gitlab-org--gitlab-foss/spec/requests/api/groups_spec.rb

188 lines
5.5 KiB
Ruby
Raw Normal View History

2013-02-01 08:59:22 -05:00
require 'spec_helper'
2014-04-11 15:45:56 -04:00
describe API::API, api: true do
2013-02-01 08:59:22 -05:00
include ApiHelpers
let(:user1) { create(:user) }
let(:user2) { create(:user) }
2013-02-01 08:59:22 -05:00
let(:admin) { create(:admin) }
2013-09-26 07:52:17 -04:00
let!(:group1) { create(:group) }
let!(:group2) { create(:group) }
before do
group1.add_owner(user1)
group2.add_owner(user2)
end
2013-02-01 08:59:22 -05:00
describe "GET /groups" do
context "when unauthenticated" do
it "should return authentication error" do
get api("/groups")
expect(response.status).to eq(401)
2013-02-01 08:59:22 -05:00
end
end
context "when authenticated as user" do
it "normal user: should return an array of groups of user1" do
get api("/groups", user1)
expect(response.status).to eq(200)
expect(json_response).to be_an Array
expect(json_response.length).to eq(1)
expect(json_response.first['name']).to eq(group1.name)
2013-02-01 08:59:22 -05:00
end
end
2013-03-20 17:46:30 -04:00
2013-02-01 08:59:22 -05:00
context "when authenticated as admin" do
it "admin: should return an array of all groups" do
get api("/groups", admin)
expect(response.status).to eq(200)
expect(json_response).to be_an Array
expect(json_response.length).to eq(2)
2013-02-01 08:59:22 -05:00
end
end
end
2013-03-20 17:46:30 -04:00
2013-02-01 08:59:22 -05:00
describe "GET /groups/:id" do
context "when authenticated as user" do
it "should return one of user1's groups" do
get api("/groups/#{group1.id}", user1)
expect(response.status).to eq(200)
2013-02-01 08:59:22 -05:00
json_response['name'] == group1.name
end
2013-03-20 17:46:30 -04:00
2013-02-01 08:59:22 -05:00
it "should not return a non existing group" do
get api("/groups/1328", user1)
expect(response.status).to eq(404)
2013-02-01 08:59:22 -05:00
end
2013-03-20 17:46:30 -04:00
2013-02-01 08:59:22 -05:00
it "should not return a group not attached to user1" do
get api("/groups/#{group2.id}", user1)
expect(response.status).to eq(403)
2013-02-01 08:59:22 -05:00
end
end
2013-03-20 17:46:30 -04:00
2013-02-01 08:59:22 -05:00
context "when authenticated as admin" do
it "should return any existing group" do
get api("/groups/#{group2.id}", admin)
expect(response.status).to eq(200)
2013-02-01 08:59:22 -05:00
json_response['name'] == group2.name
end
2013-03-20 17:46:30 -04:00
2013-02-01 08:59:22 -05:00
it "should not return a non existing group" do
get api("/groups/1328", admin)
expect(response.status).to eq(404)
2013-02-01 08:59:22 -05:00
end
end
2015-01-30 04:46:08 -05:00
context 'when using group path in URL' do
it 'should return any existing group' do
get api("/groups/#{group1.path}", admin)
expect(response.status).to eq(200)
2015-01-30 04:46:08 -05:00
json_response['name'] == group2.name
end
it 'should not return a non existing group' do
get api('/groups/unknown', admin)
expect(response.status).to eq(404)
2015-01-30 04:46:08 -05:00
end
it 'should not return a group not attached to user1' do
get api("/groups/#{group2.path}", user1)
expect(response.status).to eq(403)
2015-01-30 04:46:08 -05:00
end
end
2013-02-01 08:59:22 -05:00
end
2013-03-20 17:46:30 -04:00
2013-02-01 08:59:22 -05:00
describe "POST /groups" do
context "when authenticated as user" do
it "should not create group" do
post api("/groups", user1), attributes_for(:group)
expect(response.status).to eq(403)
2013-02-01 08:59:22 -05:00
end
end
2013-03-20 17:46:30 -04:00
2013-02-01 08:59:22 -05:00
context "when authenticated as admin" do
it "should create group" do
post api("/groups", admin), attributes_for(:group)
expect(response.status).to eq(201)
2013-02-01 08:59:22 -05:00
end
2013-02-01 12:58:53 -05:00
it "should not create group, duplicate" do
post api("/groups", admin), {name: "Duplicate Test", path: group2.path}
expect(response.status).to eq(400)
expect(response.message).to eq("Bad Request")
2013-02-01 12:58:53 -05:00
end
it "should return 400 bad request error if name not given" do
post api("/groups", admin), {path: group2.path}
expect(response.status).to eq(400)
end
it "should return 400 bad request error if path not given" do
post api("/groups", admin), { name: 'test' }
expect(response.status).to eq(400)
end
2013-02-01 08:59:22 -05:00
end
end
2012-11-14 15:37:52 -05:00
2013-10-07 06:18:37 -04:00
describe "DELETE /groups/:id" do
context "when authenticated as user" do
it "should remove group" do
delete api("/groups/#{group1.id}", user1)
expect(response.status).to eq(200)
2013-10-07 06:18:37 -04:00
end
it "should not remove a group if not an owner" do
user3 = create(:user)
group1.add_user(user3, Gitlab::Access::MASTER)
delete api("/groups/#{group1.id}", user3)
expect(response.status).to eq(403)
2013-10-07 06:18:37 -04:00
end
it "should not remove a non existing group" do
delete api("/groups/1328", user1)
expect(response.status).to eq(404)
2013-10-07 06:18:37 -04:00
end
it "should not remove a group not attached to user1" do
delete api("/groups/#{group2.id}", user1)
expect(response.status).to eq(403)
2013-10-07 06:18:37 -04:00
end
end
context "when authenticated as admin" do
it "should remove any existing group" do
delete api("/groups/#{group2.id}", admin)
expect(response.status).to eq(200)
2013-10-07 06:18:37 -04:00
end
it "should not remove a non existing group" do
delete api("/groups/1328", admin)
expect(response.status).to eq(404)
2013-10-07 06:18:37 -04:00
end
end
end
2012-11-14 15:37:52 -05:00
describe "POST /groups/:id/projects/:project_id" do
let(:project) { create(:project) }
before(:each) do
Projects::TransferService.any_instance.stub(execute: true)
allow(Project).to receive(:find).and_return(project)
2012-11-14 15:37:52 -05:00
end
context "when authenticated as user" do
it "should not transfer project to group" do
post api("/groups/#{group1.id}/projects/#{project.id}", user2)
expect(response.status).to eq(403)
2012-11-14 15:37:52 -05:00
end
end
context "when authenticated as admin" do
it "should transfer project to group" do
post api("/groups/#{group1.id}/projects/#{project.id}", admin)
expect(response.status).to eq(201)
2012-11-14 15:37:52 -05:00
end
end
end
2013-02-01 08:59:22 -05:00
end