Merge branch 'project-permissions' into 'master'

API: Project permissions

Merge branch 'project-permissions' into 'master'
API: Project permissions
0f204c32 · Dmitriy Zaporozhets · 63a8af67 · c02e3d44 · 0f204c32 · 0f204c32
Commit 0f204c32 authored Mar 17, 2014 by Dmitriy Zaporozhets
6 changed files
--- a/Gemfile
+++ b/Gemfile
@@ -48,7 +48,8 @@ gem "gitlab-linguist", "~> 3.0.0", require: "linguist"

 # API
 gem "grape", "~> 0.6.1"
-gem "grape-entity", "~> 0.3.0"
+# Replace with rubygems when nesteted entities get released
+gem "grape-entity", "~> 0.4.1", ref: 'd904381c951e86250c3f44213b349a3dd8e83fb1', git: 'https://github.com/intridea/grape-entity.git' 
 gem 'rack-cors', require: 'rack/cors'

 # Email validation

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -5,6 +5,15 @@ GIT
  specs:
    github-markup (0.7.6)

+GIT
+  remote: https://github.com/intridea/grape-entity.git
+  revision: d904381c951e86250c3f44213b349a3dd8e83fb1
+  ref: d904381c951e86250c3f44213b349a3dd8e83fb1
+  specs:
+    grape-entity (0.4.1)
+      activesupport
+      multi_json (>= 1.3.2)
+
 GEM
  remote: https://rubygems.org/
  specs:
@@ -206,9 +215,6 @@ GEM
      rack-accept
      rack-mount
      virtus (>= 1.0.0)
-    grape-entity (0.3.0)
-      activesupport
-      multi_json (>= 1.3.2)
    growl (1.0.3)
    guard (2.2.4)
      formatador (>= 0.2.4)
@@ -596,7 +602,7 @@ DEPENDENCIES
  gitlab_omniauth-ldap (= 1.0.4)
  gon (~> 5.0.0)
  grape (~> 0.6.1)
-  grape-entity (~> 0.3.0)
+  grape-entity (~> 0.4.1)!
  growl
  guard-rspec
  guard-spinach

--- a/doc/api/projects.md
+++ b/doc/api/projects.md
@@ -148,6 +148,16 @@ Parameters:
    "path": "diaspora",
    "updated_at": "2013-09-30T13: 46: 02Z"
  }
+  "permissions": {
+    "project_access": {
+      "access_level": 10,
+      "notification_level": 3
+    },
+    "group_access": {
+      "access_level": 50,
+      "notification_level": 3
+    }
+  }
 }
 ```


--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -44,7 +44,7 @@ module API
      expose :id, :description, :default_branch
      expose :public?, as: :public
      expose :visibility_level, :ssh_url_to_repo, :http_url_to_repo, :web_url
-      expose :owner, using: Entities::UserBasic
+      expose :owner, using: Entities::UserBasic, unless: ->(project, options) { project.group }
      expose :name, :name_with_namespace
      expose :path, :path_with_namespace
      expose :issues_enabled, :merge_requests_enabled, :wall_enabled, :wiki_enabled, :snippets_enabled, :created_at, :last_activity_at
@@ -58,18 +58,6 @@ module API
      end
    end

-    class TeamMember < UserBasic
-      expose :permission, as: :access_level do |user, options|
-        options[:user_team].user_team_user_relationships.find_by(user_id: user.id).permission
-      end
-    end
-
-    class TeamProject < Project
-      expose :greatest_access, as: :greatest_access_level do |project, options|
-        options[:user_team].user_team_project_relationships.find_by(project_id: project.id).greatest_access
-      end
-    end
-
    class Group < Grape::Entity
      expose :id, :name, :path, :owner_id
    end
@@ -144,7 +132,7 @@ module API
    end

    class MergeRequest < ProjectEntity
-      expose :target_branch, :source_branch, :title, :state, :upvotes, :downvotes
+      expose :target_branch, :source_branch, :title, :state, :upvotes, :downvotes, :description
      expose :author, :assignee, using: Entities::UserBasic
      expose :source_project_id, :target_project_id
    end
@@ -175,5 +163,29 @@ module API
    class Namespace < Grape::Entity
      expose :id, :path, :kind
    end
+
+    class ProjectAccess < Grape::Entity
+      expose :project_access, as: :access_level
+      expose :notification_level
+    end
+
+    class GroupAccess < Grape::Entity
+      expose :group_access, as: :access_level
+      expose :notification_level
+    end
+
+    class ProjectWithAccess < Project
+      expose :permissions do
+        expose :project_access, using: Entities::ProjectAccess do |project, options|
+          project.users_projects.find_by(user_id: options[:user].id)
+        end
+
+        expose :group_access, using: Entities::GroupAccess do |project, options|
+          if project.group
+            project.group.users_groups.find_by(user_id: options[:user].id)
+          end
+        end
+      end
+    end
  end
 end
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -48,7 +48,7 @@ module API
      # Example Request:
      #   GET /projects/:id
      get ":id" do
-        present user_project, with: Entities::Project
+        present user_project, with: Entities::ProjectWithAccess, user: current_user
      end

      # Get a single project events

--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -259,6 +259,7 @@ describe API::API do

  describe "GET /projects/:id" do
    before { project }
+    before { users_project }

    it "should return a project by id" do
      get api("/projects/#{project.id}", user)
@@ -284,6 +285,28 @@ describe API::API do
      get api("/projects/#{project.id}", other_user)
      response.status.should == 404
    end
+
+    describe 'permissions' do
+      context 'personal project' do
+        before { get api("/projects/#{project.id}", user) }
+
+        it { response.status.should == 200 }
+        it { json_response['permissions']["project_access"]["access_level"].should == Gitlab::Access::MASTER }
+        it { json_response['permissions']["group_access"].should be_nil }
+      end
+
+      context 'group project' do
+        before do
+          project2 = create(:project, group: create(:group))
+          project2.group.add_owner(user)
+          get api("/projects/#{project2.id}", user)
+        end
+
+        it { response.status.should == 200 }
+        it { json_response['permissions']["project_access"].should be_nil }
+        it { json_response['permissions']["group_access"]["access_level"].should == Gitlab::Access::OWNER }
+      end
+    end
  end

  describe "GET /projects/:id/events" do