Fix doc linting errors and remove useless API specs
Signed-off-by: Rémy Coutable <remy@rymai.me>
This commit is contained in:
parent
5010be7766
commit
115c00fd7e
|
@ -30,8 +30,8 @@ GET /projects/:id/access_requests
|
|||
| `id` | integer/string | yes | The group/project ID or path |
|
||||
|
||||
```bash
|
||||
curl -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/access_requests
|
||||
curl -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/access_requests
|
||||
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/access_requests
|
||||
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/access_requests
|
||||
```
|
||||
|
||||
Example response:
|
||||
|
@ -73,8 +73,8 @@ POST /projects/:id/access_requests
|
|||
| `id` | integer/string | yes | The group/project ID or path |
|
||||
|
||||
```bash
|
||||
curl -X POST -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/access_requests
|
||||
curl -X POST -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/access_requests
|
||||
curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/access_requests
|
||||
curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/access_requests
|
||||
```
|
||||
|
||||
Example response:
|
||||
|
@ -108,8 +108,8 @@ PUT /projects/:id/access_requests/:user_id/approve
|
|||
| `access_level` | integer | no | A valid access level (defaults: `30`, developer access level) |
|
||||
|
||||
```bash
|
||||
curl -X PUT -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/access_requests/:user_id/approve?access_level=20
|
||||
curl -X PUT -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/access_requests/:user_id/approve?access_level=20
|
||||
curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/access_requests/:user_id/approve?access_level=20
|
||||
curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/access_requests/:user_id/approve?access_level=20
|
||||
```
|
||||
|
||||
Example response:
|
||||
|
@ -142,6 +142,6 @@ DELETE /projects/:id/access_requests/:user_id
|
|||
| `user_id` | integer | yes | The user ID of the access requester |
|
||||
|
||||
```bash
|
||||
curl -X DELETE -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/access_requests/:user_id
|
||||
curl -X DELETE -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/access_requests/:user_id
|
||||
curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/access_requests/:user_id
|
||||
curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/access_requests/:user_id
|
||||
```
|
||||
|
|
|
@ -29,8 +29,8 @@ GET /projects/:id/members
|
|||
| `query` | string | no | A query string to search for members |
|
||||
|
||||
```bash
|
||||
curl -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/members
|
||||
curl -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/members
|
||||
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/members
|
||||
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/members
|
||||
```
|
||||
|
||||
Example response:
|
||||
|
@ -73,8 +73,8 @@ GET /projects/:id/members/:user_id
|
|||
| `user_id` | integer | yes | The user ID of the member |
|
||||
|
||||
```bash
|
||||
curl -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/members/:user_id
|
||||
curl -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/members/:user_id
|
||||
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/members/:user_id
|
||||
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/members/:user_id
|
||||
```
|
||||
|
||||
Example response:
|
||||
|
@ -108,8 +108,8 @@ POST /projects/:id/members
|
|||
| `access_level` | integer | yes | A valid access level |
|
||||
|
||||
```bash
|
||||
curl -X POST -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/members/:user_id?access_level=30
|
||||
curl -X POST -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/members/:user_id?access_level=30
|
||||
curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/members/:user_id?access_level=30
|
||||
curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/members/:user_id?access_level=30
|
||||
```
|
||||
|
||||
Example response:
|
||||
|
@ -143,8 +143,8 @@ PUT /projects/:id/members/:user_id
|
|||
| `access_level` | integer | yes | A valid access level |
|
||||
|
||||
```bash
|
||||
curl -X PUT -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/members/:user_id?access_level=40
|
||||
curl -X PUT -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/members/:user_id?access_level=40
|
||||
curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/members/:user_id?access_level=40
|
||||
curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/members/:user_id?access_level=40
|
||||
```
|
||||
|
||||
Example response:
|
||||
|
@ -177,6 +177,6 @@ DELETE /projects/:id/members/:user_id
|
|||
| `user_id` | integer | yes | The user ID of the member |
|
||||
|
||||
```bash
|
||||
curl -X DELETE -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/members/:user_id
|
||||
curl -X DELETE -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/members/:user_id
|
||||
curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/:id/members/:user_id
|
||||
curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/projects/:id/members/:user_id
|
||||
```
|
||||
|
|
|
@ -1,199 +0,0 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe API::API, api: true do
|
||||
include ApiHelpers
|
||||
|
||||
let(:owner) { create(:user) }
|
||||
let(:reporter) { create(:user) }
|
||||
let(:developer) { create(:user) }
|
||||
let(:master) { create(:user) }
|
||||
let(:guest) { create(:user) }
|
||||
let(:stranger) { create(:user) }
|
||||
|
||||
let!(:group_with_members) do
|
||||
group = create(:group, :private)
|
||||
group.add_users([reporter.id], GroupMember::REPORTER)
|
||||
group.add_users([developer.id], GroupMember::DEVELOPER)
|
||||
group.add_users([master.id], GroupMember::MASTER)
|
||||
group.add_users([guest.id], GroupMember::GUEST)
|
||||
group
|
||||
end
|
||||
|
||||
let!(:group_no_members) { create(:group) }
|
||||
|
||||
before do
|
||||
group_with_members.add_owner owner
|
||||
group_no_members.add_owner owner
|
||||
end
|
||||
|
||||
describe "GET /groups/:id/members" do
|
||||
context "when authenticated as user that is part or the group" do
|
||||
it "each user: returns an array of members groups of group3" do
|
||||
[owner, master, developer, reporter, guest].each do |user|
|
||||
get api("/groups/#{group_with_members.id}/members", user)
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_an Array
|
||||
expect(json_response.size).to eq(5)
|
||||
expect(json_response.find { |e| e['id'] == owner.id }['access_level']).to eq(GroupMember::OWNER)
|
||||
expect(json_response.find { |e| e['id'] == reporter.id }['access_level']).to eq(GroupMember::REPORTER)
|
||||
expect(json_response.find { |e| e['id'] == developer.id }['access_level']).to eq(GroupMember::DEVELOPER)
|
||||
expect(json_response.find { |e| e['id'] == master.id }['access_level']).to eq(GroupMember::MASTER)
|
||||
expect(json_response.find { |e| e['id'] == guest.id }['access_level']).to eq(GroupMember::GUEST)
|
||||
end
|
||||
end
|
||||
|
||||
it 'users not part of the group should get access error' do
|
||||
get api("/groups/#{group_with_members.id}/members", stranger)
|
||||
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe "POST /groups/:id/members" do
|
||||
context "when not a member of the group" do
|
||||
it "does not add guest as member of group_no_members when adding being done by person outside the group" do
|
||||
post api("/groups/#{group_no_members.id}/members", reporter), user_id: guest.id, access_level: GroupMember::MASTER
|
||||
expect(response).to have_http_status(403)
|
||||
end
|
||||
end
|
||||
|
||||
context "when a member of the group" do
|
||||
it "returns ok and add new member" do
|
||||
new_user = create(:user)
|
||||
|
||||
expect do
|
||||
post api("/groups/#{group_no_members.id}/members", owner), user_id: new_user.id, access_level: GroupMember::MASTER
|
||||
end.to change { group_no_members.members.count }.by(1)
|
||||
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response['name']).to eq(new_user.name)
|
||||
expect(json_response['access_level']).to eq(GroupMember::MASTER)
|
||||
end
|
||||
|
||||
it "does not allow guest to modify group members" do
|
||||
new_user = create(:user)
|
||||
|
||||
expect do
|
||||
post api("/groups/#{group_with_members.id}/members", guest), user_id: new_user.id, access_level: GroupMember::MASTER
|
||||
end.not_to change { group_with_members.members.count }
|
||||
|
||||
expect(response).to have_http_status(403)
|
||||
end
|
||||
|
||||
it "returns error if member already exists" do
|
||||
post api("/groups/#{group_with_members.id}/members", owner), user_id: master.id, access_level: GroupMember::MASTER
|
||||
expect(response).to have_http_status(409)
|
||||
end
|
||||
|
||||
it "returns a 400 error when user id is not given" do
|
||||
post api("/groups/#{group_no_members.id}/members", owner), access_level: GroupMember::MASTER
|
||||
expect(response).to have_http_status(400)
|
||||
end
|
||||
|
||||
it "returns a 400 error when access level is not given" do
|
||||
post api("/groups/#{group_no_members.id}/members", owner), user_id: master.id
|
||||
expect(response).to have_http_status(400)
|
||||
end
|
||||
|
||||
it "returns a 422 error when access level is not known" do
|
||||
post api("/groups/#{group_no_members.id}/members", owner), user_id: master.id, access_level: 1234
|
||||
expect(response).to have_http_status(422)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'PUT /groups/:id/members/:user_id' do
|
||||
context 'when not a member of the group' do
|
||||
it 'returns a 409 error if the user is not a group member' do
|
||||
put(
|
||||
api("/groups/#{group_no_members.id}/members/#{developer.id}",
|
||||
owner), access_level: GroupMember::MASTER
|
||||
)
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when a member of the group' do
|
||||
it 'returns ok and update member access level' do
|
||||
put(
|
||||
api("/groups/#{group_with_members.id}/members/#{reporter.id}",
|
||||
owner),
|
||||
access_level: GroupMember::MASTER
|
||||
)
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
|
||||
get api("/groups/#{group_with_members.id}/members", owner)
|
||||
json_reporter = json_response.find do |e|
|
||||
e['id'] == reporter.id
|
||||
end
|
||||
|
||||
expect(json_reporter['access_level']).to eq(GroupMember::MASTER)
|
||||
end
|
||||
|
||||
it 'does not allow guest to modify group members' do
|
||||
put(
|
||||
api("/groups/#{group_with_members.id}/members/#{developer.id}",
|
||||
guest),
|
||||
access_level: GroupMember::MASTER
|
||||
)
|
||||
|
||||
expect(response).to have_http_status(403)
|
||||
|
||||
get api("/groups/#{group_with_members.id}/members", owner)
|
||||
json_developer = json_response.find do |e|
|
||||
e['id'] == developer.id
|
||||
end
|
||||
|
||||
expect(json_developer['access_level']).to eq(GroupMember::DEVELOPER)
|
||||
end
|
||||
|
||||
it 'returns a 400 error when access level is not given' do
|
||||
put(
|
||||
api("/groups/#{group_with_members.id}/members/#{master.id}", owner)
|
||||
)
|
||||
expect(response).to have_http_status(400)
|
||||
end
|
||||
|
||||
it 'returns a 422 error when access level is not known' do
|
||||
put(
|
||||
api("/groups/#{group_with_members.id}/members/#{master.id}", owner),
|
||||
access_level: 1234
|
||||
)
|
||||
expect(response).to have_http_status(422)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'DELETE /groups/:id/members/:user_id' do
|
||||
context 'when not a member of the group' do
|
||||
it "does not delete guest's membership of group_with_members" do
|
||||
random_user = create(:user)
|
||||
delete api("/groups/#{group_with_members.id}/members/#{owner.id}", random_user)
|
||||
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
|
||||
context "when a member of the group" do
|
||||
it "deletes guest's membership of group" do
|
||||
expect do
|
||||
delete api("/groups/#{group_with_members.id}/members/#{guest.id}", owner)
|
||||
end.to change { group_with_members.members.count }.by(-1)
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it "returns a 404 error when user id is not known" do
|
||||
delete api("/groups/#{group_with_members.id}/members/1328", owner)
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
|
||||
it "does not allow guest to modify group members" do
|
||||
delete api("/groups/#{group_with_members.id}/members/#{master.id}", guest)
|
||||
expect(response).to have_http_status(403)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -1,166 +0,0 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe API::API, api: true do
|
||||
include ApiHelpers
|
||||
let(:user) { create(:user) }
|
||||
let(:user2) { create(:user) }
|
||||
let(:user3) { create(:user) }
|
||||
let(:project) { create(:project, creator_id: user.id, namespace: user.namespace) }
|
||||
let(:project_member) { create(:project_member, :master, user: user, project: project) }
|
||||
let(:project_member2) { create(:project_member, :developer, user: user3, project: project) }
|
||||
|
||||
describe "GET /projects/:id/members" do
|
||||
before { project_member }
|
||||
before { project_member2 }
|
||||
|
||||
it "returns project team members" do
|
||||
get api("/projects/#{project.id}/members", user)
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_an Array
|
||||
expect(json_response.count).to eq(2)
|
||||
expect(json_response.map { |u| u['username'] }).to include user.username
|
||||
end
|
||||
|
||||
it "finds team members with query string" do
|
||||
get api("/projects/#{project.id}/members", user), query: user.username
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response).to be_an Array
|
||||
expect(json_response.count).to eq(1)
|
||||
expect(json_response.first['username']).to eq(user.username)
|
||||
end
|
||||
|
||||
it "returns a 404 error if id not found" do
|
||||
get api("/projects/9999/members", user)
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
|
||||
describe "GET /projects/:id/members/:user_id" do
|
||||
before { project_member }
|
||||
|
||||
it "returns project team member" do
|
||||
get api("/projects/#{project.id}/members/#{user.id}", user)
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response['username']).to eq(user.username)
|
||||
expect(json_response['access_level']).to eq(ProjectMember::MASTER)
|
||||
end
|
||||
|
||||
it "returns a 404 error if user id not found" do
|
||||
get api("/projects/#{project.id}/members/1234", user)
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
end
|
||||
|
||||
describe "POST /projects/:id/members" do
|
||||
it "adds user to project team" do
|
||||
expect do
|
||||
post api("/projects/#{project.id}/members", user), user_id: user2.id, access_level: ProjectMember::DEVELOPER
|
||||
end.to change { ProjectMember.count }.by(1)
|
||||
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response['username']).to eq(user2.username)
|
||||
expect(json_response['access_level']).to eq(ProjectMember::DEVELOPER)
|
||||
end
|
||||
|
||||
it "returns a 201 status if user is already project member" do
|
||||
post api("/projects/#{project.id}/members", user),
|
||||
user_id: user2.id,
|
||||
access_level: ProjectMember::DEVELOPER
|
||||
expect do
|
||||
post api("/projects/#{project.id}/members", user), user_id: user2.id, access_level: ProjectMember::DEVELOPER
|
||||
end.not_to change { ProjectMember.count }
|
||||
|
||||
expect(response).to have_http_status(201)
|
||||
expect(json_response['username']).to eq(user2.username)
|
||||
expect(json_response['access_level']).to eq(ProjectMember::DEVELOPER)
|
||||
end
|
||||
|
||||
it "returns a 400 error when user id is not given" do
|
||||
post api("/projects/#{project.id}/members", user), access_level: ProjectMember::MASTER
|
||||
expect(response).to have_http_status(400)
|
||||
end
|
||||
|
||||
it "returns a 400 error when access level is not given" do
|
||||
post api("/projects/#{project.id}/members", user), user_id: user2.id
|
||||
expect(response).to have_http_status(400)
|
||||
end
|
||||
|
||||
it "returns a 422 error when access level is not known" do
|
||||
post api("/projects/#{project.id}/members", user), user_id: user2.id, access_level: 1234
|
||||
expect(response).to have_http_status(422)
|
||||
end
|
||||
end
|
||||
|
||||
describe "PUT /projects/:id/members/:user_id" do
|
||||
before { project_member2 }
|
||||
|
||||
it "updates project team member" do
|
||||
put api("/projects/#{project.id}/members/#{user3.id}", user), access_level: ProjectMember::MASTER
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response['username']).to eq(user3.username)
|
||||
expect(json_response['access_level']).to eq(ProjectMember::MASTER)
|
||||
end
|
||||
|
||||
it "returns a 404 error if user_id is not found" do
|
||||
put api("/projects/#{project.id}/members/1234", user), access_level: ProjectMember::MASTER
|
||||
expect(response).to have_http_status(404)
|
||||
end
|
||||
|
||||
it "returns a 400 error when access level is not given" do
|
||||
put api("/projects/#{project.id}/members/#{user3.id}", user)
|
||||
expect(response).to have_http_status(400)
|
||||
end
|
||||
|
||||
it "returns a 422 error when access level is not known" do
|
||||
put api("/projects/#{project.id}/members/#{user3.id}", user), access_level: 123
|
||||
expect(response).to have_http_status(422)
|
||||
end
|
||||
end
|
||||
|
||||
describe "DELETE /projects/:id/members/:user_id" do
|
||||
before do
|
||||
project_member
|
||||
project_member2
|
||||
end
|
||||
|
||||
it "removes user from project team" do
|
||||
expect do
|
||||
delete api("/projects/#{project.id}/members/#{user3.id}", user)
|
||||
end.to change { ProjectMember.count }.by(-1)
|
||||
end
|
||||
|
||||
it "returns 200 if team member is not part of a project" do
|
||||
delete api("/projects/#{project.id}/members/#{user3.id}", user)
|
||||
expect do
|
||||
delete api("/projects/#{project.id}/members/#{user3.id}", user)
|
||||
end.not_to change { ProjectMember.count }
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it "returns 200 if team member already removed" do
|
||||
delete api("/projects/#{project.id}/members/#{user3.id}", user)
|
||||
delete api("/projects/#{project.id}/members/#{user3.id}", user)
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
|
||||
it "returns 200 OK when the user was not member" do
|
||||
expect do
|
||||
delete api("/projects/#{project.id}/members/1000000", user)
|
||||
end.to change { ProjectMember.count }.by(0)
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response['id']).to eq(1000000)
|
||||
expect(json_response['message']).to eq('Access revoked')
|
||||
end
|
||||
|
||||
context 'when the user is not an admin or owner' do
|
||||
it 'can leave the project' do
|
||||
expect do
|
||||
delete api("/projects/#{project.id}/members/#{user3.id}", user3)
|
||||
end.to change { ProjectMember.count }.by(-1)
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
expect(json_response['id']).to eq(user3.id)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue