Different status codes in the API lib are returned on hook creation, update or deletion.
If a required parameter is not given (e.g. `url` in `/projects/:id/hooks/:hook_id`) status
code 400 (Bad request) is returned. On hook deletion a 200 status code is returned, regardless if
the hook is present or not. This makes the DELETE function an idempotent operation. Appropriate tests
are added to check these status codes.
When adding a project hook a url must be specified or a 400 error code is returned
* Specs added to check status code on handling project hooks
* refactored code, extracted a method
When a user is added to a project that is already a member of, a status code 201 is now returned to
signal an idempotent operation. If something fails then instead of returning error code 404 different
more specific error codes are returned. Status code 400 (Bad request) is returned when a required
attribute, e.g. `access_level` is not given or 422 if there is a semantic error, e.g. should
the `access_level` have an unsupported value.
Specs are added to check these status codes.
If a note is created with a POST request via API (`/projects/:id/notes`) status
code 400 is returned instead of 404. The resource itself exists but the request
is incomplete. Specs added to check different status codes when accessing, creating
and updating notes.
Creating a comment to an existing merge request via API without providing a note
returns a status code 400 now, suggesting a bad request. The reason for this
is the resource itself (MR) exists but the required property is not set.
Using the API library to create or update a merge request at the moment a 404 error is returned.
This is fine when the merge request in question does not exist, but does not provide good
information that for example a required attribute is missing.
A status code of 400 (Bad request) is returned when creating or updating a merge request
when either `source_branch` or `target_branch` is missing. A status code of 409 is returned
when `source_branch` and `target_branch` are the same. Tests are added for these cases.
The attempt to revoke project access for a user that was not member of the
project results in a 500 Internal Server error where it actually should
result in a 200 OK since after the operation, the user is not member of
the project. This turns the operation into an idempotent call that can
be repeated with no ill effects.
Updated the spec and changed the code accordingly. However, the result differs
slightly, as we can't return the users project access level if the user was not
member. I'm not aware if anybody relies on the result of this call.
Fixes#2832
