9ee6c58acc
The API Documentation for project snippets got infos to return codes. Tests are added to check status codes when handling project snippets.
601 lines
20 KiB
Ruby
601 lines
20 KiB
Ruby
require 'spec_helper'
|
|
|
|
describe Gitlab::API do
|
|
include ApiHelpers
|
|
|
|
let(:user) { create(:user) }
|
|
let(:user2) { create(:user) }
|
|
let(:user3) { create(:user) }
|
|
let!(:project) { create(:project, namespace: user.namespace ) }
|
|
let!(:hook) { create(:project_hook, project: project, url: "http://example.com") }
|
|
let!(:snippet) { create(:snippet, author: user, project: project, title: 'example') }
|
|
let!(:users_project) { create(:users_project, user: user, project: project, project_access: UsersProject::MASTER) }
|
|
let!(:users_project2) { create(:users_project, user: user3, project: project, project_access: UsersProject::DEVELOPER) }
|
|
before { project.team << [user, :reporter] }
|
|
|
|
describe "GET /projects" do
|
|
context "when unauthenticated" do
|
|
it "should return authentication error" do
|
|
get api("/projects")
|
|
response.status.should == 401
|
|
end
|
|
end
|
|
|
|
context "when authenticated" do
|
|
it "should return an array of projects" do
|
|
get api("/projects", user)
|
|
response.status.should == 200
|
|
json_response.should be_an Array
|
|
json_response.first['name'].should == project.name
|
|
json_response.first['owner']['email'].should == user.email
|
|
end
|
|
end
|
|
end
|
|
|
|
describe "POST /projects" do
|
|
context "maximum number of projects reached" do
|
|
before do
|
|
(1..user2.projects_limit).each do |project|
|
|
post api("/projects", user2), name: "foo#{project}"
|
|
end
|
|
end
|
|
|
|
it "should not create new project" do
|
|
expect {
|
|
post api("/projects", user2), name: 'foo'
|
|
}.to change {Project.count}.by(0)
|
|
end
|
|
end
|
|
|
|
it "should create new project without path" do
|
|
expect { post api("/projects", user), name: 'foo' }.to change {Project.count}.by(1)
|
|
end
|
|
|
|
it "should not create new project without name" do
|
|
expect { post api("/projects", user) }.to_not change {Project.count}
|
|
end
|
|
|
|
it "should return a 400 error if name not given" do
|
|
post api("/projects", user)
|
|
response.status.should == 400
|
|
end
|
|
|
|
it "should create last project before reaching project limit" do
|
|
(1..user2.projects_limit-1).each { |p| post api("/projects", user2), name: "foo#{p}" }
|
|
post api("/projects", user2), name: "foo"
|
|
response.status.should == 201
|
|
end
|
|
|
|
it "should respond with 201 on success" do
|
|
post api("/projects", user), name: 'foo'
|
|
response.status.should == 201
|
|
end
|
|
|
|
it "should respond with 400 if name is not given" do
|
|
post api("/projects", user)
|
|
response.status.should == 400
|
|
end
|
|
|
|
it "should return a 403 error if project limit reached" do
|
|
(1..user.projects_limit).each do |p|
|
|
post api("/projects", user), name: "foo#{p}"
|
|
end
|
|
post api("/projects", user), name: 'bar'
|
|
response.status.should == 403
|
|
end
|
|
|
|
it "should assign attributes to project" do
|
|
project = attributes_for(:project, {
|
|
description: Faker::Lorem.sentence,
|
|
default_branch: 'stable',
|
|
issues_enabled: false,
|
|
wall_enabled: false,
|
|
merge_requests_enabled: false,
|
|
wiki_enabled: false
|
|
})
|
|
|
|
post api("/projects", user), project
|
|
|
|
project.each_pair do |k,v|
|
|
next if k == :path
|
|
json_response[k.to_s].should == v
|
|
end
|
|
end
|
|
end
|
|
|
|
describe "GET /projects/:id" do
|
|
it "should return a project by id" do
|
|
get api("/projects/#{project.id}", user)
|
|
response.status.should == 200
|
|
json_response['name'].should == project.name
|
|
json_response['owner']['email'].should == user.email
|
|
end
|
|
|
|
it "should return a project by path name" do
|
|
get api("/projects/#{project.id}", user)
|
|
response.status.should == 200
|
|
json_response['name'].should == project.name
|
|
end
|
|
|
|
it "should return a 404 error if not found" do
|
|
get api("/projects/42", user)
|
|
response.status.should == 404
|
|
json_response['message'].should == '404 Not Found'
|
|
end
|
|
|
|
it "should return a 404 error if user is not a member" do
|
|
other_user = create(:user)
|
|
get api("/projects/#{project.id}", other_user)
|
|
response.status.should == 404
|
|
end
|
|
end
|
|
|
|
describe "GET /projects/:id/repository/branches" do
|
|
it "should return an array of project branches" do
|
|
get api("/projects/#{project.id}/repository/branches", user)
|
|
response.status.should == 200
|
|
json_response.should be_an Array
|
|
json_response.first['name'].should == project.repo.heads.sort_by(&:name).first.name
|
|
end
|
|
end
|
|
|
|
describe "GET /projects/:id/repository/branches/:branch" do
|
|
it "should return the branch information for a single branch" do
|
|
get api("/projects/#{project.id}/repository/branches/new_design", user)
|
|
response.status.should == 200
|
|
|
|
json_response['name'].should == 'new_design'
|
|
json_response['commit']['id'].should == '621491c677087aa243f165eab467bfdfbee00be1'
|
|
json_response['protected'].should == false
|
|
end
|
|
|
|
it "should return a 404 error if branch is not available" do
|
|
get api("/projects/#{project.id}/repository/branches/unknown", user)
|
|
response.status.should == 404
|
|
end
|
|
end
|
|
|
|
describe "PUT /projects/:id/repository/branches/:branch/protect" do
|
|
it "should protect a single branch" do
|
|
put api("/projects/#{project.id}/repository/branches/new_design/protect", user)
|
|
response.status.should == 200
|
|
|
|
json_response['name'].should == 'new_design'
|
|
json_response['commit']['id'].should == '621491c677087aa243f165eab467bfdfbee00be1'
|
|
json_response['protected'].should == true
|
|
end
|
|
|
|
it "should return a 404 error if branch not found" do
|
|
put api("/projects/#{project.id}/repository/branches/unknown/protect", user)
|
|
response.status.should == 404
|
|
end
|
|
|
|
it "should return success when protect branch again" do
|
|
put api("/projects/#{project.id}/repository/branches/new_design/protect", user)
|
|
put api("/projects/#{project.id}/repository/branches/new_design/protect", user)
|
|
response.status.should == 200
|
|
end
|
|
end
|
|
|
|
describe "PUT /projects/:id/repository/branches/:branch/unprotect" do
|
|
it "should unprotect a single branch" do
|
|
put api("/projects/#{project.id}/repository/branches/new_design/unprotect", user)
|
|
response.status.should == 200
|
|
|
|
json_response['name'].should == 'new_design'
|
|
json_response['commit']['id'].should == '621491c677087aa243f165eab467bfdfbee00be1'
|
|
json_response['protected'].should == false
|
|
end
|
|
|
|
it "should return success when unprotect branch" do
|
|
put api("/projects/#{project.id}/repository/branches/unknown/unprotect", user)
|
|
response.status.should == 404
|
|
end
|
|
|
|
it "should return success when unprotect branch again" do
|
|
put api("/projects/#{project.id}/repository/branches/new_design/unprotect", user)
|
|
put api("/projects/#{project.id}/repository/branches/new_design/unprotect", user)
|
|
response.status.should == 200
|
|
end
|
|
end
|
|
|
|
describe "GET /projects/:id/members" do
|
|
it "should return project team members" do
|
|
get api("/projects/#{project.id}/members", user)
|
|
response.status.should == 200
|
|
json_response.should be_an Array
|
|
json_response.count.should == 2
|
|
json_response.first['email'].should == user.email
|
|
end
|
|
|
|
it "finds team members with query string" do
|
|
get api("/projects/#{project.id}/members", user), query: user.username
|
|
response.status.should == 200
|
|
json_response.should be_an Array
|
|
json_response.count.should == 1
|
|
json_response.first['email'].should == user.email
|
|
end
|
|
|
|
it "should return a 404 error if id not found" do
|
|
get api("/projects/9999/members", user)
|
|
response.status.should == 404
|
|
end
|
|
end
|
|
|
|
describe "GET /projects/:id/members/:user_id" do
|
|
it "should return project team member" do
|
|
get api("/projects/#{project.id}/members/#{user.id}", user)
|
|
response.status.should == 200
|
|
json_response['email'].should == user.email
|
|
json_response['access_level'].should == UsersProject::MASTER
|
|
end
|
|
|
|
it "should return a 404 error if user id not found" do
|
|
get api("/projects/#{project.id}/members/1234", user)
|
|
response.status.should == 404
|
|
end
|
|
end
|
|
|
|
describe "POST /projects/:id/members" do
|
|
it "should add user to project team" do
|
|
expect {
|
|
post api("/projects/#{project.id}/members", user), user_id: user2.id,
|
|
access_level: UsersProject::DEVELOPER
|
|
}.to change { UsersProject.count }.by(1)
|
|
|
|
response.status.should == 201
|
|
json_response['email'].should == user2.email
|
|
json_response['access_level'].should == UsersProject::DEVELOPER
|
|
end
|
|
|
|
it "should return a 201 status if user is already project member" do
|
|
post api("/projects/#{project.id}/members", user), user_id: user2.id,
|
|
access_level: UsersProject::DEVELOPER
|
|
expect {
|
|
post api("/projects/#{project.id}/members", user), user_id: user2.id,
|
|
access_level: UsersProject::DEVELOPER
|
|
}.not_to change { UsersProject.count }.by(1)
|
|
|
|
response.status.should == 201
|
|
json_response['email'].should == user2.email
|
|
json_response['access_level'].should == UsersProject::DEVELOPER
|
|
end
|
|
|
|
it "should return a 400 error when user id is not given" do
|
|
post api("/projects/#{project.id}/members", user), access_level: UsersProject::MASTER
|
|
response.status.should == 400
|
|
end
|
|
|
|
it "should return a 400 error when access level is not given" do
|
|
post api("/projects/#{project.id}/members", user), user_id: user2.id
|
|
response.status.should == 400
|
|
end
|
|
|
|
it "should return a 422 error when access level is not known" do
|
|
post api("/projects/#{project.id}/members", user), user_id: user2.id, access_level: 1234
|
|
response.status.should == 422
|
|
end
|
|
end
|
|
|
|
describe "PUT /projects/:id/members/:user_id" do
|
|
it "should update project team member" do
|
|
put api("/projects/#{project.id}/members/#{user3.id}", user), access_level: UsersProject::MASTER
|
|
response.status.should == 200
|
|
json_response['email'].should == user3.email
|
|
json_response['access_level'].should == UsersProject::MASTER
|
|
end
|
|
|
|
it "should return a 404 error if user_id is not found" do
|
|
put api("/projects/#{project.id}/members/1234", user), access_level: UsersProject::MASTER
|
|
response.status.should == 404
|
|
end
|
|
|
|
it "should return a 400 error when access level is not given" do
|
|
put api("/projects/#{project.id}/members/#{user3.id}", user)
|
|
response.status.should == 400
|
|
end
|
|
|
|
it "should return a 422 error when access level is not known" do
|
|
put api("/projects/#{project.id}/members/#{user3.id}", user), access_level: 123
|
|
response.status.should == 422
|
|
end
|
|
end
|
|
|
|
describe "DELETE /projects/:id/members/:user_id" do
|
|
it "should remove user from project team" do
|
|
expect {
|
|
delete api("/projects/#{project.id}/members/#{user3.id}", user)
|
|
}.to change { UsersProject.count }.by(-1)
|
|
end
|
|
|
|
it "should return 200 if team member is not part of a project" do
|
|
delete api("/projects/#{project.id}/members/#{user3.id}", user)
|
|
expect {
|
|
delete api("/projects/#{project.id}/members/#{user3.id}", user)
|
|
}.to_not change { UsersProject.count }.by(1)
|
|
end
|
|
|
|
it "should return 200 if team member already removed" do
|
|
delete api("/projects/#{project.id}/members/#{user3.id}", user)
|
|
delete api("/projects/#{project.id}/members/#{user3.id}", user)
|
|
response.status.should == 200
|
|
end
|
|
end
|
|
|
|
describe "DELETE /projects/:id/members/:user_id" do
|
|
it "should return 200 OK when the user was not member" do
|
|
expect {
|
|
delete api("/projects/#{project.id}/members/1000000", user)
|
|
}.to change { UsersProject.count }.by(0)
|
|
response.status.should == 200
|
|
json_response['message'].should == "Access revoked"
|
|
json_response['id'].should == 1000000
|
|
end
|
|
end
|
|
|
|
describe "GET /projects/:id/hooks" do
|
|
context "authorized user" do
|
|
it "should return project hooks" do
|
|
get api("/projects/#{project.id}/hooks", user)
|
|
response.status.should == 200
|
|
|
|
json_response.should be_an Array
|
|
json_response.count.should == 1
|
|
json_response.first['url'].should == "http://example.com"
|
|
end
|
|
end
|
|
|
|
context "unauthorized user" do
|
|
it "should not access project hooks" do
|
|
get api("/projects/#{project.id}/hooks", user3)
|
|
response.status.should == 403
|
|
end
|
|
end
|
|
end
|
|
|
|
describe "GET /projects/:id/hooks/:hook_id" do
|
|
context "authorized user" do
|
|
it "should return a project hook" do
|
|
get api("/projects/#{project.id}/hooks/#{hook.id}", user)
|
|
response.status.should == 200
|
|
json_response['url'].should == hook.url
|
|
end
|
|
|
|
it "should return a 404 error if hook id is not available" do
|
|
get api("/projects/#{project.id}/hooks/1234", user)
|
|
response.status.should == 404
|
|
end
|
|
end
|
|
|
|
context "unauthorized user" do
|
|
it "should not access an existing hook" do
|
|
get api("/projects/#{project.id}/hooks/#{hook.id}", user3)
|
|
response.status.should == 403
|
|
end
|
|
end
|
|
|
|
it "should return a 404 error if hook id is not available" do
|
|
get api("/projects/#{project.id}/hooks/1234", user)
|
|
response.status.should == 404
|
|
end
|
|
end
|
|
|
|
describe "POST /projects/:id/hooks" do
|
|
it "should add hook to project" do
|
|
expect {
|
|
post api("/projects/#{project.id}/hooks", user),
|
|
url: "http://example.com"
|
|
}.to change {project.hooks.count}.by(1)
|
|
response.status.should == 201
|
|
end
|
|
|
|
it "should return a 400 error if url not given" do
|
|
post api("/projects/#{project.id}/hooks", user)
|
|
response.status.should == 400
|
|
end
|
|
|
|
it "should return a 422 error if url not valid" do
|
|
post api("/projects/#{project.id}/hooks", user), "url" => "ftp://example.com"
|
|
response.status.should == 422
|
|
end
|
|
end
|
|
|
|
describe "PUT /projects/:id/hooks/:hook_id" do
|
|
it "should update an existing project hook" do
|
|
put api("/projects/#{project.id}/hooks/#{hook.id}", user),
|
|
url: 'http://example.org'
|
|
response.status.should == 200
|
|
json_response['url'].should == 'http://example.org'
|
|
end
|
|
|
|
it "should return 404 error if hook id not found" do
|
|
put api("/projects/#{project.id}/hooks/1234", user), url: 'http://example.org'
|
|
response.status.should == 404
|
|
end
|
|
|
|
it "should return 400 error if url is not given" do
|
|
put api("/projects/#{project.id}/hooks/#{hook.id}", user)
|
|
response.status.should == 400
|
|
end
|
|
|
|
it "should return a 422 error if url is not valid" do
|
|
put api("/projects/#{project.id}/hooks/#{hook.id}", user), url: 'ftp://example.com'
|
|
response.status.should == 422
|
|
end
|
|
end
|
|
|
|
describe "DELETE /projects/:id/hooks/:hook_id" do
|
|
it "should delete hook from project" do
|
|
expect {
|
|
delete api("/projects/#{project.id}/hooks/#{hook.id}", user)
|
|
}.to change {project.hooks.count}.by(-1)
|
|
response.status.should == 200
|
|
end
|
|
|
|
it "should return success when deleting hook" do
|
|
delete api("/projects/#{project.id}/hooks/#{hook.id}", user)
|
|
response.status.should == 200
|
|
end
|
|
|
|
it "should return success when deleting non existent hook" do
|
|
delete api("/projects/#{project.id}/hooks/42", user)
|
|
response.status.should == 200
|
|
end
|
|
end
|
|
|
|
describe "GET /projects/:id/repository/tags" do
|
|
it "should return an array of project tags" do
|
|
get api("/projects/#{project.id}/repository/tags", user)
|
|
response.status.should == 200
|
|
json_response.should be_an Array
|
|
json_response.first['name'].should == project.repo.tags.sort_by(&:name).reverse.first.name
|
|
end
|
|
end
|
|
|
|
describe "GET /projects/:id/repository/commits" do
|
|
context "authorized user" do
|
|
before { project.team << [user2, :reporter] }
|
|
|
|
it "should return project commits" do
|
|
get api("/projects/#{project.id}/repository/commits", user)
|
|
response.status.should == 200
|
|
|
|
json_response.should be_an Array
|
|
json_response.first['id'].should == project.repository.commit.id
|
|
end
|
|
end
|
|
|
|
context "unauthorized user" do
|
|
it "should not return project commits" do
|
|
get api("/projects/#{project.id}/repository/commits")
|
|
response.status.should == 401
|
|
end
|
|
end
|
|
end
|
|
|
|
describe "GET /projects/:id/snippets" do
|
|
it "should return an array of project snippets" do
|
|
get api("/projects/#{project.id}/snippets", user)
|
|
response.status.should == 200
|
|
json_response.should be_an Array
|
|
json_response.first['title'].should == snippet.title
|
|
end
|
|
|
|
it "should return 401 error if user not authenticated" do
|
|
get api("/projects/#{project.id}/snippets")
|
|
response.status.should == 401
|
|
end
|
|
end
|
|
|
|
describe "GET /projects/:id/snippets/:snippet_id" do
|
|
it "should return a project snippet" do
|
|
get api("/projects/#{project.id}/snippets/#{snippet.id}", user)
|
|
response.status.should == 200
|
|
json_response['title'].should == snippet.title
|
|
end
|
|
|
|
it "should return a 404 error if snippet id not found" do
|
|
get api("/projects/#{project.id}/snippets/1234", user)
|
|
response.status.should == 404
|
|
end
|
|
end
|
|
|
|
describe "POST /projects/:id/snippets" do
|
|
it "should create a new project snippet" do
|
|
post api("/projects/#{project.id}/snippets", user),
|
|
title: 'api test', file_name: 'sample.rb', code: 'test'
|
|
response.status.should == 201
|
|
json_response['title'].should == 'api test'
|
|
end
|
|
|
|
it "should return a 400 error if title is not given" do
|
|
post api("/projects/#{project.id}/snippets", user),
|
|
file_name: 'sample.rb', code: 'test'
|
|
response.status.should == 400
|
|
end
|
|
|
|
it "should return a 400 error if file_name not given" do
|
|
post api("/projects/#{project.id}/snippets", user),
|
|
title: 'api test', code: 'test'
|
|
response.status.should == 400
|
|
end
|
|
|
|
it "should return a 400 error if code not given" do
|
|
post api("/projects/#{project.id}/snippets", user),
|
|
title: 'api test', file_name: 'sample.rb'
|
|
response.status.should == 400
|
|
end
|
|
|
|
it "should return a 401 error if user not authenticated" do
|
|
post api("/projects/#{project.id}/snippets"),
|
|
title: 'api test', file_name: 'sample.rb', code: 'i=0'
|
|
response.status.should == 401
|
|
end
|
|
end
|
|
|
|
describe "PUT /projects/:id/snippets/:shippet_id" do
|
|
it "should update an existing project snippet" do
|
|
put api("/projects/#{project.id}/snippets/#{snippet.id}", user),
|
|
code: 'updated code'
|
|
response.status.should == 200
|
|
json_response['title'].should == 'example'
|
|
snippet.reload.content.should == 'updated code'
|
|
end
|
|
|
|
it "should update an existing project snippet with new title" do
|
|
put api("/projects/#{project.id}/snippets/#{snippet.id}", user),
|
|
title: 'other api test'
|
|
response.status.should == 200
|
|
json_response['title'].should == 'other api test'
|
|
end
|
|
end
|
|
|
|
describe "DELETE /projects/:id/snippets/:snippet_id" do
|
|
it "should delete existing project snippet" do
|
|
expect {
|
|
delete api("/projects/#{project.id}/snippets/#{snippet.id}", user)
|
|
}.to change { Snippet.count }.by(-1)
|
|
response.status.should == 200
|
|
end
|
|
|
|
it "should return success when deleting unknown snippet id" do
|
|
delete api("/projects/#{project.id}/snippets/1234", user)
|
|
response.status.should == 200
|
|
end
|
|
end
|
|
|
|
describe "GET /projects/:id/snippets/:snippet_id/raw" do
|
|
it "should get a raw project snippet" do
|
|
get api("/projects/#{project.id}/snippets/#{snippet.id}/raw", user)
|
|
response.status.should == 200
|
|
end
|
|
|
|
it "should return a 404 error if raw project snippet not found" do
|
|
get api("/projects/#{project.id}/snippets/5555/raw", user)
|
|
response.status.should == 404
|
|
end
|
|
end
|
|
|
|
describe "GET /projects/:id/repository/commits/:sha/blob" do
|
|
it "should get the raw file contents" do
|
|
get api("/projects/#{project.id}/repository/commits/master/blob?filepath=README.md", user)
|
|
response.status.should == 200
|
|
end
|
|
|
|
it "should return 404 for invalid branch_name" do
|
|
get api("/projects/#{project.id}/repository/commits/invalid_branch_name/blob?filepath=README.md", user)
|
|
response.status.should == 404
|
|
end
|
|
|
|
it "should return 404 for invalid file" do
|
|
get api("/projects/#{project.id}/repository/commits/master/blob?filepath=README.invalid", user)
|
|
response.status.should == 404
|
|
end
|
|
|
|
it "should return a 400 error if filepath is missing" do
|
|
get api("/projects/#{project.id}/repository/commits/master/blob", user)
|
|
response.status.should == 400
|
|
end
|
|
end
|
|
end
|