gitlab-org--gitlab-foss/spec/requests/api/system_hooks_spec.rb

# frozen_string_literal: true

require 'spec_helper'

RSpec.describe API::SystemHooks do
  include StubRequests

  let(:user) { create(:user) }
  let(:admin) { create(:admin) }
  let!(:hook) { create(:system_hook, url: "http://example.com") }

  before do
    stub_full_request(hook.url, method: :post)
  end

  describe "GET /hooks" do
    context "when no user" do
      it "returns authentication error" do
        get api("/hooks")

        expect(response).to have_gitlab_http_status(:unauthorized)
      end
    end

    context "when not an admin" do
      it "returns forbidden error" do
        get api("/hooks", user)

        expect(response).to have_gitlab_http_status(:forbidden)
      end
    end

    context "when authenticated as admin" do
      it "returns an array of hooks" do
        get api("/hooks", admin)

        expect(response).to have_gitlab_http_status(:ok)
        expect(response).to include_pagination_headers
        expect(json_response).to be_an Array
        expect(json_response.first['url']).to eq(hook.url)
        expect(json_response.first['push_events']).to be false
        expect(json_response.first['tag_push_events']).to be false
        expect(json_response.first['merge_requests_events']).to be false
        expect(json_response.first['repository_update_events']).to be true
      end
    end
  end

  describe "POST /hooks" do
    it "creates new hook" do
      expect do
        post api("/hooks", admin), params: { url: 'http://example.com' }
      end.to change { SystemHook.count }.by(1)
    end

    it "responds with 400 if url not given" do
      post api("/hooks", admin)

      expect(response).to have_gitlab_http_status(:bad_request)
    end

    it "responds with 400 if url is invalid" do
      post api("/hooks", admin), params: { url: 'hp://mep.mep' }

      expect(response).to have_gitlab_http_status(:bad_request)
    end

    it "does not create new hook without url" do
      expect do
        post api("/hooks", admin)
      end.not_to change { SystemHook.count }
    end

    it 'sets default values for events' do
      stub_full_request('http://mep.mep', method: :post)

      post api('/hooks', admin), params: { url: 'http://mep.mep' }

      expect(response).to have_gitlab_http_status(:created)
      expect(json_response['enable_ssl_verification']).to be true
      expect(json_response['push_events']).to be false
      expect(json_response['tag_push_events']).to be false
      expect(json_response['merge_requests_events']).to be false
    end

    it 'sets explicit values for events' do
      stub_full_request('http://mep.mep', method: :post)

      post api('/hooks', admin),
        params: {
          url: 'http://mep.mep',
          enable_ssl_verification: false,
          push_events: true,
          tag_push_events: true,
          merge_requests_events: true
        }

      expect(response).to have_gitlab_http_status(:created)
      expect(json_response['enable_ssl_verification']).to be false
      expect(json_response['push_events']).to be true
      expect(json_response['tag_push_events']).to be true
      expect(json_response['merge_requests_events']).to be true
    end
  end

  describe "GET /hooks/:id" do
    it "returns hook by id" do
      get api("/hooks/#{hook.id}", admin)
      expect(response).to have_gitlab_http_status(:ok)
      expect(json_response['event_name']).to eq('project_create')
    end

    it "returns 404 on failure" do
      get api("/hooks/404", admin)
      expect(response).to have_gitlab_http_status(:not_found)
    end
  end

  describe "DELETE /hooks/:id" do
    it "deletes a hook" do
      expect do
        delete api("/hooks/#{hook.id}", admin)

        expect(response).to have_gitlab_http_status(:no_content)
      end.to change { SystemHook.count }.by(-1)
    end

    it 'returns 404 if the system hook does not exist' do
      delete api("/hooks/#{non_existing_record_id}", admin)

      expect(response).to have_gitlab_http_status(:not_found)
    end

    it_behaves_like '412 response' do
      let(:request) { api("/hooks/#{hook.id}", admin) }
    end
  end
end