return 400 on users search and feature is disabled
as the params block is evaluated when loading the class and the db connection is not available yet we can't use the feature toggle inside that block.
This commit is contained in:
parent
6385c7229c
commit
b0981097c3
3 changed files with 55 additions and 13 deletions
|
@ -53,15 +53,14 @@ module API
|
|||
# EE, without having to modify this file directly.
|
||||
end
|
||||
|
||||
params :scope do |options|
|
||||
scope_entities =
|
||||
if Feature.enabled?(:users_search, default_enabled: true)
|
||||
SCOPE_ENTITY
|
||||
else
|
||||
SCOPE_ENTITY.reject { |key, value| key == :users }
|
||||
def check_users_search_allowed!
|
||||
if Feature.disabled?(:users_search, default_enabled: true) && params[:scope].to_sym == :users
|
||||
render_api_error!({ error: _("Scope not supported with disabled 'users_search' feature!") }, 400)
|
||||
end
|
||||
end
|
||||
|
||||
values = scope_entities.stringify_keys.slice(*options[:values]).keys
|
||||
params :scope do |options|
|
||||
values = SCOPE_ENTITY.stringify_keys.slice(*options[:values]).keys
|
||||
|
||||
requires :scope,
|
||||
type: String,
|
||||
|
@ -81,6 +80,7 @@ module API
|
|||
end
|
||||
get do
|
||||
verify_search_scope!
|
||||
check_users_search_allowed!
|
||||
|
||||
present search, with: entity
|
||||
end
|
||||
|
@ -98,6 +98,7 @@ module API
|
|||
end
|
||||
get ':id/(-/)search' do
|
||||
verify_search_scope!
|
||||
check_users_search_allowed!
|
||||
|
||||
present search(group_id: user_group.id), with: entity
|
||||
end
|
||||
|
@ -114,6 +115,8 @@ module API
|
|||
use :pagination
|
||||
end
|
||||
get ':id/(-/)search' do
|
||||
check_users_search_allowed!
|
||||
|
||||
present search(project_id: user_project.id), with: entity
|
||||
end
|
||||
end
|
||||
|
|
|
@ -6632,6 +6632,9 @@ msgstr ""
|
|||
msgid "Scope"
|
||||
msgstr ""
|
||||
|
||||
msgid "Scope not supported with disabled 'users_search' feature!"
|
||||
msgstr ""
|
||||
|
||||
msgid "Scroll down to <strong>Google Code Project Hosting</strong> and enable the switch on the right."
|
||||
msgstr ""
|
||||
|
||||
|
|
|
@ -81,10 +81,22 @@ describe API::Search do
|
|||
before do
|
||||
create(:user, name: 'billy')
|
||||
|
||||
get api('/search', user), scope: 'users', search: 'billy'
|
||||
get api('/search', user), params: { scope: 'users', search: 'billy' }
|
||||
end
|
||||
|
||||
it_behaves_like 'response is correct', schema: 'public_api/v4/user/basics'
|
||||
|
||||
context 'when users search feature is disabled' do
|
||||
before do
|
||||
allow(Feature).to receive(:disabled?).with(:users_search, default_enabled: true).and_return(true)
|
||||
|
||||
get api('/search', user), params: { scope: 'users', search: 'billy' }
|
||||
end
|
||||
|
||||
it 'returns 400 error' do
|
||||
expect(response).to have_gitlab_http_status(400)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'for snippet_titles scope' do
|
||||
|
@ -203,15 +215,27 @@ describe API::Search do
|
|||
it_behaves_like 'response is correct', schema: 'public_api/v4/milestones'
|
||||
end
|
||||
|
||||
context 'for user scope' do
|
||||
context 'for users scope' do
|
||||
before do
|
||||
user = create(:user, name: 'billy')
|
||||
create(:group_member, :developer, user: user, group: group)
|
||||
|
||||
get api("/groups/#{group.id}/search", user), scope: 'users', search: 'billy'
|
||||
get api("/groups/#{group.id}/search", user), params: { scope: 'users', search: 'billy' }
|
||||
end
|
||||
|
||||
it_behaves_like 'response is correct', schema: 'public_api/v4/user/basics'
|
||||
|
||||
context 'when users search feature is disabled' do
|
||||
before do
|
||||
allow(Feature).to receive(:disabled?).with(:users_search, default_enabled: true).and_return(true)
|
||||
|
||||
get api("/groups/#{group.id}/search", user), params: { scope: 'users', search: 'billy' }
|
||||
end
|
||||
|
||||
it 'returns 400 error' do
|
||||
expect(response).to have_gitlab_http_status(400)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'for users scope with group path as id' do
|
||||
|
@ -219,7 +243,7 @@ describe API::Search do
|
|||
user1 = create(:user, name: 'billy')
|
||||
create(:group_member, :developer, user: user1, group: group)
|
||||
|
||||
get api("/groups/#{CGI.escape(group.full_path)}/search", user), scope: 'users', search: 'billy'
|
||||
get api("/groups/#{CGI.escape(group.full_path)}/search", user), params: { scope: 'users', search: 'billy' }
|
||||
end
|
||||
|
||||
it_behaves_like 'response is correct', schema: 'public_api/v4/user/basics'
|
||||
|
@ -306,10 +330,22 @@ describe API::Search do
|
|||
user1 = create(:user, name: 'billy')
|
||||
create(:project_member, :developer, user: user1, project: project)
|
||||
|
||||
get api("/projects/#{project.id}/search", user), scope: 'users', search: 'billy'
|
||||
get api("/projects/#{project.id}/search", user), params: { scope: 'users', search: 'billy' }
|
||||
end
|
||||
|
||||
it_behaves_like 'response is correct', schema: 'public_api/v4/user/basics'
|
||||
|
||||
context 'when users search feature is disabled' do
|
||||
before do
|
||||
allow(Feature).to receive(:disabled?).with(:users_search, default_enabled: true).and_return(true)
|
||||
|
||||
get api("/projects/#{project.id}/search", user), params: { scope: 'users', search: 'billy' }
|
||||
end
|
||||
|
||||
it 'returns 400 error' do
|
||||
expect(response).to have_gitlab_http_status(400)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'for notes scope' do
|
||||
|
|
Loading…
Reference in a new issue