Skip to content

G
gitlab-ce
Commit 53f775ae authored by Tomasz Maczukin's avatar Tomasz Maczukin
Browse files
Options

Fix runners filtering in API

parent 8c37f0ff
Show whitespace changes
Inline Side-by-side
Showing with 27 additions and 20 deletions
lib/api/runners.rb
View file @ 53f775ae
...@@ -121,11 +121,11 @@ module API ...@@ -121,11 +121,11 @@ module API
return runners unless scope.present? return runners unless scope.present?
available_scopes = ::Ci::Runner::AVAILABLE_SCOPES available_scopes = ::Ci::Runner::AVAILABLE_SCOPES
unless (available_scopes && scope).empty? if (available_scopes & [scope]).empty?
runners.send(scope)
else
render_api_error!('Scope contains invalid value', 400) render_api_error!('Scope contains invalid value', 400)
end end
runners.send(scope)
end end
def get_runner(id) def get_runner(id)
......
spec/requests/api/runners_spec.rb
View file @ 53f775ae
...@@ -22,6 +22,7 @@ describe API::API, api: true do ...@@ -22,6 +22,7 @@ describe API::API, api: true do
let!(:two_projects_runner_project2) { create(:ci_runner_project, runner: two_projects_runner, project: project2) } let!(:two_projects_runner_project2) { create(:ci_runner_project, runner: two_projects_runner, project: project2) }
describe 'GET /runners' do describe 'GET /runners' do
context 'authorized user' do
context 'authorized user with admin privileges' do context 'authorized user with admin privileges' do
it 'should return all runners' do it 'should return all runners' do
get api('/runners', admin) get api('/runners', admin)
...@@ -31,9 +32,11 @@ describe API::API, api: true do ...@@ -31,9 +32,11 @@ describe API::API, api: true do
expect(json_response).to be_an Array expect(json_response).to be_an Array
expect(shared).to be_truthy expect(shared).to be_truthy
end end
end
it 'should filter runners by scope' do context 'authorized user without admin privileges' do
get api('/runners?scope=specific', admin) it 'should return user available runners' do
get api('/runners', user)
shared = false || json_response.map{ |r| r['is_shared'] }.inject{ |sum, shr| sum || shr} shared = false || json_response.map{ |r| r['is_shared'] }.inject{ |sum, shr| sum || shr}
expect(response.status).to eq(200) expect(response.status).to eq(200)
...@@ -42,15 +45,19 @@ describe API::API, api: true do ...@@ -42,15 +45,19 @@ describe API::API, api: true do
end end
end end
context 'authorized user without admin privileges' do it 'should filter runners by scope' do
it 'should return user available runners' do get api('/runners?scope=specific', user)
get api('/runners', user)
shared = false || json_response.map{ |r| r['is_shared'] }.inject{ |sum, shr| sum || shr} shared = false || json_response.map{ |r| r['is_shared'] }.inject{ |sum, shr| sum || shr}
expect(response.status).to eq(200) expect(response.status).to eq(200)
expect(json_response).to be_an Array expect(json_response).to be_an Array
expect(shared).to be_falsey expect(shared).to be_falsey
end end
it 'should avoid filtering if scope is invalid' do
get api('/runners?scope=unknown', user)
expect(response.status).to eq(400)
end
end end
context 'unauthorized user' do context 'unauthorized user' do
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7