Split /runners entrypoint to /runners and /runners/all

2016-02-02 15:52:02 +01:00 · 2016-02-02 15:52:02 +01:00 · 81ced6f55b
commit 81ced6f55b
parent b56ee397bb
3 changed files with 115 additions and 29 deletions
--- a/doc/api/runners.md
+++ b/doc/api/runners.md
@ -1,8 +1,8 @@
 # Runners API

-## List runners
+## List owned runners

-Get a list of runners.
+Get a list of specific runners available for user.

 ```
 GET /runners
@ -37,6 +37,57 @@ Example response:
 ]
 ```

+## List all runners
+
+Get a list of all runners (specific and shared). Access restricted to users with `admin` privileges.
+
+```
+GET /runners/all
+```
+
+| Attribute | Type    | Required | Description         |
+|-----------|---------|----------|---------------------|
+| `scope`   | string  | no       | The scope of runners to show, one of: `specific`, `shared`, `active`, `paused`, `online`; showing all runners if none provided |
+
+```
+curl -H "PRIVATE_TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v3/runners/all"
+```
+
+Example response:
+
+```json
+[
+    {
+        "active": true,
+        "description": "shared-runner-1",
+        "id": 1,
+        "is_shared": true,
+        "name": null
+    },
+    {
+        "active": true,
+        "description": "shared-runner-2",
+        "id": 3,
+        "is_shared": true,
+        "name": null
+    },
+    {
+        "active": true,
+        "description": "test-1-20150125",
+        "id": 6,
+        "is_shared": false,
+        "name": null
+    },
+    {
+        "active": true,
+        "description": "test-2-20150125",
+        "id": 8,
+        "is_shared": false,
+        "name": null
+    }
+]
+```
+
 ## Get runner's details

 Get details of a runner.
--- a/lib/api/runners.rb
+++ b/lib/api/runners.rb
@ -4,19 +4,22 @@ module API
    before { authenticate! }

    resource :runners do
-      # Get available shared runners
+      # Get runners available for user
      #
      # Example Request:
      #   GET /runners
      get do
-        runners =
-          if current_user.is_admin?
-            Ci::Runner.all
-          else
-            current_user.ci_authorized_runners
-          end
+        runners = filter_runners(current_user.ci_authorized_runners, params[:scope])
+        present paginate(runners), with: Entities::Runner
+      end

-        runners = filter_runners(runners, params[:scope])
+      # Get all runners - shared and specific
+      #
+      # Example Request:
+      #   GET /runners/all
+      get 'all' do
+        authenticated_as_admin!
+        runners = filter_runners(Ci::Runner.all, params[:scope])
        present paginate(runners), with: Entities::Runner
      end

--- a/spec/requests/api/runners_spec.rb
+++ b/spec/requests/api/runners_spec.rb
@ -23,26 +23,13 @@ describe API::API, api: true  do

  describe 'GET /runners' do
    context 'authorized user' do
-      context 'authorized user with admin privileges' do
-        it 'should return all runners' do
-          get api('/runners', admin)
-          shared = false || json_response.map{ |r| r['is_shared'] }.inject{ |sum, shr| sum || shr}
+      it 'should return user available runners' do
+        get api('/runners', user)
+        shared = false || json_response.map{ |r| r['is_shared'] }.inject{ |sum, shr| sum || shr}

-          expect(response.status).to eq(200)
-          expect(json_response).to be_an Array
-          expect(shared).to be_truthy
-        end
-      end
-
-      context 'authorized user without admin privileges' do
-        it 'should return user available runners' do
-          get api('/runners', user)
-          shared = false || json_response.map{ |r| r['is_shared'] }.inject{ |sum, shr| sum || shr}
-
-          expect(response.status).to eq(200)
-          expect(json_response).to be_an Array
-          expect(shared).to be_falsey
-        end
+        expect(response.status).to eq(200)
+        expect(json_response).to be_an Array
+        expect(shared).to be_falsey
      end

      it 'should filter runners by scope' do
@ -69,6 +56,51 @@ describe API::API, api: true  do
    end
  end

+  describe 'GET /runners/all' do
+    context 'authorized user' do
+      context 'with admin privileges' do
+        it 'should return all runners' do
+          get api('/runners/all', admin)
+          shared = false || json_response.map{ |r| r['is_shared'] }.inject{ |sum, shr| sum || shr}
+
+          expect(response.status).to eq(200)
+          expect(json_response).to be_an Array
+          expect(shared).to be_truthy
+        end
+      end
+
+      context 'without admin privileges' do
+        it 'should not return runners list' do
+          get api('/runners/all', user)
+
+          expect(response.status).to eq(403)
+        end
+      end
+
+      it 'should filter runners by scope' do
+        get api('/runners?scope=specific', admin)
+        shared = false || json_response.map{ |r| r['is_shared'] }.inject{ |sum, shr| sum || shr}
+
+        expect(response.status).to eq(200)
+        expect(json_response).to be_an Array
+        expect(shared).to be_falsey
+      end
+
+      it 'should avoid filtering if scope is invalid' do
+        get api('/runners?scope=unknown', admin)
+        expect(response.status).to eq(400)
+      end
+    end
+
+    context 'unauthorized user' do
+      it 'should not return runners' do
+        get api('/runners')
+
+        expect(response.status).to eq(401)
+      end
+    end
+  end
+
  describe 'GET /runners/:id' do
    context 'admin user' do
      it "should return runner's details" do