diff --git a/doc/api/README.md b/doc/api/README.md index 65eec6bec3c..0618db7e369 100644 --- a/doc/api/README.md +++ b/doc/api/README.md @@ -32,6 +32,7 @@ When listing resources you can pass the following parameters: + [Users](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/users.md) + [Session](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/session.md) + [Projects](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/projects.md) ++ [Groups](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/groups.md) + [Snippets](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/snippets.md) + [Repositories](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/repositories.md) + [Issues](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/issues.md) diff --git a/doc/api/groups.md b/doc/api/groups.md new file mode 100644 index 00000000000..00a7387c76f --- /dev/null +++ b/doc/api/groups.md @@ -0,0 +1,45 @@ +## List project groups + +Get a list of groups. (As user: my groups, as admin: all groups) + +``` +GET /groups +``` + +```json +[ + { + "id": 1, + "name": "Foobar Group", + "path": "foo-bar", + "owner_id": 18 + } +] +``` + +## Details of group + +Get all details of a group. + +``` +GET /groups/:id +``` + +Parameters: + ++ `id` (required) - The ID of a group + +## New group + +Create a new project group. Available only for admin + +``` +POST /groups +``` + +Parameters: ++ `name` (required) - Email ++ `path` - Password + +Will return created group with status `201 Created` on success, or `404 Not found` on fail. + diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb new file mode 100644 index 00000000000..c9980db9ad6 --- /dev/null +++ b/spec/requests/api/groups_spec.rb @@ -0,0 +1,88 @@ +require 'spec_helper' + +describe Gitlab::API do + include ApiHelpers + + let(:user1) { create(:user) } + let(:user2) { create(:user) } + let(:admin) { create(:admin) } + let!(:group1) { create(:group, owner: user1) } + let!(:group2) { create(:group, owner: user2) } + + describe "GET /groups" do + context "when unauthenticated" do + it "should return authentication error" do + get api("/groups") + response.status.should == 401 + end + end + + context "when authenticated as user" do + it "normal user: should return an array of groups of user1" do + get api("/groups", user1) + response.status.should == 200 + json_response.should be_an Array + json_response.length.should == 1 + json_response.first['name'].should == group1.name + end + end + + context "when authenticated as admin" do + it "admin: should return an array of all groups" do + get api("/groups", admin) + response.status.should == 200 + json_response.should be_an Array + json_response.length.should == 2 + end + end + end + + describe "GET /groups/:id" do + context "when authenticated as user" do + it "should return one of user1's groups" do + get api("/groups/#{group1.id}", user1) + response.status.should == 200 + json_response['name'] == group1.name + end + + it "should not return a non existing group" do + get api("/groups/1328", user1) + response.status.should == 404 + end + + it "should not return a group not attached to user1" do + get api("/groups/#{group2.id}", user1) + response.status.should == 404 + end + end + + context "when authenticated as admin" do + it "should return any existing group" do + get api("/groups/#{group2.id}", admin) + response.status.should == 200 + json_response['name'] == group2.name + end + + it "should not return a non existing group" do + get api("/groups/1328", admin) + response.status.should == 404 + end + end + end + + describe "POST /groups" do + context "when authenticated as user" do + it "should not create group" do + post api("/groups", user1), attributes_for(:group) + response.status.should == 403 + end + end + + context "when authenticated as admin" do + it "should create group" do + post api("/groups", admin), attributes_for(:group) + response.status.should == 201 + end + end + end +end