colorize 2012-11-23 22:31:09 +03:00
Dmitriy Zaporozhets c50ec72b52 Deprecate code for Project. Use title and path 2012-11-23 21:11:09 +03:00
Saito 6cec9ed328 linguist will take care of this 2012-11-10 01:36:55 +08:00
Valeriy Sizov d6a5e3dad7 Merge pull request #1735 from NARKOZ/api
API fixes
2012-11-07 03:50:42 -08:00
Valeriy Sizov 4281de3640 API: review 2 2012-10-25 13:38:55 +03:00
Valeriy Sizov e6cdfb607a API: tests for merge_requests 2012-10-25 13:13:01 +03:00
Valeriy Sizov 77bc110107 API: help page and comment 2012-10-22 23:09:21 +03:00
Valeriy Sizov 6ffd2f3db6 Changes after review 2012-10-22 23:09:21 +03:00
Valeriy Sizov 93e8d426c5 API: merge request: post comment call 2012-10-22 23:09:21 +03:00
Valeriy Sizov b32a8eea93 API: MergeRequest: authorization 2012-10-22 23:09:21 +03:00
Valeriy Sizov 524b907042 API: MergeRequest refactoring 2012-10-22 23:09:21 +03:00
Valeriy Sizov 5a89934af8 API: update merge request call 2012-10-22 23:09:21 +03:00
Valeriy Sizov fe59547ae5 API: create merge request 2012-10-22 23:09:21 +03:00
Valeriy Sizov bd049e5e7c API:merge request show && list 2012-10-22 23:09:21 +03:00
Nihad Abbasov 00325a733a name and password_confirmation not required to create a user via API 2012-10-19 03:34:18 -07:00
Nihad Abbasov c610206321 fix mass-assignment error in user create API 2012-10-19 03:23:10 -07:00
jozefvaclavik d1a18d038d Update lib/api/projects.rb
Added methods for listing one project hook and editing hooks.
GET /project/:id/hooks/:hook_id
PUT /project/:id/hooks/:hook_id
2012-10-12 10:30:09 +03:00
Nihad Abbasov 61f12da3a5 API: add project snippets listing 2012-10-08 02:13:53 -07:00
Nihad Abbasov ad5b5d1e51 projects API should return info about deleted hook 2012-10-08 01:54:50 -07:00
Valeriy Sizov e7608cd6f9 API: private token via header 2012-10-02 18:43:35 +03:00
Valeriy Sizov 2e1c3c52bc #1606 Fixes 2012-10-02 18:08:04 +03:00
Valeriy Sizov e9c356092b #1606 API private token via the header 2012-10-02 18:02:21 +03:00
Valeriy Sizov d104df49e7 fix TYPO 2012-10-02 16:34:20 +03:00
Valeriy Sizov 825081174a #1585 Api for user creation: base implementation 2012-10-02 12:46:01 +03:00
Nihad Abbasov b62445813d API: SSH keys belong to user entity 2012-09-21 04:49:28 -07:00
Nihad Abbasov 4a072be2d7 API: commits belong to project repository 2012-09-21 04:34:07 -07:00
Dmitriy Zaporozhets 131553627d Merge pull request #1521 from NARKOZ/api
API for project team members
2012-09-21 04:19:16 -07:00
Nihad Abbasov 25b745271a add API for project team members 2012-09-21 03:23:17 -07:00
Dmitriy Zaporozhets 10d3a30b25 APi for commits. Better api docs 2012-09-21 13:22:30 +03:00
Nihad Abbasov b08d33f6a9 API: return 401 for invalid session 2012-09-20 08:38:08 -07:00
Nihad Abbasov 3dd940d4cb API: extend UserLogin entity from UserBasic 2012-09-20 08:36:43 -07:00
Dmitriy Zaporozhets 9aafe77e70 I want be able to get token via api. Used for mobile applications 2012-09-20 17:45:07 +03:00
Nihad Abbasov 37817cc31d API: expose project id for milestones 2012-09-20 18:38:34 +06:00
Alex Denisov c83af0dfe7 Uses attributes_for_keys 2012-09-16 22:44:20 +03:00
Alex Denisov b6c6a5b159 Merge branch 'master' into ssh_keys_api 2012-09-16 22:37:50 +03:00
Alex Denisov b896880eb4 Method name changed 2012-09-16 20:08:57 +03:00
Alex Denisov 549c4c2202 API attributes refactored 2012-09-16 19:51:04 +03:00
Alex Denisov 87d40fd276 Docs added 2012-09-16 18:21:59 +03:00
Alex Denisov c23eb40829 SSH Keys API implemented 2012-09-16 17:52:06 +03:00
miks 6d76e000d0 Add authorization to hooks requests 2012-09-10 16:50:01 +03:00