parent
6654db2c82
commit
0ebfa5e5a2
|
@ -79,3 +79,4 @@ When listing resources you can pass the following parameters:
|
||||||
+ [Milestones](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/milestones.md)
|
+ [Milestones](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/milestones.md)
|
||||||
+ [Notes](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/notes.md)
|
+ [Notes](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/notes.md)
|
||||||
+ [System Hooks](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/system_hooks.md)
|
+ [System Hooks](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/system_hooks.md)
|
||||||
|
+ [User Teams](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/user_teams.md)
|
||||||
|
|
|
@ -0,0 +1,209 @@
|
||||||
|
## User teams
|
||||||
|
|
||||||
|
### List user teams
|
||||||
|
|
||||||
|
Get a list of user teams viewable by the authenticated user.
|
||||||
|
|
||||||
|
```
|
||||||
|
GET /user_teams
|
||||||
|
```
|
||||||
|
|
||||||
|
```json
|
||||||
|
[
|
||||||
|
{
|
||||||
|
id: 1,
|
||||||
|
name: "User team 1",
|
||||||
|
path: "user_team1",
|
||||||
|
owner_id: 1
|
||||||
|
},
|
||||||
|
{
|
||||||
|
id: 2,
|
||||||
|
name: "User team 2",
|
||||||
|
path: "user_team2",
|
||||||
|
owner_id: 1
|
||||||
|
}
|
||||||
|
]
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
### Get single user team
|
||||||
|
|
||||||
|
Get a specific user team, identified by user team ID, which is viewable by the authenticated user.
|
||||||
|
|
||||||
|
```
|
||||||
|
GET /user_teams/:id
|
||||||
|
```
|
||||||
|
|
||||||
|
Parameters:
|
||||||
|
|
||||||
|
+ `id` (required) - The ID of a user_team
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
id: 1,
|
||||||
|
name: "User team 1",
|
||||||
|
path: "user_team1",
|
||||||
|
owner_id: 1
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
### Create user team
|
||||||
|
|
||||||
|
Creates new user team owned by user. Available only for admins.
|
||||||
|
|
||||||
|
```
|
||||||
|
POST /user_teams
|
||||||
|
```
|
||||||
|
|
||||||
|
Parameters:
|
||||||
|
|
||||||
|
+ `name` (required) - new user team name
|
||||||
|
+ `path` (required) - new user team internal name
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## User team members
|
||||||
|
|
||||||
|
### List user team members
|
||||||
|
|
||||||
|
Get a list of project team members.
|
||||||
|
|
||||||
|
```
|
||||||
|
GET /user_teams/:id/members
|
||||||
|
```
|
||||||
|
|
||||||
|
Parameters:
|
||||||
|
|
||||||
|
+ `id` (required) - The ID of a user_team
|
||||||
|
|
||||||
|
|
||||||
|
### Get user team member
|
||||||
|
|
||||||
|
Gets a user team member.
|
||||||
|
|
||||||
|
```
|
||||||
|
GET /user_teams/:id/members/:user_id
|
||||||
|
```
|
||||||
|
|
||||||
|
Parameters:
|
||||||
|
|
||||||
|
+ `id` (required) - The ID of a user_team
|
||||||
|
+ `user_id` (required) - The ID of a user
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
id: 2,
|
||||||
|
username: "john_doe",
|
||||||
|
email: "joh@doe.org",
|
||||||
|
name: "John Doe",
|
||||||
|
state: "active",
|
||||||
|
created_at: "2012-10-22T14:13:35Z",
|
||||||
|
access_level: 30
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
### Add user team member
|
||||||
|
|
||||||
|
Adds a user to a user team.
|
||||||
|
|
||||||
|
```
|
||||||
|
POST /user_teams/:id/members
|
||||||
|
```
|
||||||
|
|
||||||
|
Parameters:
|
||||||
|
|
||||||
|
+ `id` (required) - The ID of a user team
|
||||||
|
+ `user_id` (required) - The ID of a user to add
|
||||||
|
+ `access_level` (required) - Project access level
|
||||||
|
|
||||||
|
|
||||||
|
### Remove user team member
|
||||||
|
|
||||||
|
Removes user from user team.
|
||||||
|
|
||||||
|
```
|
||||||
|
DELETE /user_teams/:id/members/:user_id
|
||||||
|
```
|
||||||
|
|
||||||
|
Parameters:
|
||||||
|
|
||||||
|
+ `id` (required) - The ID of a user team
|
||||||
|
+ `user_id` (required) - The ID of a team member
|
||||||
|
|
||||||
|
## User team projects
|
||||||
|
|
||||||
|
### List user team projects
|
||||||
|
|
||||||
|
Get a list of project team projects.
|
||||||
|
|
||||||
|
```
|
||||||
|
GET /user_teams/:id/projects
|
||||||
|
```
|
||||||
|
|
||||||
|
Parameters:
|
||||||
|
|
||||||
|
+ `id` (required) - The ID of a user_team
|
||||||
|
|
||||||
|
|
||||||
|
### Get user team project
|
||||||
|
|
||||||
|
Gets a user team project.
|
||||||
|
|
||||||
|
```
|
||||||
|
GET /user_teams/:id/projects/:project_id
|
||||||
|
```
|
||||||
|
|
||||||
|
Parameters:
|
||||||
|
|
||||||
|
+ `id` (required) - The ID of a user_team
|
||||||
|
+ `project_id` (required) - The ID of a user
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
id: 12,
|
||||||
|
name: "project1",
|
||||||
|
description: null,
|
||||||
|
default_branch: "develop",
|
||||||
|
public: false,
|
||||||
|
path: "project1",
|
||||||
|
path_with_namespace: "group1/project1",
|
||||||
|
issues_enabled: false,
|
||||||
|
merge_requests_enabled: true,
|
||||||
|
wall_enabled: true,
|
||||||
|
wiki_enabled: false,
|
||||||
|
created_at: "2013-03-11T12:59:08Z",
|
||||||
|
greatest_access_level: 30
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
### Add user team project
|
||||||
|
|
||||||
|
Adds a project to a user team.
|
||||||
|
|
||||||
|
```
|
||||||
|
POST /user_teams/:id/projects
|
||||||
|
```
|
||||||
|
|
||||||
|
Parameters:
|
||||||
|
|
||||||
|
+ `id` (required) - The ID of a user team
|
||||||
|
+ `project_id` (required) - The ID of a project to add
|
||||||
|
+ `greatest_access_level` (required) - Maximum project access level
|
||||||
|
|
||||||
|
|
||||||
|
### Remove user team project
|
||||||
|
|
||||||
|
Removes project from user team.
|
||||||
|
|
||||||
|
```
|
||||||
|
DELETE /user_teams/:id/projects/:project_id
|
||||||
|
```
|
||||||
|
|
||||||
|
Parameters:
|
||||||
|
|
||||||
|
+ `id` (required) - The ID of a user team
|
||||||
|
+ `project_id` (required) - The ID of a team project
|
||||||
|
|
|
@ -34,5 +34,6 @@ module API
|
||||||
mount Notes
|
mount Notes
|
||||||
mount Internal
|
mount Internal
|
||||||
mount SystemHooks
|
mount SystemHooks
|
||||||
|
mount UserTeams
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -40,6 +40,18 @@ module API
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
class TeamMember < UserBasic
|
||||||
|
expose :permission, as: :access_level do |user, options|
|
||||||
|
options[:user_team].user_team_user_relationships.find_by_user_id(user.id).permission
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
class TeamProject < Project
|
||||||
|
expose :greatest_access, as: :greatest_access_level do |project, options|
|
||||||
|
options[:user_team].user_team_project_relationships.find_by_project_id(project.id).greatest_access
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
class Group < Grape::Entity
|
class Group < Grape::Entity
|
||||||
expose :id, :name, :path, :owner_id
|
expose :id, :name, :path, :owner_id
|
||||||
end
|
end
|
||||||
|
@ -87,6 +99,10 @@ module API
|
||||||
expose :id, :title, :key, :created_at
|
expose :id, :title, :key, :created_at
|
||||||
end
|
end
|
||||||
|
|
||||||
|
class UserTeam < Grape::Entity
|
||||||
|
expose :id, :name, :path, :owner_id
|
||||||
|
end
|
||||||
|
|
||||||
class MergeRequest < Grape::Entity
|
class MergeRequest < Grape::Entity
|
||||||
expose :id, :target_branch, :source_branch, :project_id, :title, :state
|
expose :id, :target_branch, :source_branch, :project_id, :title, :state
|
||||||
expose :author, :assignee, using: Entities::UserBasic
|
expose :author, :assignee, using: Entities::UserBasic
|
||||||
|
|
|
@ -0,0 +1,276 @@
|
||||||
|
module API
|
||||||
|
# user_teams API
|
||||||
|
class UserTeams < Grape::API
|
||||||
|
before { authenticate! }
|
||||||
|
|
||||||
|
resource :user_teams do
|
||||||
|
helpers do
|
||||||
|
def handle_team_member_errors(errors)
|
||||||
|
if errors[:permission].any?
|
||||||
|
render_api_error!(errors[:permission], 422)
|
||||||
|
end
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
|
||||||
|
def validate_access_level?(level)
|
||||||
|
[UsersProject::GUEST, UsersProject::REPORTER, UsersProject::DEVELOPER, UsersProject::MASTER].include? level.to_i
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
# Get a user_teams list
|
||||||
|
#
|
||||||
|
# Example Request:
|
||||||
|
# GET /user_teams
|
||||||
|
get do
|
||||||
|
if current_user.admin
|
||||||
|
@user_teams = paginate UserTeam
|
||||||
|
else
|
||||||
|
@user_teams = paginate current_user.user_teams
|
||||||
|
end
|
||||||
|
present @user_teams, with: Entities::UserTeam
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
# Create user_team. Available only for admin
|
||||||
|
#
|
||||||
|
# Parameters:
|
||||||
|
# name (required) - The name of the user_team
|
||||||
|
# path (required) - The path of the user_team
|
||||||
|
# Example Request:
|
||||||
|
# POST /user_teams
|
||||||
|
post do
|
||||||
|
authenticated_as_admin!
|
||||||
|
required_attributes! [:name, :path]
|
||||||
|
|
||||||
|
attrs = attributes_for_keys [:name, :path]
|
||||||
|
@user_team = UserTeam.new(attrs)
|
||||||
|
@user_team.owner = current_user
|
||||||
|
|
||||||
|
if @user_team.save
|
||||||
|
present @user_team, with: Entities::UserTeam
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
# Get a single user_team
|
||||||
|
#
|
||||||
|
# Parameters:
|
||||||
|
# id (required) - The ID of a user_team
|
||||||
|
# Example Request:
|
||||||
|
# GET /user_teams/:id
|
||||||
|
get ":id" do
|
||||||
|
@user_team = UserTeam.find(params[:id])
|
||||||
|
if current_user.admin or current_user.user_teams.include? @user_team
|
||||||
|
present @user_team, with: Entities::UserTeam
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
# Get user_team members
|
||||||
|
#
|
||||||
|
# Parameters:
|
||||||
|
# id (required) - The ID of a user_team
|
||||||
|
# Example Request:
|
||||||
|
# GET /user_teams/:id/members
|
||||||
|
get ":id/members" do
|
||||||
|
@user_team = UserTeam.find(params[:id])
|
||||||
|
if current_user.admin or current_user.user_teams.include? @user_team
|
||||||
|
@members = paginate @user_team.members
|
||||||
|
present @members, with: Entities::TeamMember, user_team: @user_team
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
# Add a new user_team member
|
||||||
|
#
|
||||||
|
# Parameters:
|
||||||
|
# id (required) - The ID of a user_team
|
||||||
|
# user_id (required) - The ID of a user
|
||||||
|
# access_level (required) - Project access level
|
||||||
|
# Example Request:
|
||||||
|
# POST /user_teams/:id/members
|
||||||
|
post ":id/members" do
|
||||||
|
authenticated_as_admin!
|
||||||
|
required_attributes! [:user_id, :access_level]
|
||||||
|
|
||||||
|
if not validate_access_level?(params[:access_level])
|
||||||
|
render_api_error!("Wrong access level", 422)
|
||||||
|
end
|
||||||
|
|
||||||
|
@user_team = UserTeam.find(params[:id])
|
||||||
|
if @user_team
|
||||||
|
team_member = @user_team.user_team_user_relationships.find_by_user_id(params[:user_id])
|
||||||
|
# Not existing member
|
||||||
|
if team_member.nil?
|
||||||
|
@user_team.add_member(params[:user_id], params[:access_level], false)
|
||||||
|
team_member = @user_team.user_team_user_relationships.find_by_user_id(params[:user_id])
|
||||||
|
|
||||||
|
if team_member.nil?
|
||||||
|
render_api_error!("Error creating membership", 500)
|
||||||
|
else
|
||||||
|
@member = team_member.user
|
||||||
|
present @member, with: Entities::TeamMember, user_team: @user_team
|
||||||
|
end
|
||||||
|
else
|
||||||
|
render_api_error!("Already exists", 409)
|
||||||
|
end
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
# Get a single team member from user_team
|
||||||
|
#
|
||||||
|
# Parameters:
|
||||||
|
# id (required) - The ID of a user_team
|
||||||
|
# user_id (required) - The ID of a team member
|
||||||
|
# Example Request:
|
||||||
|
# GET /user_teams/:id/members/:user_id
|
||||||
|
get ":id/members/:user_id" do
|
||||||
|
@user_team = UserTeam.find(params[:id])
|
||||||
|
if current_user.admin or current_user.user_teams.include? @user_team
|
||||||
|
team_member = @user_team.user_team_user_relationships.find_by_user_id(params[:user_id])
|
||||||
|
unless team_member.nil?
|
||||||
|
present team_member.user, with: Entities::TeamMember, user_team: @user_team
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
# Remove a team member from user_team
|
||||||
|
#
|
||||||
|
# Parameters:
|
||||||
|
# id (required) - The ID of a user_team
|
||||||
|
# user_id (required) - The ID of a team member
|
||||||
|
# Example Request:
|
||||||
|
# DELETE /user_teams/:id/members/:user_id
|
||||||
|
delete ":id/members/:user_id" do
|
||||||
|
authenticated_as_admin!
|
||||||
|
|
||||||
|
@user_team = UserTeam.find(params[:id])
|
||||||
|
if @user_team
|
||||||
|
team_member = @user_team.user_team_user_relationships.find_by_user_id(params[:user_id])
|
||||||
|
unless team_member.nil?
|
||||||
|
team_member.destroy
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
# Get to user_team assigned projects
|
||||||
|
#
|
||||||
|
# Parameters:
|
||||||
|
# id (required) - The ID of a user_team
|
||||||
|
# Example Request:
|
||||||
|
# GET /user_teams/:id/projects
|
||||||
|
get ":id/projects" do
|
||||||
|
@user_team = UserTeam.find(params[:id])
|
||||||
|
if current_user.admin or current_user.user_teams.include? @user_team
|
||||||
|
@projects = paginate @user_team.projects
|
||||||
|
present @projects, with: Entities::TeamProject, user_team: @user_team
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
# Add a new user_team project
|
||||||
|
#
|
||||||
|
# Parameters:
|
||||||
|
# id (required) - The ID of a user_team
|
||||||
|
# project_id (required) - The ID of a project
|
||||||
|
# greatest_access_level (required) - Project access level
|
||||||
|
# Example Request:
|
||||||
|
# POST /user_teams/:id/projects
|
||||||
|
post ":id/projects" do
|
||||||
|
authenticated_as_admin!
|
||||||
|
required_attributes! [:project_id, :greatest_access_level]
|
||||||
|
|
||||||
|
if not validate_access_level?(params[:greatest_access_level])
|
||||||
|
render_api_error!("Wrong greatest_access_level", 422)
|
||||||
|
end
|
||||||
|
|
||||||
|
@user_team = UserTeam.find(params[:id])
|
||||||
|
if @user_team
|
||||||
|
team_project = @user_team.user_team_project_relationships.find_by_project_id(params[:project_id])
|
||||||
|
|
||||||
|
# No existing project
|
||||||
|
if team_project.nil?
|
||||||
|
@user_team.assign_to_projects([params[:project_id]], params[:greatest_access_level])
|
||||||
|
team_project = @user_team.user_team_project_relationships.find_by_project_id(params[:project_id])
|
||||||
|
if team_project.nil?
|
||||||
|
render_api_error!("Error creating project assignment", 500)
|
||||||
|
else
|
||||||
|
@project = team_project.project
|
||||||
|
present @project, with: Entities::TeamProject, user_team: @user_team
|
||||||
|
end
|
||||||
|
else
|
||||||
|
render_api_error!("Already exists", 409)
|
||||||
|
end
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
# Show a single team project from user_team
|
||||||
|
#
|
||||||
|
# Parameters:
|
||||||
|
# id (required) - The ID of a user_team
|
||||||
|
# project_id (required) - The ID of a project assigned to the team
|
||||||
|
# Example Request:
|
||||||
|
# GET /user_teams/:id/projects/:project_id
|
||||||
|
get ":id/projects/:project_id" do
|
||||||
|
@user_team = UserTeam.find(params[:id])
|
||||||
|
if current_user.admin or current_user.user_teams.include? @user_team
|
||||||
|
team_project = @user_team.user_team_project_relationships.find_by_project_id(params[:project_id])
|
||||||
|
unless team_project.nil?
|
||||||
|
present team_project.project, with: Entities::TeamProject, user_team: @user_team
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
# Remove a team project from user_team
|
||||||
|
#
|
||||||
|
# Parameters:
|
||||||
|
# id (required) - The ID of a user_team
|
||||||
|
# project_id (required) - The ID of a project assigned to the team
|
||||||
|
# Example Request:
|
||||||
|
# DELETE /user_teams/:id/projects/:project_id
|
||||||
|
delete ":id/projects/:project_id" do
|
||||||
|
authenticated_as_admin!
|
||||||
|
|
||||||
|
@user_team = UserTeam.find(params[:id])
|
||||||
|
if @user_team
|
||||||
|
team_project = @user_team.user_team_project_relationships.find_by_project_id(params[:project_id])
|
||||||
|
unless team_project.nil?
|
||||||
|
team_project.destroy
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
else
|
||||||
|
not_found!
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -0,0 +1,360 @@
|
||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe API::API do
|
||||||
|
include ApiHelpers
|
||||||
|
|
||||||
|
# Create test objects
|
||||||
|
let(:user1) { create(:user) }
|
||||||
|
let(:user2) { create(:user) }
|
||||||
|
let(:admin) { create(:admin) }
|
||||||
|
let!(:group1) { create(:group, owner: user1) }
|
||||||
|
let!(:group2) { create(:group, owner: user2) }
|
||||||
|
let(:user_team1) { create(:user_team, owner: user1) }
|
||||||
|
let(:user_team2) { create(:user_team, owner: user2) }
|
||||||
|
let!(:project1) { create(:project, creator_id: admin.id) }
|
||||||
|
let!(:project2) { create(:project, creator_id: admin.id) }
|
||||||
|
|
||||||
|
|
||||||
|
before {
|
||||||
|
# Add members to teams
|
||||||
|
user_team1.add_member(user1, UsersProject::MASTER, false)
|
||||||
|
user_team2.add_member(user2, UsersProject::MASTER, false)
|
||||||
|
|
||||||
|
# Add projects to teams
|
||||||
|
user_team1.assign_to_projects([project1.id], UsersProject::MASTER)
|
||||||
|
user_team2.assign_to_projects([project2.id], UsersProject::MASTER)
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
describe "GET /user_teams" do
|
||||||
|
context "when unauthenticated" do
|
||||||
|
it "should return authentication error" do
|
||||||
|
get api("/user_teams")
|
||||||
|
response.status.should == 401
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when authenticated as user" do
|
||||||
|
it "normal user: should return an array of user_teams of user1" do
|
||||||
|
get api("/user_teams", user1)
|
||||||
|
response.status.should == 200
|
||||||
|
json_response.should be_an Array
|
||||||
|
json_response.length.should == 1
|
||||||
|
json_response.first['name'].should == user_team1.name
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when authenticated as admin" do
|
||||||
|
it "admin: should return an array of all user_teams" do
|
||||||
|
get api("/user_teams", admin)
|
||||||
|
response.status.should == 200
|
||||||
|
json_response.should be_an Array
|
||||||
|
json_response.length.should == 2
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "GET /user_teams/:id" do
|
||||||
|
context "when authenticated as user" do
|
||||||
|
it "should return one of user1's user_teams" do
|
||||||
|
get api("/user_teams/#{user_team1.id}", user1)
|
||||||
|
response.status.should == 200
|
||||||
|
json_response['name'] == user_team1.name
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should not return a non existing team" do
|
||||||
|
get api("/user_teams/1328", user1)
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should not return a user_team not attached to user1" do
|
||||||
|
get api("/user_teams/#{user_team2.id}", user1)
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when authenticated as admin" do
|
||||||
|
it "should return any existing user_team" do
|
||||||
|
get api("/user_teams/#{user_team2.id}", admin)
|
||||||
|
response.status.should == 200
|
||||||
|
json_response['name'].should == user_team2.name
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should not return a non existing user_team" do
|
||||||
|
get api("/user_teams/1328", admin)
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "POST /user_teams" do
|
||||||
|
context "when authenticated as user" do
|
||||||
|
it "should not create user_team" do
|
||||||
|
count_before=UserTeam.count
|
||||||
|
post api("/user_teams", user1), attributes_for(:user_team)
|
||||||
|
response.status.should == 403
|
||||||
|
UserTeam.count.should == count_before
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when authenticated as admin" do
|
||||||
|
it "should create user_team" do
|
||||||
|
count_before=UserTeam.count
|
||||||
|
post api("/user_teams", admin), attributes_for(:user_team)
|
||||||
|
response.status.should == 201
|
||||||
|
UserTeam.count.should == count_before + 1
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should not create user_team, duplicate" do
|
||||||
|
post api("/user_teams", admin), {:name => "Duplicate Test", :path => user_team2.path}
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should return 400 bad request error if name not given" do
|
||||||
|
post api("/user_teams", admin), {:path => user_team2.path}
|
||||||
|
response.status.should == 400
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should return 400 bad request error if path not given" do
|
||||||
|
post api("/user_teams", admin), {:name => 'test'}
|
||||||
|
response.status.should == 400
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
# Members
|
||||||
|
|
||||||
|
describe "GET /user_teams/:id/members" do
|
||||||
|
context "when authenticated as user" do
|
||||||
|
it "should return user1 as member of user1's user_teams" do
|
||||||
|
get api("/user_teams/#{user_team1.id}/members", user1)
|
||||||
|
response.status.should == 200
|
||||||
|
json_response.first['name'].should == user1.name
|
||||||
|
json_response.first['access_level'].should == UsersProject::MASTER
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when authenticated as admin" do
|
||||||
|
it "should return member of any existing user_team" do
|
||||||
|
get api("/user_teams/#{user_team2.id}/members", admin)
|
||||||
|
response.status.should == 200
|
||||||
|
json_response.first['name'].should == user2.name
|
||||||
|
json_response.first['access_level'].should == UsersProject::MASTER
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "POST /user_teams/:id/members" do
|
||||||
|
context "when authenticated as user" do
|
||||||
|
it "should not add user2 as member of user_team1" do
|
||||||
|
post api("/user_teams/#{user_team1.id}/members", user1), user_id: user2.id, access_level: UsersProject::MASTER
|
||||||
|
response.status.should == 403
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when authenticated as admin" do
|
||||||
|
it "should return ok and add new member" do
|
||||||
|
count_before=user_team1.user_team_user_relationships.count
|
||||||
|
post api("/user_teams/#{user_team1.id}/members", admin), user_id: user2.id, access_level: UsersProject::MASTER
|
||||||
|
response.status.should == 201
|
||||||
|
json_response['name'].should == user2.name
|
||||||
|
json_response['access_level'].should == UsersProject::MASTER
|
||||||
|
user_team1.user_team_user_relationships.count.should == count_before + 1
|
||||||
|
end
|
||||||
|
it "should return ok if member already exists" do
|
||||||
|
post api("/user_teams/#{user_team2.id}/members", admin), user_id: user2.id, access_level: UsersProject::MASTER
|
||||||
|
response.status.should == 409
|
||||||
|
end
|
||||||
|
it "should return a 400 error when user id is not given" do
|
||||||
|
post api("/user_teams/#{user_team2.id}/members", admin), access_level: UsersProject::MASTER
|
||||||
|
response.status.should == 400
|
||||||
|
end
|
||||||
|
it "should return a 400 error when access level is not given" do
|
||||||
|
post api("/user_teams/#{user_team2.id}/members", admin), user_id: user2.id
|
||||||
|
response.status.should == 400
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should return a 422 error when access level is not known" do
|
||||||
|
post api("/user_teams/#{user_team2.id}/members", admin), user_id: user1.id, access_level: 1234
|
||||||
|
response.status.should == 422
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
# Get single member
|
||||||
|
describe "GET /user_teams/:id/members/:user_id" do
|
||||||
|
context "when authenticated as member" do
|
||||||
|
it "should show user1's membership of user_team1" do
|
||||||
|
get api("/user_teams/#{user_team1.id}/members/#{user1.id}", user1)
|
||||||
|
response.status.should == 200
|
||||||
|
json_response['name'].should == user1.name
|
||||||
|
json_response['access_level'].should == UsersProject::MASTER
|
||||||
|
end
|
||||||
|
it "should show that user2 is not member of user_team1" do
|
||||||
|
get api("/user_teams/#{user_team1.id}/members/#{user2.id}", user1)
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when authenticated as non-member" do
|
||||||
|
it "should not show user1's membership of user_team1" do
|
||||||
|
get api("/user_teams/#{user_team1.id}/members/#{user1.id}", user2)
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when authenticated as admin" do
|
||||||
|
it "should show user1's membership of user_team1" do
|
||||||
|
get api("/user_teams/#{user_team1.id}/members/#{user1.id}", admin)
|
||||||
|
response.status.should == 200
|
||||||
|
json_response['name'].should == user1.name
|
||||||
|
json_response['access_level'].should == UsersProject::MASTER
|
||||||
|
end
|
||||||
|
it "should return a 404 error when user id is not known" do
|
||||||
|
get api("/user_teams/#{user_team2.id}/members/1328", admin)
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "DELETE /user_teams/:id/members/:user_id" do
|
||||||
|
context "when authenticated as user" do
|
||||||
|
it "should not delete user1's membership of user_team1" do
|
||||||
|
delete api("/user_teams/#{user_team1.id}/members/#{user1.id}", user1)
|
||||||
|
response.status.should == 403
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when authenticated as admin" do
|
||||||
|
it "should delete user1's membership of user_team1" do
|
||||||
|
count_before=user_team1.user_team_user_relationships.count
|
||||||
|
delete api("/user_teams/#{user_team1.id}/members/#{user1.id}", admin)
|
||||||
|
response.status.should == 200
|
||||||
|
user_team1.user_team_user_relationships.count.should == count_before - 1
|
||||||
|
end
|
||||||
|
it "should return a 404 error when user id is not known" do
|
||||||
|
delete api("/user_teams/#{user_team2.id}/members/1328", admin)
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
# Projects
|
||||||
|
|
||||||
|
describe "GET /user_teams/:id/projects" do
|
||||||
|
context "when authenticated as user" do
|
||||||
|
it "should return project1 as assigned to user_team1 as member user1" do
|
||||||
|
get api("/user_teams/#{user_team1.id}/projects", user1)
|
||||||
|
response.status.should == 200
|
||||||
|
json_response.first['name'].should == project1.name
|
||||||
|
json_response.length.should == user_team1.user_team_project_relationships.count
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when authenticated as admin" do
|
||||||
|
it "should return project2 as assigned to user_team2 as non-member, but admin" do
|
||||||
|
get api("/user_teams/#{user_team2.id}/projects", admin)
|
||||||
|
response.status.should == 200
|
||||||
|
json_response.first['name'].should == project2.name
|
||||||
|
json_response.first['greatest_access_level'].should == UsersProject::MASTER
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "POST /user_teams/:id/projects" do
|
||||||
|
context "when authenticated as admin" do
|
||||||
|
it "should return ok and add new project" do
|
||||||
|
count_before=user_team1.user_team_project_relationships.count
|
||||||
|
post api("/user_teams/#{user_team1.id}/projects", admin),
|
||||||
|
project_id: project2.id,
|
||||||
|
greatest_access_level: UsersProject::MASTER
|
||||||
|
response.status.should == 201
|
||||||
|
json_response['name'].should == project2.name
|
||||||
|
json_response['greatest_access_level'].should == UsersProject::MASTER
|
||||||
|
user_team1.user_team_project_relationships.count.should == count_before + 1
|
||||||
|
end
|
||||||
|
it "should return ok if project already exists" do
|
||||||
|
post api("/user_teams/#{user_team2.id}/projects", admin),
|
||||||
|
project_id: project2.id,
|
||||||
|
greatest_access_level: UsersProject::MASTER
|
||||||
|
response.status.should == 409
|
||||||
|
end
|
||||||
|
it "should return a 400 error when project id is not given" do
|
||||||
|
post api("/user_teams/#{user_team2.id}/projects", admin), greatest_access_level: UsersProject::MASTER
|
||||||
|
response.status.should == 400
|
||||||
|
end
|
||||||
|
it "should return a 400 error when access level is not given" do
|
||||||
|
post api("/user_teams/#{user_team2.id}/projects", admin), project_id: project2.id
|
||||||
|
response.status.should == 400
|
||||||
|
end
|
||||||
|
|
||||||
|
it "should return a 422 error when access level is not known" do
|
||||||
|
post api("/user_teams/#{user_team2.id}/projects", admin),
|
||||||
|
project_id: project2.id,
|
||||||
|
greatest_access_level: 1234
|
||||||
|
response.status.should == 422
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
describe "GET /user_teams/:id/projects/:project_id" do
|
||||||
|
context "when authenticated as member" do
|
||||||
|
it "should show project1's assignment to user_team1" do
|
||||||
|
get api("/user_teams/#{user_team1.id}/projects/#{project1.id}", user1)
|
||||||
|
response.status.should == 200
|
||||||
|
json_response['name'].should == project1.name
|
||||||
|
json_response['greatest_access_level'].should == UsersProject::MASTER
|
||||||
|
end
|
||||||
|
it "should show project2's is not assigned to user_team1" do
|
||||||
|
get api("/user_teams/#{user_team1.id}/projects/#{project2.id}", user1)
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when authenticated as non-member" do
|
||||||
|
it "should not show project1's assignment to user_team1" do
|
||||||
|
get api("/user_teams/#{user_team1.id}/projects/#{project1.id}", user2)
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when authenticated as admin" do
|
||||||
|
it "should show project1's assignment to user_team1" do
|
||||||
|
get api("/user_teams/#{user_team1.id}/projects/#{project1.id}", admin)
|
||||||
|
response.status.should == 200
|
||||||
|
json_response['name'].should == project1.name
|
||||||
|
json_response['greatest_access_level'].should == UsersProject::MASTER
|
||||||
|
end
|
||||||
|
it "should return a 404 error when project id is not known" do
|
||||||
|
get api("/user_teams/#{user_team2.id}/projects/1328", admin)
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "DELETE /user_teams/:id/projects/:project_id" do
|
||||||
|
context "when authenticated as user" do
|
||||||
|
it "should not delete project1's assignment to user_team2" do
|
||||||
|
delete api("/user_teams/#{user_team2.id}/projects/#{project1.id}", user1)
|
||||||
|
response.status.should == 403
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when authenticated as admin" do
|
||||||
|
it "should delete project1's assignment to user_team1" do
|
||||||
|
count_before=user_team1.user_team_project_relationships.count
|
||||||
|
delete api("/user_teams/#{user_team1.id}/projects/#{project1.id}", admin)
|
||||||
|
response.status.should == 200
|
||||||
|
user_team1.user_team_project_relationships.count.should == count_before - 1
|
||||||
|
end
|
||||||
|
it "should return a 404 error when project id is not known" do
|
||||||
|
delete api("/user_teams/#{user_team2.id}/projects/1328", admin)
|
||||||
|
response.status.should == 404
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
Loading…
Reference in New Issue