Commit 5656a1d6 authored by Douwe Maan's avatar Douwe Maan

Merge branch 'fj-41174-projects-groups-badges-api' into 'master'

Projects and groups badges API

See merge request gitlab-org/gitlab-ce!17082
parents 49f72d06 8fe880dc
class Badge < ActiveRecord::Base
# This structure sets the placeholders that the urls
# can have. This hash also sets which action to ask when
# the placeholder is found.
PLACEHOLDERS = {
'project_path' => :full_path,
'project_id' => :id,
'default_branch' => :default_branch,
'commit_sha' => ->(project) { project.commit&.sha }
}.freeze
# This regex is built dynamically using the keys from the PLACEHOLDER struct.
# So, we can easily add new placeholder just by modifying the PLACEHOLDER hash.
# This regex will build the new PLACEHOLDER_REGEX with the new information
PLACEHOLDERS_REGEX = /(#{PLACEHOLDERS.keys.join('|')})/.freeze
default_scope { order_created_at_asc }
scope :order_created_at_asc, -> { reorder(created_at: :asc) }
validates :link_url, :image_url, url_placeholder: { protocols: %w(http https), placeholder_regex: PLACEHOLDERS_REGEX }
validates :type, presence: true
def rendered_link_url(project = nil)
build_rendered_url(link_url, project)
end
def rendered_image_url(project = nil)
build_rendered_url(image_url, project)
end
private
def build_rendered_url(url, project = nil)
return url unless valid? && project
Gitlab::StringPlaceholderReplacer.replace_string_placeholders(url, PLACEHOLDERS_REGEX) do |arg|
replace_placeholder_action(PLACEHOLDERS[arg], project)
end
end
# The action param represents the :symbol or Proc to call in order
# to retrieve the return value from the project.
# This method checks if it is a Proc and use the call method, and if it is
# a symbol just send the action
def replace_placeholder_action(action, project)
return unless project
action.is_a?(Proc) ? action.call(project) : project.public_send(action) # rubocop:disable GitlabSecurity/PublicSend
end
end
class GroupBadge < Badge
belongs_to :group
validates :group, presence: true
end
class ProjectBadge < Badge
belongs_to :project
validates :project, presence: true
def rendered_link_url(project = nil)
project ||= self.project
super
end
def rendered_image_url(project = nil)
project ||= self.project
super
end
end
...@@ -31,6 +31,8 @@ class Group < Namespace ...@@ -31,6 +31,8 @@ class Group < Namespace
has_many :uploads, as: :model, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent has_many :uploads, as: :model, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
has_many :badges, class_name: 'GroupBadge'
accepts_nested_attributes_for :variables, allow_destroy: true accepts_nested_attributes_for :variables, allow_destroy: true
validate :visibility_level_allowed_by_projects validate :visibility_level_allowed_by_projects
......
...@@ -221,6 +221,8 @@ class Project < ActiveRecord::Base ...@@ -221,6 +221,8 @@ class Project < ActiveRecord::Base
has_one :auto_devops, class_name: 'ProjectAutoDevops' has_one :auto_devops, class_name: 'ProjectAutoDevops'
has_many :custom_attributes, class_name: 'ProjectCustomAttribute' has_many :custom_attributes, class_name: 'ProjectCustomAttribute'
has_many :project_badges, class_name: 'ProjectBadge'
accepts_nested_attributes_for :variables, allow_destroy: true accepts_nested_attributes_for :variables, allow_destroy: true
accepts_nested_attributes_for :project_feature, update_only: true accepts_nested_attributes_for :project_feature, update_only: true
accepts_nested_attributes_for :import_data accepts_nested_attributes_for :import_data
...@@ -1766,6 +1768,17 @@ class Project < ActiveRecord::Base ...@@ -1766,6 +1768,17 @@ class Project < ActiveRecord::Base
.set(import_jid, StuckImportJobsWorker::IMPORT_JOBS_EXPIRATION) .set(import_jid, StuckImportJobsWorker::IMPORT_JOBS_EXPIRATION)
end end
def badges
return project_badges unless group
group_badges_rel = GroupBadge.where(group: group.self_and_ancestors)
union = Gitlab::SQL::Union.new([project_badges.select(:id),
group_badges_rel.select(:id)])
Badge.where("id IN (#{union.to_sql})") # rubocop:disable GitlabSecurity/SqlInjection
end
private private
def storage def storage
......
module Badges
class BaseService
protected
attr_accessor :params
def initialize(params = {})
@params = params.dup
end
end
end
module Badges
class BuildService < Badges::BaseService
# returns the created badge
def execute(source)
if source.is_a?(Group)
GroupBadge.new(params.merge(group: source))
else
ProjectBadge.new(params.merge(project: source))
end
end
end
end
module Badges
class CreateService < Badges::BaseService
# returns the created badge
def execute(source)
badge = Badges::BuildService.new(params).execute(source)
badge.tap { |b| b.save }
end
end
end
module Badges
class UpdateService < Badges::BaseService
# returns the updated badge
def execute(badge)
if params.present?
badge.update_attributes(params)
end
badge
end
end
end
# UrlValidator
#
# Custom validator for URLs.
#
# By default, only URLs for the HTTP(S) protocols will be considered valid.
# Provide a `:protocols` option to configure accepted protocols.
#
# Also, this validator can help you validate urls with placeholders inside.
# Usually, if you have a url like 'http://www.example.com/%{project_path}' the
# URI parser will reject that URL format. Provide a `:placeholder_regex` option
# to configure accepted placeholders.
#
# Example:
#
# class User < ActiveRecord::Base
# validates :personal_url, url: true
#
# validates :ftp_url, url: { protocols: %w(ftp) }
#
# validates :git_url, url: { protocols: %w(http https ssh git) }
#
# validates :placeholder_url, url: { placeholder_regex: /(project_path|project_id|default_branch)/ }
# end
#
class UrlPlaceholderValidator < UrlValidator
def validate_each(record, attribute, value)
placeholder_regex = self.options[:placeholder_regex]
value = value.gsub(/%{#{placeholder_regex}}/, 'foo') if placeholder_regex && value
super(record, attribute, value)
end
end
...@@ -23,6 +23,12 @@ ...@@ -23,6 +23,12 @@
- deleted_message = s_('ForkedFromProjectPath|Forked from %{project_name} (deleted)') - deleted_message = s_('ForkedFromProjectPath|Forked from %{project_name} (deleted)')
= deleted_message % { project_name: fork_source_name(@project) } = deleted_message % { project_name: fork_source_name(@project) }
.project-badges
- @project.badges.each do |badge|
- badge_link_url = badge.rendered_link_url(@project)
%a{ href: badge_link_url, target: '_blank', rel: 'noopener noreferrer' }
%img{ src: badge.rendered_image_url(@project), alt: badge_link_url }
.project-repo-buttons .project-repo-buttons
.count-buttons .count-buttons
= render 'projects/buttons/star' = render 'projects/buttons/star'
......
---
title: Implemented badge API endpoints
merge_request: 17082
author:
type: added
...@@ -26,6 +26,7 @@ module Gitlab ...@@ -26,6 +26,7 @@ module Gitlab
# This is a nice reference article on autoloading/eager loading: # This is a nice reference article on autoloading/eager loading:
# http://blog.arkency.com/2014/11/dont-forget-about-eager-load-when-extending-autoload # http://blog.arkency.com/2014/11/dont-forget-about-eager-load-when-extending-autoload
config.eager_load_paths.push(*%W[#{config.root}/lib config.eager_load_paths.push(*%W[#{config.root}/lib
#{config.root}/app/models/badges
#{config.root}/app/models/hooks #{config.root}/app/models/hooks
#{config.root}/app/models/members #{config.root}/app/models/members
#{config.root}/app/models/project_services #{config.root}/app/models/project_services
......
class CreateBadges < ActiveRecord::Migration
DOWNTIME = false
def change
create_table :badges do |t|
t.string :link_url, null: false
t.string :image_url, null: false
t.references :project, index: true, foreign_key: { on_delete: :cascade }, null: true
t.integer :group_id, index: true, null: true
t.string :type, null: false
t.timestamps_with_timezone null: false
end
add_foreign_key :badges, :namespaces, column: :group_id, on_delete: :cascade
end
end
...@@ -183,6 +183,19 @@ ActiveRecord::Schema.define(version: 20180304204842) do ...@@ -183,6 +183,19 @@ ActiveRecord::Schema.define(version: 20180304204842) do
add_index "award_emoji", ["awardable_type", "awardable_id"], name: "index_award_emoji_on_awardable_type_and_awardable_id", using: :btree add_index "award_emoji", ["awardable_type", "awardable_id"], name: "index_award_emoji_on_awardable_type_and_awardable_id", using: :btree
add_index "award_emoji", ["user_id", "name"], name: "index_award_emoji_on_user_id_and_name", using: :btree add_index "award_emoji", ["user_id", "name"], name: "index_award_emoji_on_user_id_and_name", using: :btree
create_table "badges", force: :cascade do |t|
t.string "link_url", null: false
t.string "image_url", null: false
t.integer "project_id"
t.integer "group_id"
t.string "type", null: false
t.datetime_with_timezone "created_at", null: false
t.datetime_with_timezone "updated_at", null: false
end
add_index "badges", ["group_id"], name: "index_badges_on_group_id", using: :btree
add_index "badges", ["project_id"], name: "index_badges_on_project_id", using: :btree
create_table "boards", force: :cascade do |t| create_table "boards", force: :cascade do |t|
t.integer "project_id", null: false t.integer "project_id", null: false
t.datetime "created_at", null: false t.datetime "created_at", null: false
...@@ -1969,6 +1982,8 @@ ActiveRecord::Schema.define(version: 20180304204842) do ...@@ -1969,6 +1982,8 @@ ActiveRecord::Schema.define(version: 20180304204842) do
add_index "web_hooks", ["project_id"], name: "index_web_hooks_on_project_id", using: :btree add_index "web_hooks", ["project_id"], name: "index_web_hooks_on_project_id", using: :btree
add_index "web_hooks", ["type"], name: "index_web_hooks_on_type", using: :btree add_index "web_hooks", ["type"], name: "index_web_hooks_on_type", using: :btree
add_foreign_key "badges", "namespaces", column: "group_id", on_delete: :cascade
add_foreign_key "badges", "projects", on_delete: :cascade
add_foreign_key "boards", "projects", name: "fk_f15266b5f9", on_delete: :cascade add_foreign_key "boards", "projects", name: "fk_f15266b5f9", on_delete: :cascade
add_foreign_key "chat_teams", "namespaces", on_delete: :cascade add_foreign_key "chat_teams", "namespaces", on_delete: :cascade
add_foreign_key "ci_build_trace_section_names", "projects", on_delete: :cascade add_foreign_key "ci_build_trace_section_names", "projects", on_delete: :cascade
......
...@@ -24,6 +24,7 @@ following locations: ...@@ -24,6 +24,7 @@ following locations:
- [GitLab CI Config templates](templates/gitlab_ci_ymls.md) - [GitLab CI Config templates](templates/gitlab_ci_ymls.md)
- [Groups](groups.md) - [Groups](groups.md)
- [Group Access Requests](access_requests.md) - [Group Access Requests](access_requests.md)
- [Group Badges](group_badges.md)
- [Group Members](members.md) - [Group Members](members.md)
- [Issues](issues.md) - [Issues](issues.md)
- [Issue Boards](boards.md) - [Issue Boards](boards.md)
...@@ -43,6 +44,7 @@ following locations: ...@@ -43,6 +44,7 @@ following locations:
- [Pipeline Schedules](pipeline_schedules.md) - [Pipeline Schedules](pipeline_schedules.md)
- [Projects](projects.md) including setting Webhooks - [Projects](projects.md) including setting Webhooks
- [Project Access Requests](access_requests.md) - [Project Access Requests](access_requests.md)
- [Project Badges](project_badges.md)
- [Project import/export](project_import_export.md) - [Project import/export](project_import_export.md)
- [Project Members](members.md) - [Project Members](members.md)
- [Project Snippets](project_snippets.md) - [Project Snippets](project_snippets.md)
......
# Group badges API
## Placeholder tokens
Badges support placeholders that will be replaced in real time in both the link and image URL. The allowed placeholders are:
- **%{project_path}**: will be replaced by the project path.
- **%{project_id}**: will be replaced by the project id.
- **%{default_branch}**: will be replaced by the project default branch.
- **%{commit_sha}**: will be replaced by the last project's commit sha.
Because these enpoints aren't inside a project's context, the information used to replace the placeholders will be
from the first group's project by creation date. If the group hasn't got any project the original URL with the placeholders will be returned.
## List all badges of a group
Gets a list of a group's badges.
```
GET /groups/:id/badges
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user |
```bash
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/badges
```
Example response:
```json
[
{
"id": 1,
"link_url": "http://example.com/ci_status.svg?project=%{project_path}&ref=%{default_branch}",
"image_url": "https://shields.io/my/badge",
"rendered_link_url": "http://example.com/ci_status.svg?project=example-org/example-project&ref=master",
"rendered_image_url": "https://shields.io/my/badge",
"kind": "group"
},
{
"id": 2,
"link_url": "http://example.com/ci_status.svg?project=%{project_path}&ref=%{default_branch}",
"image_url": "https://shields.io/my/badge",
"rendered_link_url": "http://example.com/ci_status.svg?project=example-org/example-project&ref=master",
"rendered_image_url": "https://shields.io/my/badge",
"kind": "group"
},
]
```
## Get a badge of a group
Gets a badge of a group.
```
GET /groups/:id/badges/:badge_id
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user |
| `badge_id` | integer | yes | The badge ID |
```bash
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/badges/:badge_id
```
Example response:
```json
{
"id": 1,
"link_url": "http://example.com/ci_status.svg?project=%{project_path}&ref=%{default_branch}",
"image_url": "https://shields.io/my/badge",
"rendered_link_url": "http://example.com/ci_status.svg?project=example-org/example-project&ref=master",
"rendered_image_url": "https://shields.io/my/badge",
"kind": "group"
}
```
## Add a badge to a group
Adds a badge to a group.
```
POST /groups/:id/badges
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user |
| `link_url` | string | yes | URL of the badge link |
| `image_url` | string | yes | URL of the badge image |
```bash
curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --data "link_url=https://gitlab.com/gitlab-org/gitlab-ce/commits/master&image_url=https://shields.io/my/badge1&position=0" https://gitlab.example.com/api/v4/groups/:id/badges
```
Example response:
```json
{
"id": 1,
"link_url": "https://gitlab.com/gitlab-org/gitlab-ce/commits/master",
"image_url": "https://shields.io/my/badge1",
"rendered_link_url": "https://gitlab.com/gitlab-org/gitlab-ce/commits/master",
"rendered_image_url": "https://shields.io/my/badge1",
"kind": "group"
}
```
## Edit a badge of a group
Updates a badge of a group.
```
PUT /groups/:id/badges/:badge_id
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user |
| `badge_id` | integer | yes | The badge ID |
| `link_url` | string | no | URL of the badge link |
| `image_url` | string | no | URL of the badge image |
```bash
curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/badges/:badge_id
```
Example response:
```json
{
"id": 1,
"link_url": "https://gitlab.com/gitlab-org/gitlab-ce/commits/master",
"image_url": "https://shields.io/my/badge",
"rendered_link_url": "https://gitlab.com/gitlab-org/gitlab-ce/commits/master",
"rendered_image_url": "https://shields.io/my/badge",
"kind": "group"
}
```
## Remove a badge from a group
Removes a badge from a group.
```
DELETE /groups/:id/badges/:badge_id
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user |
| `badge_id` | integer | yes | The badge ID |
```bash
curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/badges/:badge_id
```
## Preview a badge from a group
Returns how the `link_url` and `image_url` final URLs would be after resolving the placeholder interpolation.
```
GET /groups/:id/badges/render
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user |
| `link_url` | string | yes | URL of the badge link|
| `image_url` | string | yes | URL of the badge image |
```bash
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/badges/render?link_url=http%3A%2F%2Fexample.com%2Fci_status.svg%3Fproject%3D%25%7Bproject_path%7D%26ref%3D%25%7Bdefault_branch%7D&image_url=https%3A%2F%2Fshields.io%2Fmy%2Fbadge
```
Example response:
```json
{
"link_url": "http://example.com/ci_status.svg?project=%{project_path}&ref=%{default_branch}",
"image_url": "https://shields.io/my/badge",
"rendered_link_url": "http://example.com/ci_status.svg?project=example-org/example-project&ref=master",
"rendered_image_url": "https://shields.io/my/badge",
}
```
...@@ -525,3 +525,7 @@ And to switch pages add: ...@@ -525,3 +525,7 @@ And to switch pages add:
``` ```
[ce-15142]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/15142 [ce-15142]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/15142
## Group badges
Read more in the [Group Badges](group_badges.md) documentation.
# Project badges API
## Placeholder tokens
Badges support placeholders that will be replaced in real time in both the link and image URL. The allowed placeholders are:
- **%{project_path}**: will be replaced by the project path.
- **%{project_id}**: will be replaced by the project id.
- **%{default_branch}**: will be replaced by the project default branch.
- **%{commit_sha}**: will be replaced by the last project's commit sha.
## List all badges of a project
Gets a list of a project's badges and its group badges.
```
GET /projects/:id/badges
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
```bash
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/badges
```
Example response:
```json
[
{
"id": 1,
"link_url": "http://example.com/ci_status.svg?project=%{project_path}&ref=%{default_branch}",
"image_url": "https://shields.io/my/badge",
"rendered_link_url": "http://example.com/ci_status.svg?project=example-org/example-project&ref=master",
"rendered_image_url": "https://shields.io/my/badge",
"kind": "project"
},
{
"id": 2,
"link_url": "http://example.com/ci_status.svg?project=%{project_path}&ref=%{default_branch}",
"image_url": "https://shields.io/my/badge",
"rendered_link_url": "http://example.com/ci_status.svg?project=example-org/example-project&ref=master",
"rendered_image_url": "https://shields.io/my/badge",
"kind": "group"
},
]
```
## Get a badge of a project
Gets a badge of a project.
```
GET /projects/:id/badges/:badge_id
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
| `badge_id` | integer | yes | The badge ID |
```bash
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/badges/:badge_id
```
Example response:
```json
{
"id": 1,
"link_url": "http://example.com/ci_status.svg?project=%{project_path}&ref=%{default_branch}",
"image_url": "https://shields.io/my/badge",
"rendered_link_url": "http://example.com/ci_status.svg?project=example-org/example-project&ref=master",
"rendered_image_url": "https://shields.io/my/badge",
"kind": "project"
}
```
## Add a badge to a project
Adds a badge to a project.
```
POST /projects/:id/badges
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project ](README.md#namespaced-path-encoding) owned by the authenticated user |
| `link_url` | string | yes | URL of the badge link |
| `image_url` | string | yes | URL of the badge image |
```bash
curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --data "link_url=https://gitlab.com/gitlab-org/gitlab-ce/commits/master&image_url=https://shields.io/my/badge1&position=0" https://gitlab.example.com/api/v4/projects/:id/badges
```
Example response:
```json
{
"id": 1,
"link_url": "https://gitlab.com/gitlab-org/gitlab-ce/commits/master",
"image_url": "https://shields.io/my/badge1",
"rendered_link_url": "https://gitlab.com/gitlab-org/gitlab-ce/commits/master",
"rendered_image_url": "https://shields.io/my/badge1",
"kind": "project"
}
```
## Edit a badge of a project
Updates a badge of a project.
```
PUT /projects/:id/badges/:badge_id
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
| `badge_id` | integer | yes | The badge ID |
| `link_url` | string | no | URL of the badge link |
| `image_url` | string | no | URL of the badge image |
```bash
curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/badges/:badge_id
```
Example response:
```json
{
"id": 1,
"link_url": "https://gitlab.com/gitlab-org/gitlab-ce/commits/master",
"image_url": "https://shields.io/my/badge",
"rendered_link_url": "https://gitlab.com/gitlab-org/gitlab-ce/commits/master",
"rendered_image_url": "https://shields.io/my/badge",
"kind": "project"
}
```
## Remove a badge from a project
Removes a badge from a project. Only project's badges will be removed by using this endpoint.
```
DELETE /projects/:id/badges/:badge_id
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
| `badge_id` | integer | yes | The badge ID |
```bash
curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/badges/:badge_id
```
## Preview a badge from a project
Returns how the `link_url` and `image_url` final URLs would be after resolving the placeholder interpolation.
```
GET /projects/:id/badges/render
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
| `link_url` | string | yes | URL of the badge link|
| `image_url` | string | yes | URL of the badge image |
```bash
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/badges/render?link_url=http%3A%2F%2Fexample.com%2Fci_status.svg%3Fproject%3D%25%7Bproject_path%7D%26ref%3D%25%7Bdefault_branch%7D&image_url=https%3A%2F%2Fshields.io%2Fmy%2Fbadge
```
Example response:
```json
{
"link_url": "http://example.com/ci_status.svg?project=%{project_path}&ref=%{default_branch}",
"image_url": "https://shields.io/my/badge",
"rendered_link_url": "http://example.com/ci_status.svg?project=example-org/example-project&ref=master",
"rendered_image_url": "https://shields.io/my/badge",
}
```
...@@ -1340,3 +1340,7 @@ Read more in the [Project import/export](project_import_export.md) documentation ...@@ -1340,3 +1340,7 @@ Read more in the [Project import/export](project_import_export.md) documentation
## Project members ## Project members
Read more in the [Project members](members.md) documentation. Read more in the [Project members](members.md) documentation.
## Project badges
Read more in the [Project Badges](project_badges.md) documentation.
...@@ -108,6 +108,7 @@ module API ...@@ -108,6 +108,7 @@ module API
mount ::API::AccessRequests mount ::API::AccessRequests
mount ::API::Applications mount ::API::Applications
mount ::API::AwardEmoji mount ::API::AwardEmoji
mount ::API::Badges
mount ::API::Boards mount ::API::Boards
mount ::API::Branches mount ::API::Branches
mount ::API::BroadcastMessages mount ::API::BroadcastMessages
......
module API
class Badges < Grape::API
include PaginationParams
before { authenticate_non_get! }
helpers ::API::Helpers::BadgesHelpers
helpers do
def find_source_if_admin(source_type)
source = find_source(source_type, params[:id])
authorize_admin_source!(source_type, source)
source
end
end
%w[group project].each do |source_type|
params do
requires :id, type: String, desc: "The ID of a #{source_type}"
end
resource source_type.pluralize, requirements: API::PROJECT_ENDPOINT_REQUIREMENTS do
desc "Gets a list of #{source_type} badges viewable by the authenticated user." do
detail 'This feature was introduced in GitLab 10.6.'
success Entities::Badge
end
params do
use :pagination
end
get ":id/badges" do
source = find_source(source_type, params[:id])
present_badges(source, paginate(source.badges))
end
desc "Preview a badge from a #{source_type}." do
detail 'This feature was introduced in GitLab 10.6.'
success Entities::BasicBadgeDetails
end
params do
requires :link_url, type: String, desc: 'URL of the badge link'
requires :image_url, type: String, desc: 'URL of the badge image'
end
get ":id/badges/render" do
authenticate!
source = find_source_if_admin(source_type)
badge = ::Badges::BuildService.new(declared_params(include_missing: false))
.execute(source)
if badge.valid?
present_badges(source, badge, with: Entities::BasicBadgeDetails)
else
render_validation_error!(badge)
end
end
desc "Gets a badge of a #{source_type}." do
detail 'This feature was introduced in GitLab 10.6.'
success Entities::Badge
end
params do
requires :badge_id, type: Integer, desc: 'The badge ID'
end
get ":id/badges/:badge_id" do
source = find_source(source_type, params[:id])
badge = find_badge(source)
present_badges(source, badge)
end
desc "Adds a badge to a #{source_type}." do
detail 'This feature was introduced in GitLab 10.6.'
success Entities::Badge
end
params do
requires :link_url, type: String, desc: 'URL of the badge link'
requires :image_url, type: String, desc: 'URL of the badge image'
end
post ":id/badges" do
source = find_source_if_admin(source_type)
badge = ::Badges::CreateService.new(declared_params(include_missing: false)).execute(source)
if badge.persisted?
present_badges(source, badge)
else
render_validation_error!(badge)
end
end
desc "Updates a badge of a #{source_type}." do
detail 'This feature was introduced in GitLab 10.6.'
success Entities::Badge
end
params do
optional :link_url, type: String, desc: 'URL of the badge link'
optional :image_url, type: String, desc: 'URL of the badge image'
end
put ":id/badges/:badge_id" do
source = find_source_if_admin(source_type)
badge = ::Badges::UpdateService.new(declared_params(include_missing: false))
.execute(find_badge(source))
if badge.valid?
present_badges(source, badge)
else
render_validation_error!(badge)
end
end
desc 'Removes a badge from a project or group.' do
detail 'This feature was introduced in GitLab 10.6.'
end
params do
requires :badge_id, type: Integer, desc: 'The badge ID'
end
delete ":id/badges/:badge_id" do
source = find_source_if_admin(source_type)
badge = find_badge(source)
if badge.is_a?(GroupBadge) && source.is_a?(Project)
error!('To delete a Group badge please use the Group endpoint', 403)
end
destroy_conditionally!(badge)
end
end
end
end
end
...@@ -1235,5 +1235,23 @@ module API ...@@ -1235,5 +1235,23 @@ module API
expose :startline expose :startline
expose :project_id expose :project_id
end end
class BasicBadgeDetails < Grape::Entity
expose :link_url
expose :image_url
expose :rendered_link_url do |badge, options|
badge.rendered_link_url(options.fetch(:project, nil))
end
expose :rendered_image_url do |badge, options|
badge.rendered_image_url(options.fetch(:project, nil))
end
end
class Badge < BasicBadgeDetails
expose :id
expose :kind do |badge|
badge.type == 'ProjectBadge' ? 'project' : 'group'
end
end
end end
end end
module API
module Helpers
module BadgesHelpers
include ::API::Helpers::MembersHelpers
def find_badge(source)
source.badges.find(params[:badge_id])
end
def present_badges(source, records, options = {})
entity_type = options[:with] || Entities::Badge
badge_params = badge_source_params(source).merge(with: entity_type)
present records, badge_params
end
def badge_source_params(source)
project = if source.is_a?(Project)
source
else
GroupProjectsFinder.new(group: source, current_user: current_user).execute.first
end
{ project: project }
end
end
end
end
...@@ -65,6 +65,7 @@ project_tree: ...@@ -65,6 +65,7 @@ project_tree:
- :create_access_levels - :create_access_levels
- :project_feature - :project_feature
- :custom_attributes - :custom_attributes
- :project_badges
# Only include the following attributes for the models specified. # Only include the following attributes for the models specified.
included_attributes: included_attributes:
...@@ -125,6 +126,8 @@ excluded_attributes: ...@@ -125,6 +126,8 @@ excluded_attributes:
- :when - :when
push_event_payload: push_event_payload:
- :event_id - :event_id
project_badges:
- :group_id
methods: methods:
labels: labels:
...@@ -147,3 +150,5 @@ methods: ...@@ -147,3 +150,5 @@ methods:
- :action - :action
push_event_payload: push_event_payload:
- :action - :action
project_badges:
- :type
...@@ -16,7 +16,8 @@ module Gitlab ...@@ -16,7 +16,8 @@ module Gitlab
priorities: :label_priorities, priorities: :label_priorities,
auto_devops: :project_auto_devops, auto_devops: :project_auto_devops,
label: :project_label, label: :project_label,
custom_attributes: 'ProjectCustomAttribute' }.freeze custom_attributes: 'ProjectCustomAttribute',
project_badges: 'Badge' }.freeze
USER_REFERENCES = %w[author_id assignee_id updated_by_id user_id created_by_id last_edited_by_id merge_user_id resolved_by_id].freeze USER_REFERENCES = %w[author_id assignee_id updated_by_id user_id created_by_id last_edited_by_id merge_user_id resolved_by_id].freeze
......
module Gitlab
class StringPlaceholderReplacer
# This method accepts the following paras
# - string: the string to be analyzed
# - placeholder_regex: i.e. /%{project_path|project_id|default_branch|commit_sha}/
# - block: this block will be called with each placeholder found in the string using
# the placeholder regex. If the result of the block is nil, the original
# placeholder will be returned.
def self.replace_string_placeholders(string, placeholder_regex = nil, &block)
return string if string.blank? || placeholder_regex.blank? || !block_given?
replace_placeholders(string, placeholder_regex, &block)
end
class << self
private
# If the result of the block is nil, then the placeholder is returned
def replace_placeholders(string, placeholder_regex, &block)
string.gsub(/%{(#{placeholder_regex})}/) do |arg|
yield($~[1]) || arg
end
end
end
end
end
FactoryBot.define do
trait :base_badge do
link_url { generate(:url) }
image_url { generate(:url) }
end
factory :project_badge, traits: [:base_badge], class: ProjectBadge do
project
end
factory :group_badge, aliases: [:badge], traits: [:base_badge], class: GroupBadge do
group
end
end
...@@ -277,6 +277,7 @@ project: ...@@ -277,6 +277,7 @@ project:
- fork_network - fork_network
- custom_attributes - custom_attributes
- lfs_file_locks - lfs_file_locks
- project_badges
award_emoji: award_emoji:
- awardable - awardable
- user - user
...@@ -293,3 +294,5 @@ issue_assignees: ...@@ -293,3 +294,5 @@ issue_assignees:
- assignee - assignee
lfs_file_locks: lfs_file_locks:
- user - user
project_badges:
- project
This source diff could not be displayed because it is too large. You can view the blob instead.
...@@ -129,6 +129,10 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do ...@@ -129,6 +129,10 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
expect(@project.custom_attributes.count).to eq(2) expect(@project.custom_attributes.count).to eq(2)
end end
it 'has badges' do
expect(@project.project_badges.count).to eq(2)
end
it 'restores the correct service' do it 'restores the correct service' do
expect(CustomIssueTrackerService.first).not_to be_nil expect(CustomIssueTrackerService.first).not_to be_nil
end end
......
...@@ -180,6 +180,10 @@ describe Gitlab::ImportExport::ProjectTreeSaver do ...@@ -180,6 +180,10 @@ describe Gitlab::ImportExport::ProjectTreeSaver do
expect(saved_project_json['custom_attributes'].count).to eq(2) expect(saved_project_json['custom_attributes'].count).to eq(2)
end end
it 'has badges' do
expect(saved_project_json['project_badges'].count).to eq(2)
end
it 'does not complain about non UTF-8 characters in MR diff files' do it 'does not complain about non UTF-8 characters in MR diff files' do
ActiveRecord::Base.connection.execute("UPDATE merge_request_diff_files SET diff = '---\n- :diff: !binary |-\n LS0tIC9kZXYvbnVsbAorKysgYi9pbWFnZXMvbnVjb3IucGRmCkBAIC0wLDAg\n KzEsMTY3OSBAQAorJVBERi0xLjUNJeLjz9MNCisxIDAgb2JqDTw8L01ldGFk\n YXR'") ActiveRecord::Base.connection.execute("UPDATE merge_request_diff_files SET diff = '---\n- :diff: !binary |-\n LS0tIC9kZXYvbnVsbAorKysgYi9pbWFnZXMvbnVjb3IucGRmCkBAIC0wLDAg\n KzEsMTY3OSBAQAorJVBERi0xLjUNJeLjz9MNCisxIDAgb2JqDTw8L01ldGFk\n YXR'")
...@@ -288,6 +292,9 @@ describe Gitlab::ImportExport::ProjectTreeSaver do ...@@ -288,6 +292,9 @@ describe Gitlab::ImportExport::ProjectTreeSaver do
create(:project_custom_attribute, project: project) create(:project_custom_attribute, project: project)
create(:project_custom_attribute, project: project) create(:project_custom_attribute, project: project)
create(:project_badge, project: project)
create(:project_badge, project: project)
project project
end end
......
...@@ -536,3 +536,12 @@ LfsFileLock: ...@@ -536,3 +536,12 @@ LfsFileLock:
- user_id - user_id
- project_id - project_id
- created_at - created_at
Badge:
- id
- link_url
- image_url
- project_id
- group_id
- created_at
- updated_at
- type
require 'spec_helper'
describe Gitlab::StringPlaceholderReplacer do
describe '.render_url' do
it 'returns the nil if the string is blank' do
expect(described_class.replace_string_placeholders(nil, /whatever/)).to be_blank
end
it 'returns the string if the placeholder regex' do
expect(described_class.replace_string_placeholders('whatever')).to eq 'whatever'
end
it 'returns the string if no block given' do
expect(described_class.replace_string_placeholders('whatever', /whatever/)).to eq 'whatever'
end
context 'when all params are valid' do
let(:string) { '%{path}/%{id}/%{branch}' }
let(:regex) { /(path|id)/ }
it 'replaces each placeholders with the block result' do
result = described_class.replace_string_placeholders(string, regex) do |arg|
'WHATEVER'
end
expect(result).to eq 'WHATEVER/WHATEVER/%{branch}'
end
it 'does not replace the placeholder if the block result is nil' do
result = described_class.replace_string_placeholders(string, regex) do |arg|
arg == 'path' ? nil : 'WHATEVER'
end
expect(result).to eq '%{path}/WHATEVER/%{branch}'
end
end
end
end
require 'spec_helper'
describe Badge do
let(:placeholder_url) { 'http://www.example.com/%{project_path}/%{project_id}/%{default_branch}/%{commit_sha}' }
describe 'validations' do
# Requires the let variable url_sym
shared_examples 'placeholder url' do
let(:badge) { build(:badge) }
it 'allows url with http protocol' do
badge[url_sym] = 'http://www.example.com'
expect(badge).to be_valid
end
it 'allows url with https protocol' do
badge[url_sym] = 'https://www.example.com'
expect(badge).to be_valid
end
it 'cannot be empty' do
badge[url_sym] = ''
expect(badge).not_to be_valid
end
it 'cannot be nil' do
badge[url_sym] = nil
expect(badge).not_to be_valid
end
it 'accept badges placeholders' do
badge[url_sym] = placeholder_url
expect(badge).to be_valid
end
it 'sanitize url' do
badge[url_sym] = 'javascript:alert(1)'
expect(badge).not_to be_valid
end
end
context 'link_url format' do
let(:url_sym) { :link_url }
it_behaves_like 'placeholder url'
end
context 'image_url format' do
let(:url_sym) { :image_url }
it_behaves_like 'placeholder url'
end
end
shared_examples 'rendered_links' do
it 'should use the project information to populate the url placeholders' do
stub_project_commit_info(project)
expect(badge.public_send("rendered_#{method}", project)).to eq "http://www.example.com/#{project.full_path}/#{project.id}/master/whatever"
end
it 'returns the url if the project used is nil' do
expect(badge.public_send("rendered_#{method}", nil)).to eq placeholder_url
end
def stub_project_commit_info(project)
allow(project).to receive(:commit).and_return(double('Commit', sha: 'whatever'))
allow(project).to receive(:default_branch).and_return('master')
end
end
context 'methods' do
let(:badge) { build(:badge, link_url: placeholder_url, image_url: placeholder_url) }
let!(:project) { create(:project) }
context '#rendered_link_url' do
let(:method) { :link_url }
it_behaves_like 'rendered_links'
end
context '#rendered_image_url' do
let(:method) { :image_url }
it_behaves_like 'rendered_links'
end
end
end
require 'spec_helper'
describe GroupBadge do
describe 'associations' do
it { is_expected.to belong_to(:group) }
end
describe 'validations' do
it { is_expected.to validate_presence_of(:group) }
end
end
require 'spec_helper'
describe ProjectBadge do
let(:placeholder_url) { 'http://www.example.com/%{project_path}/%{project_id}/%{default_branch}/%{commit_sha}' }
describe 'associations' do
it { is_expected.to belong_to(:project) }
end
describe 'validations' do
it { is_expected.to validate_presence_of(:project) }
end
shared_examples 'rendered_links' do
it 'should use the badge project information to populate the url placeholders' do
stub_project_commit_info(project)
expect(badge.public_send("rendered_#{method}")).to eq "http://www.example.com/#{project.full_path}/#{project.id}/master/whatever"
end
def stub_project_commit_info(project)
allow(project).to receive(:commit).and_return(double('Commit', sha: 'whatever'))
allow(project).to receive(:default_branch).and_return('master')
end
end
context 'methods' do
let(:badge) { build(:project_badge, link_url: placeholder_url, image_url: placeholder_url) }
let!(:project) { badge.project }
context '#rendered_link_url' do
let(:method) { :link_url }
it_behaves_like 'rendered_links'
end
context '#rendered_image_url' do
let(:method) { :image_url }
it_behaves_like 'rendered_links'
end
end
end
...@@ -18,6 +18,7 @@ describe Group do ...@@ -18,6 +18,7 @@ describe Group do
it { is_expected.to have_many(:uploads).dependent(:destroy) } it { is_expected.to have_many(:uploads).dependent(:destroy) }
it { is_expected.to have_one(:chat_team) } it { is_expected.to have_one(:chat_team) }
it { is_expected.to have_many(:custom_attributes).class_name('GroupCustomAttribute') } it { is_expected.to have_many(:custom_attributes).class_name('GroupCustomAttribute') }
it { is_expected.to have_many(:badges).class_name('GroupBadge') }
describe '#members & #requesters' do describe '#members & #requesters' do
let(:requester) { create(:user) } let(:requester) { create(:user) }
......
...@@ -80,6 +80,7 @@ describe Project do ...@@ -80,6 +80,7 @@ describe Project do
it { is_expected.to have_many(:members_and_requesters) } it { is_expected.to have_many(:members_and_requesters) }
it { is_expected.to have_many(:clusters) } it { is_expected.to have_many(:clusters) }
it { is_expected.to have_many(:custom_attributes).class_name('ProjectCustomAttribute') } it { is_expected.to have_many(:custom_attributes).class_name('ProjectCustomAttribute') }
it { is_expected.to have_many(:project_badges).class_name('ProjectBadge') }
it { is_expected.to have_many(:lfs_file_locks) } it { is_expected.to have_many(:lfs_file_locks) }
context 'after initialized' do context 'after initialized' do
...@@ -3331,4 +3332,36 @@ describe Project do ...@@ -3331,4 +3332,36 @@ describe Project do
end.not_to raise_error # Sidekiq::Worker::EnqueueFromTransactionError end.not_to raise_error # Sidekiq::Worker::EnqueueFromTransactionError
end end
end end
describe '#badges' do
let(:project_group) { create(:group) }
let(:project) { create(:project, path: 'avatar', namespace: project_group) }
before do
create_list(:project_badge, 2, project: project)
create(:group_badge, group: project_group)
end
it 'returns the project and the project group badges' do
create(:group_badge, group: create(:group))
expect(Badge.count).to eq 4
expect(project.badges.count).to eq 3
end
if Group.supports_nested_groups?
context 'with nested_groups' do
let(:parent_group) { create(:group) }
before do
create_list(:group_badge, 2, group: project_group)
project_group.update(parent: parent_group)
end
it 'returns the project and the project nested groups badges' do
expect(project.badges.count).to eq 5
end
end
end
end
end end
require 'spec_helper'
describe API::Badges do
let(:master) { create(:user, username: 'master_user') }
let(:developer) { create(:user) }
let(:access_requester) { create(:user) }
let(:stranger) { create(:user) }
let(:project_group) { create(:group) }
let(:project) { setup_project }
let!(:group) { setup_group }
shared_context 'source helpers' do
def get_source(source_type)
source_type == 'project' ? project : group
end
end
shared_examples 'GET /:sources/:id/badges' do |source_type|
include_context 'source helpers'
let(:source) { get_source(source_type) }
context "with :sources == #{source_type.pluralize}" do
it_behaves_like 'a 404 response when source is private' do
let(:route) { get api("/#{source_type.pluralize}/#{source.id}/badges", stranger) }
end
%i[master developer access_requester stranger].each do |type|
context "when authenticated as a #{type}" do
it 'returns 200' do
user = public_send(type)
badges_count = source_type == 'project' ? 3 : 2
get api("/#{source_type.pluralize}/#{source.id}/badges", user)
expect(response).to have_gitlab_http_status(200)
expect(response).to include_pagination_headers
expect(json_response).to be_an Array
expect(json_response.size).to eq(badges_count)
end
end
end
it 'avoids N+1 queries' do
# Establish baseline
get api("/#{source_type.pluralize}/#{source.id}/badges", master)
control = ActiveRecord::QueryRecorder.new do
get api("/#{source_type.pluralize}/#{source.id}/badges", master)
end
project.add_developer(create(:user))
expect do
get api("/#{source_type.pluralize}/#{source.id}/badges", master)
end.not_to exceed_query_limit(control)
end
end
end
shared_examples 'GET /:sources/:id/badges/:badge_id' do |source_type|
include_context 'source helpers'
let(:source) { get_source(source_type) }
context "with :sources == #{source_type.pluralize}" do
it_behaves_like 'a 404 response when source is private' do
let(:route) { get api("/#{source_type.pluralize}/#{source.id}/badges/#{developer.id}", stranger) }
end
context 'when authenticated as a non-member' do
%i[master developer access_requester stranger].each do |type|
let(:badge) { source.badges.first }
context "as a #{type}" do
it 'returns 200' do
user = public_send(type)
get api("/#{source_type.pluralize}/#{source.id}/badges/#{badge.id}", user)
expect(response).to have_gitlab_http_status(200)
expect(json_response['id']).to eq(badge.id)
expect(json_response['link_url']).to eq(badge.link_url)
expect(json_response['rendered_link_url']).to eq(badge.rendered_link_url)
expect(json_response['image_url']).to eq(badge.image_url)
expect(json_response['rendered_image_url']).to eq(badge.rendered_image_url)
expect(json_response['kind']).to eq source_type
end
end
end
end
end
end
shared_examples 'POST /:sources/:id/badges' do |source_type|
include_context 'source helpers'
let(:source) { get_source(source_type) }
let(:example_url) { 'http://www.example.com' }
let(:example_url2) { 'http://www.example1.com' }
context "with :sources == #{source_type.pluralize}" do
it_behaves_like 'a 404 response when source is private' do
let(:route) do
post api("/#{source_type.pluralize}/#{source.id}/badges", stranger),
link_url: example_url, image_url: example_url2
end
end
context 'when authenticated as a non-member or member with insufficient rights' do
%i[access_requester stranger developer].each do |type|
context "as a #{type}" do
it 'returns 403' do
user = public_send(type)
post api("/#{source_type.pluralize}/#{source.id}/badges", user),
link_url: example_url, image_url: example_url2
expect(response).to have_gitlab_http_status(403)
end
end
end
end
context 'when authenticated as a master/owner' do
it 'creates a new badge' do
expect do
post api("/#{source_type.pluralize}/#{source.id}/badges", master),
link_url: example_url, image_url: example_url2
expect(response).to have_gitlab_http_status(201)
end.to change { source.badges.count }.by(1)
expect(json_response['link_url']).to eq(example_url)
expect(json_response['image_url']).to eq(example_url2)
expect(json_response['kind']).to eq source_type
end
end
it 'returns 400 when link_url is not given' do
post api("/#{source_type.pluralize}/#{source.id}/badges", master),
link_url: example_url
expect(response).to have_gitlab_http_status(400)
end
it 'returns 400 when image_url is not given' do
post api("/#{source_type.pluralize}/#{source.id}/badges", master),
image_url: example_url2
expect(response).to have_gitlab_http_status(400)
end
it 'returns 400 when link_url or image_url is not valid' do
post api("/#{source_type.pluralize}/#{source.id}/badges", master),
link_url: 'whatever', image_url: 'whatever'
expect(response).to have_gitlab_http_status(400)
end
end
end
shared_examples 'PUT /:sources/:id/badges/:badge_id' do |source_type|
include_context 'source helpers'
let(:source) { get_source(source_type) }
context "with :sources == #{source_type.pluralize}" do
let(:badge) { source.badges.first }
let(:example_url) { 'http://www.example.com' }
let(:example_url2) { 'http://www.example1.com' }
it_behaves_like 'a 404 response when source is private' do
let(:route) do
put api("/#{source_type.pluralize}/#{source.id}/badges/#{badge.id}", stranger),
link_url: example_url
end
end
context 'when authenticated as a non-member or member with insufficient rights' do
%i[access_requester stranger developer].each do |type|
context "as a #{type}" do
it 'returns 403' do
user = public_send(type)
put api("/#{source_type.pluralize}/#{source.id}/badges/#{badge.id}", user),
link_url: example_url
expect(response).to have_gitlab_http_status(403)
end
end
end
end
context 'when authenticated as a master/owner' do
it 'updates the member' do
put api("/#{source_type.pluralize}/#{source.id}/badges/#{badge.id}", master),
link_url: example_url, image_url: example_url2
expect(response).to have_gitlab_http_status(200)
expect(json_response['link_url']).to eq(example_url)
expect(json_response['image_url']).to eq(example_url2)
expect(json_response['kind']).to eq source_type
end
end
it 'returns 400 when link_url or image_url is not valid' do
put api("/#{source_type.pluralize}/#{source.id}/badges/#{badge.id}", master),
link_url: 'whatever', image_url: 'whatever'
expect(response).to have_gitlab_http_status(400)
end
end
end
shared_examples 'DELETE /:sources/:id/badges/:badge_id' do |source_type|
include_context 'source helpers'
let(:source) { get_source(source_type) }
context "with :sources == #{source_type.pluralize}" do
let(:badge) { source.badges.first }
it_behaves_like 'a 404 response when source is private' do
let(:route) { delete api("/#{source_type.pluralize}/#{source.id}/badges/#{badge.id}", stranger) }
end
context 'when authenticated as a non-member or member with insufficient rights' do
%i[access_requester developer stranger].each do |type|
context "as a #{type}" do
it 'returns 403' do
user = public_send(type)
delete api("/#{source_type.pluralize}/#{source.id}/badges/#{badge.id}", user)
expect(response).to have_gitlab_http_status(403)
end
end
end
end
context 'when authenticated as a master/owner' do
it 'deletes the badge' do
expect do
delete api("/#{source_type.pluralize}/#{source.id}/badges/#{badge.id}", master)
expect(response).to have_gitlab_http_status(204)
end.to change { source.badges.count }.by(-1)
end
it_behaves_like '412 response' do
let(:request) { api("/#{source_type.pluralize}/#{source.id}/badges/#{badge.id}", master) }
end
end
it 'returns 404 if badge does not exist' do
delete api("/#{source_type.pluralize}/#{source.id}/badges/123", master)
expect(response).to have_gitlab_http_status(404)
end
end
end
shared_examples 'GET /:sources/:id/badges/render' do |source_type|
include_context 'source helpers'
let(:source) { get_source(source_type) }
let(:example_url) { 'http://www.example.com' }
let(:example_url2) { 'http://www.example1.com' }
context "with :sources == #{source_type.pluralize}" do
it_behaves_like 'a 404 response when source is private' do
let(:route) do
get api("/#{source_type.pluralize}/#{source.id}/badges/render?link_url=#{example_url}&image_url=#{example_url2}", stranger)
end
end
context 'when authenticated as a non-member or member with insufficient rights' do
%i[access_requester stranger developer].each do |type|
context "as a #{type}" do
it 'returns 403' do
user = public_send(type)
get api("/#{source_type.pluralize}/#{source.id}/badges/render?link_url=#{example_url}&image_url=#{example_url2}", user)
expect(response).to have_gitlab_http_status(403)
end
end
end
end
context 'when authenticated as a master/owner' do
it 'gets the rendered badge values' do
get api("/#{source_type.pluralize}/#{source.id}/badges/render?link_url=#{example_url}&image_url=#{example_url2}", master)
expect(response).to have_gitlab_http_status(200)
expect(json_response.keys).to contain_exactly('link_url', 'rendered_link_url', 'image_url', 'rendered_image_url')
expect(json_response['link_url']).to eq(example_url)
expect(json_response['image_url']).to eq(example_url2)
expect(json_response['rendered_link_url']).to eq(example_url)
expect(json_response['rendered_image_url']).to eq(example_url2)
end
end
it 'returns 400 when link_url is not given' do
get api("/#{source_type.pluralize}/#{source.id}/badges/render?link_url=#{example_url}", master)
expect(response).to have_gitlab_http_status(400)
end
it 'returns 400 when image_url is not given' do
get api("/#{source_type.pluralize}/#{source.id}/badges/render?image_url=#{example_url}", master)
expect(response).to have_gitlab_http_status(400)
end
it 'returns 400 when link_url or image_url is not valid' do
get api("/#{source_type.pluralize}/#{source.id}/badges/render?link_url=whatever&image_url=whatever", master)
expect(response).to have_gitlab_http_status(400)
end
end
end
context 'when deleting a badge' do
context 'and the source is a project' do
it 'cannot delete badges owned by the project group' do
delete api("/projects/#{project.id}/badges/#{project_group.badges.first.id}", master)
expect(response).to have_gitlab_http_status(403)
end
end
end
describe 'Endpoints' do
%w(project group).each do |source_type|
it_behaves_like 'GET /:sources/:id/badges', source_type
it_behaves_like 'GET /:sources/:id/badges/:badge_id', source_type
it_behaves_like 'GET /:sources/:id/badges/render', source_type
it_behaves_like 'POST /:sources/:id/badges', source_type
it_behaves_like 'PUT /:sources/:id/badges/:badge_id', source_type
it_behaves_like 'DELETE /:sources/:id/badges/:badge_id', source_type
end
end
def setup_project
create(:project, :public, :access_requestable, creator_id: master.id, namespace: project_group) do |project|
project.add_developer(developer)
project.add_master(master)
project.request_access(access_requester)
project.project_badges << build(:project_badge, project: project)
project.project_badges << build(:project_badge, project: project)
project_group.badges << build(:group_badge, group: group)
end
end
def setup_group
create(:group, :public, :access_requestable) do |group|
group.add_developer(developer)
group.add_owner(master)
group.request_access(access_requester)
group.badges << build(:group_badge, group: group)
group.badges << build(:group_badge, group: group)
end
end
end
require 'spec_helper'
describe UrlPlaceholderValidator do
let(:validator) { described_class.new(attributes: [:link_url], **options) }
let!(:badge) { build(:badge) }
let(:placeholder_url) { 'http://www.example.com/%{project_path}/%{project_id}/%{default_branch}/%{commit_sha}' }
subject { validator.validate_each(badge, :link_url, badge.link_url) }
describe '#validates_each' do
context 'with no options' do
let(:options) { {} }
it 'allows http and https protocols by default' do
expect(validator.send(:default_options)[:protocols]).to eq %w(http https)
end
it 'checks that the url structure is valid' do
badge.link_url = placeholder_url
subject
expect(badge.errors.empty?).to be false
end
end
context 'with placeholder regex' do
let(:options) { { placeholder_regex: /(project_path|project_id|commit_sha|default_branch)/ } }
it 'checks that the url is valid and obviate placeholders that match regex' do
badge.link_url = placeholder_url
subject
expect(badge.errors.empty?).to be true
end
end
end
end
require 'spec_helper'
describe UrlValidator do
let(:validator) { described_class.new(attributes: [:link_url], **options) }
let!(:badge) { build(:badge) }
subject { validator.validate_each(badge, :link_url, badge.link_url) }
describe '#validates_each' do
context 'with no options' do
let(:options) { {} }
it 'allows http and https protocols by default' do
expect(validator.send(:default_options)[:protocols]).to eq %w(http https)
end
it 'checks that the url structure is valid' do
badge.link_url = 'http://www.google.es/%{whatever}'
subject
expect(badge.errors.empty?).to be false
end
end
context 'with protocols' do
let(:options) { { protocols: %w(http) } }
it 'allows urls with the defined protocols' do
badge.link_url = 'http://www.example.com'
subject
expect(badge.errors.empty?).to be true
end
it 'add error if the url protocol does not match the selected ones' do
badge.link_url = 'https://www.example.com'
subject
expect(badge.errors.empty?).to be false
end
end
end
end
require 'spec_helper' require 'spec_helper'
describe 'projects/_home_panel' do describe 'projects/_home_panel' do
let(:project) { create(:project, :public) } let(:group) { create(:group) }
let(:project) { create(:project, :public, namespace: group) }
let(:notification_settings) do let(:notification_settings) do
user&.notification_settings_for(project) user&.notification_settings_for(project)
...@@ -35,4 +36,55 @@ describe 'projects/_home_panel' do ...@@ -35,4 +36,55 @@ describe 'projects/_home_panel' do
expect(rendered).not_to have_selector('.notification_dropdown') expect(rendered).not_to have_selector('.notification_dropdown')
end end
end end
context 'when project' do
let!(:user) { create(:user) }
let(:badges) { project.badges }
context 'has no badges' do
it 'should not render any badge' do
render
expect(rendered).to have_selector('.project-badges')
expect(rendered).not_to have_selector('.project-badges > a')
end
end
shared_examples 'show badges' do
it 'should render the all badges' do
render
expect(rendered).to have_selector('.project-badges a')
badges.each do |badge|
expect(rendered).to have_link(href: badge.rendered_link_url)
end
end
end
context 'only has group badges' do
before do
create(:group_badge, group: project.group)
end
it_behaves_like 'show badges'
end
context 'only has project badges' do
before do
create(:project_badge, project: project)
end
it_behaves_like 'show badges'
end
context 'has both group and project badges' do
before do
create(:project_badge, project: project)
create(:group_badge, group: project.group)
end
it_behaves_like 'show badges'
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment