Move project members api to separate file

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

lib/api/api.rb

@@ -38,6 +38,7 @@ module API
     mount Internal
     mount SystemHooks
     mount ProjectSnippets
+    mount ProjectMembers
     mount DeployKeys
     mount ProjectHooks
     mount Services

lib/api/project_hooks.rb

@@ -5,15 +5,6 @@ module API
     before { authorize_admin_project }
 
     resource :projects do
-      helpers do
-        def handle_project_member_errors(errors)
-          if errors[:project_access].any?
-            error!(errors[:project_access], 422)
-          end
-          not_found!
-        end
-      end
-
       # Get project hooks
       #
       # Parameters:

lib/api/project_members.rb

+module API
+  # Projects members API
+  class ProjectMembers < Grape::API
+    before { authenticate! }
+
+    resource :projects do
+      helpers do
+        def handle_project_member_errors(errors)
+          if errors[:project_access].any?
+            error!(errors[:project_access], 422)
+          end
+          not_found!
+        end
+      end
+
+      # Get a project team members
+      #
+      # Parameters:
+      #   id (required) - The ID of a project
+      #   query         - Query string
+      # Example Request:
+      #   GET /projects/:id/members
+      get ":id/members" do
+        if params[:query].present?
+          @members = paginate user_project.users.where("username LIKE ?", "%#{params[:query]}%")
+        else
+          @members = paginate user_project.users
+        end
+        present @members, with: Entities::ProjectMember, project: user_project
+      end
+
+      # Get a project team members
+      #
+      # Parameters:
+      #   id (required) - The ID of a project
+      #   user_id (required) - The ID of a user
+      # Example Request:
+      #   GET /projects/:id/members/:user_id
+      get ":id/members/:user_id" do
+        @member = user_project.users.find params[:user_id]
+        present @member, with: Entities::ProjectMember, project: user_project
+      end
+
+      # Add a new project team member
+      #
+      # Parameters:
+      #   id (required) - The ID of a project
+      #   user_id (required) - The ID of a user
+      #   access_level (required) - Project access level
+      # Example Request:
+      #   POST /projects/:id/members
+      post ":id/members" do
+        authorize! :admin_project, user_project
+        required_attributes! [:user_id, :access_level]
+
+        # either the user is already a team member or a new one
+        team_member = user_project.team_member_by_id(params[:user_id])
+        if team_member.nil?
+          team_member = user_project.users_projects.new(
+            user_id: params[:user_id],
+            project_access: params[:access_level]
+          )
+        end
+
+        if team_member.save
+          @member = team_member.user
+          present @member, with: Entities::ProjectMember, project: user_project
+        else
+          handle_project_member_errors team_member.errors
+        end
+      end
+
+      # Update project team member
+      #
+      # Parameters:
+      #   id (required) - The ID of a project
+      #   user_id (required) - The ID of a team member
+      #   access_level (required) - Project access level
+      # Example Request:
+      #   PUT /projects/:id/members/:user_id
+      put ":id/members/:user_id" do
+        authorize! :admin_project, user_project
+        required_attributes! [:access_level]
+
+        team_member = user_project.users_projects.find_by(user_id: params[:user_id])
+        not_found!("User can not be found") if team_member.nil?
+
+        if team_member.update_attributes(project_access: params[:access_level])
+          @member = team_member.user
+          present @member, with: Entities::ProjectMember, project: user_project
+        else
+          handle_project_member_errors team_member.errors
+        end
+      end
+
+      # Remove a team member from project
+      #
+      # Parameters:
+      #   id (required) - The ID of a project
+      #   user_id (required) - The ID of a team member
+      # Example Request:
+      #   DELETE /projects/:id/members/:user_id
+      delete ":id/members/:user_id" do
+        authorize! :admin_project, user_project
+        team_member = user_project.users_projects.find_by(user_id: params[:user_id])
+        unless team_member.nil?
+          team_member.destroy
+        else
+          {message: "Access revoked", id: params[:user_id].to_i}
+        end
+      end
+    end
+  end
+end

lib/api/projects.rb

@@ -5,13 +5,6 @@ module API
 
     resource :projects do
       helpers do
-        def handle_project_member_errors(errors)
-          if errors[:project_access].any?
-            error!(errors[:project_access], 422)
-          end
-          not_found!
-        end
-
         def map_public_to_visibility_level(attrs)
           publik = attrs.delete(:public)
           publik = [ true, 1, '1', 't', 'T', 'true', 'TRUE', 'on', 'ON' ].include?(publik)
@@ -196,104 +189,6 @@ module API
           user_project.forked_project_link.destroy
         end
       end
-
-      # Get a project team members
-      #
-      # Parameters:
-      #   id (required) - The ID of a project
-      #   query         - Query string
-      # Example Request:
-      #   GET /projects/:id/members
-      get ":id/members" do
-        if params[:query].present?
-          @members = paginate user_project.users.where("username LIKE ?", "%#{params[:query]}%")
-        else
-          @members = paginate user_project.users
-        end
-        present @members, with: Entities::ProjectMember, project: user_project
-      end
-
-      # Get a project team members
-      #
-      # Parameters:
-      #   id (required) - The ID of a project
-      #   user_id (required) - The ID of a user
-      # Example Request:
-      #   GET /projects/:id/members/:user_id
-      get ":id/members/:user_id" do
-        @member = user_project.users.find params[:user_id]
-        present @member, with: Entities::ProjectMember, project: user_project
-      end
-
-      # Add a new project team member
-      #
-      # Parameters:
-      #   id (required) - The ID of a project
-      #   user_id (required) - The ID of a user
-      #   access_level (required) - Project access level
-      # Example Request:
-      #   POST /projects/:id/members
-      post ":id/members" do
-        authorize! :admin_project, user_project
-        required_attributes! [:user_id, :access_level]
-
-        # either the user is already a team member or a new one
-        team_member = user_project.team_member_by_id(params[:user_id])
-        if team_member.nil?
-          team_member = user_project.users_projects.new(
-            user_id: params[:user_id],
-            project_access: params[:access_level]
-          )
-        end
-
-        if team_member.save
-          @member = team_member.user
-          present @member, with: Entities::ProjectMember, project: user_project
-        else
-          handle_project_member_errors team_member.errors
-        end
-      end
-
-      # Update project team member
-      #
-      # Parameters:
-      #   id (required) - The ID of a project
-      #   user_id (required) - The ID of a team member
-      #   access_level (required) - Project access level
-      # Example Request:
-      #   PUT /projects/:id/members/:user_id
-      put ":id/members/:user_id" do
-        authorize! :admin_project, user_project
-        required_attributes! [:access_level]
-
-        team_member = user_project.users_projects.find_by(user_id: params[:user_id])
-        not_found!("User can not be found") if team_member.nil?
-
-        if team_member.update_attributes(project_access: params[:access_level])
-          @member = team_member.user
-          present @member, with: Entities::ProjectMember, project: user_project
-        else
-          handle_project_member_errors team_member.errors
-        end
-      end
-
-      # Remove a team member from project
-      #
-      # Parameters:
-      #   id (required) - The ID of a project
-      #   user_id (required) - The ID of a team member
-      # Example Request:
-      #   DELETE /projects/:id/members/:user_id
-      delete ":id/members/:user_id" do
-        authorize! :admin_project, user_project
-        team_member = user_project.users_projects.find_by(user_id: params[:user_id])
-        unless team_member.nil?
-          team_member.destroy
-        else
-          {message: "Access revoked", id: params[:user_id].to_i}
-        end
-      end
-
       # search for projects current_user has access to
       #
       # Parameters:

spec/requests/api/project_members_spec.rb

+require 'spec_helper'
+
+describe API::API do
+  include ApiHelpers
+  before(:each) { enable_observers }
+  after(:each) { disable_observers }
+
+  let(:user) { create(:user) }
+  let(:user2) { create(:user) }
+  let(:user3) { create(:user) }
+  let(:project) { create(:project, creator_id: user.id, namespace: user.namespace) }
+  let(:users_project) { create(:users_project, user: user, project: project, project_access: UsersProject::MASTER) }
+  let(:users_project2) { create(:users_project, user: user3, project: project, project_access: UsersProject::DEVELOPER) }
+
+  describe "GET /projects/:id/members" do
+    before { users_project }
+    before { users_project2 }
+
+    it "should return project team members" do
+      get api("/projects/#{project.id}/members", user)
+      response.status.should == 200
+      json_response.should be_an Array
+      json_response.count.should == 2
+      json_response.map { |u| u['email'] }.should include user.email
+    end
+
+    it "finds team members with query string" do
+      get api("/projects/#{project.id}/members", user), query: user.username
+      response.status.should == 200
+      json_response.should be_an Array
+      json_response.count.should == 1
+      json_response.first['email'].should == user.email
+    end
+
+    it "should return a 404 error if id not found" do
+      get api("/projects/9999/members", user)
+      response.status.should == 404
+    end
+  end
+
+  describe "GET /projects/:id/members/:user_id" do
+    before { users_project }
+
+    it "should return project team member" do
+      get api("/projects/#{project.id}/members/#{user.id}", user)
+      response.status.should == 200
+      json_response['email'].should == user.email
+      json_response['access_level'].should == UsersProject::MASTER
+    end
+
+    it "should return a 404 error if user id not found" do
+      get api("/projects/#{project.id}/members/1234", user)
+      response.status.should == 404
+    end
+  end
+
+  describe "POST /projects/:id/members" do
+    it "should add user to project team" do
+      expect {
+        post api("/projects/#{project.id}/members", user), user_id: user2.id,
+          access_level: UsersProject::DEVELOPER
+      }.to change { UsersProject.count }.by(1)
+
+      response.status.should == 201
+      json_response['email'].should == user2.email
+      json_response['access_level'].should == UsersProject::DEVELOPER
+    end
+
+    it "should return a 201 status if user is already project member" do
+      post api("/projects/#{project.id}/members", user), user_id: user2.id,
+        access_level: UsersProject::DEVELOPER
+      expect {
+        post api("/projects/#{project.id}/members", user), user_id: user2.id,
+          access_level: UsersProject::DEVELOPER
+      }.not_to change { UsersProject.count }.by(1)
+
+      response.status.should == 201
+      json_response['email'].should == user2.email
+      json_response['access_level'].should == UsersProject::DEVELOPER
+    end
+
+    it "should return a 400 error when user id is not given" do
+      post api("/projects/#{project.id}/members", user), access_level: UsersProject::MASTER
+      response.status.should == 400
+    end
+
+    it "should return a 400 error when access level is not given" do
+      post api("/projects/#{project.id}/members", user), user_id: user2.id
+      response.status.should == 400
+    end
+
+    it "should return a 422 error when access level is not known" do
+      post api("/projects/#{project.id}/members", user), user_id: user2.id, access_level: 1234
+      response.status.should == 422
+    end
+  end
+
+  describe "PUT /projects/:id/members/:user_id" do
+    before { users_project2 }
+
+    it "should update project team member" do
+      put api("/projects/#{project.id}/members/#{user3.id}", user), access_level: UsersProject::MASTER
+      response.status.should == 200
+      json_response['email'].should == user3.email
+      json_response['access_level'].should == UsersProject::MASTER
+    end
+
+    it "should return a 404 error if user_id is not found" do
+      put api("/projects/#{project.id}/members/1234", user), access_level: UsersProject::MASTER
+      response.status.should == 404
+    end
+
+    it "should return a 400 error when access level is not given" do
+      put api("/projects/#{project.id}/members/#{user3.id}", user)
+      response.status.should == 400
+    end
+
+    it "should return a 422 error when access level is not known" do
+      put api("/projects/#{project.id}/members/#{user3.id}", user), access_level: 123
+      response.status.should == 422
+    end
+  end
+
+  describe "DELETE /projects/:id/members/:user_id" do
+    before { users_project }
+    before { users_project2 }
+
+    it "should remove user from project team" do
+      expect {
+        delete api("/projects/#{project.id}/members/#{user3.id}", user)
+      }.to change { UsersProject.count }.by(-1)
+    end
+
+    it "should return 200 if team member is not part of a project" do
+      delete api("/projects/#{project.id}/members/#{user3.id}", user)
+      expect {
+        delete api("/projects/#{project.id}/members/#{user3.id}", user)
+      }.to_not change { UsersProject.count }.by(1)
+    end
+
+    it "should return 200 if team member already removed" do
+      delete api("/projects/#{project.id}/members/#{user3.id}", user)
+      delete api("/projects/#{project.id}/members/#{user3.id}", user)
+      response.status.should == 200
+    end
+
+    it "should return 200 OK when the user was not member" do
+      expect {
+        delete api("/projects/#{project.id}/members/1000000", user)
+      }.to change { UsersProject.count }.by(0)
+      response.status.should == 200
+      json_response['message'].should == "Access revoked"
+      json_response['id'].should == 1000000
+    end
+  end
+end

spec/requests/api/projects_spec.rb

@@ -311,148 +311,6 @@ describe API::API do
     end
   end
 
-  describe "GET /projects/:id/members" do
-    before { users_project }
-    before { users_project2 }
-
-    it "should return project team members" do
-      get api("/projects/#{project.id}/members", user)
-      response.status.should == 200
-      json_response.should be_an Array
-      json_response.count.should == 2
-      json_response.map { |u| u['email'] }.should include user.email
-    end
-
-    it "finds team members with query string" do
-      get api("/projects/#{project.id}/members", user), query: user.username
-      response.status.should == 200
-      json_response.should be_an Array
-      json_response.count.should == 1
-      json_response.first['email'].should == user.email
-    end
-
-    it "should return a 404 error if id not found" do
-      get api("/projects/9999/members", user)
-      response.status.should == 404
-    end
-  end
-
-  describe "GET /projects/:id/members/:user_id" do
-    before { users_project }
-
-    it "should return project team member" do
-      get api("/projects/#{project.id}/members/#{user.id}", user)
-      response.status.should == 200
-      json_response['email'].should == user.email
-      json_response['access_level'].should == UsersProject::MASTER
-    end
-
-    it "should return a 404 error if user id not found" do
-      get api("/projects/#{project.id}/members/1234", user)
-      response.status.should == 404
-    end
-  end
-
-  describe "POST /projects/:id/members" do
-    it "should add user to project team" do
-      expect {
-        post api("/projects/#{project.id}/members", user), user_id: user2.id,
-          access_level: UsersProject::DEVELOPER
-      }.to change { UsersProject.count }.by(1)
-
-      response.status.should == 201
-      json_response['email'].should == user2.email
-      json_response['access_level'].should == UsersProject::DEVELOPER
-    end
-
-    it "should return a 201 status if user is already project member" do
-      post api("/projects/#{project.id}/members", user), user_id: user2.id,
-        access_level: UsersProject::DEVELOPER
-      expect {
-        post api("/projects/#{project.id}/members", user), user_id: user2.id,
-          access_level: UsersProject::DEVELOPER
-      }.not_to change { UsersProject.count }.by(1)
-
-      response.status.should == 201
-      json_response['email'].should == user2.email
-      json_response['access_level'].should == UsersProject::DEVELOPER
-    end
-
-    it "should return a 400 error when user id is not given" do
-      post api("/projects/#{project.id}/members", user), access_level: UsersProject::MASTER
-      response.status.should == 400
-    end
-
-    it "should return a 400 error when access level is not given" do
-      post api("/projects/#{project.id}/members", user), user_id: user2.id
-      response.status.should == 400
-    end
-
-    it "should return a 422 error when access level is not known" do
-      post api("/projects/#{project.id}/members", user), user_id: user2.id, access_level: 1234
-      response.status.should == 422
-    end
-  end
-
-  describe "PUT /projects/:id/members/:user_id" do
-    before { users_project2 }
-
-    it "should update project team member" do
-      put api("/projects/#{project.id}/members/#{user3.id}", user), access_level: UsersProject::MASTER
-      response.status.should == 200
-      json_response['email'].should == user3.email
-      json_response['access_level'].should == UsersProject::MASTER
-    end
-
-    it "should return a 404 error if user_id is not found" do
-      put api("/projects/#{project.id}/members/1234", user), access_level: UsersProject::MASTER
-      response.status.should == 404
-    end
-
-    it "should return a 400 error when access level is not given" do
-      put api("/projects/#{project.id}/members/#{user3.id}", user)
-      response.status.should == 400
-    end
-
-    it "should return a 422 error when access level is not known" do
-      put api("/projects/#{project.id}/members/#{user3.id}", user), access_level: 123
-      response.status.should == 422
-    end
-  end
-
-  describe "DELETE /projects/:id/members/:user_id" do
-    before { users_project }
-    before { users_project2 }
-
-    it "should remove user from project team" do
-      expect {
-        delete api("/projects/#{project.id}/members/#{user3.id}", user)
-      }.to change { UsersProject.count }.by(-1)
-    end
-
-    it "should return 200 if team member is not part of a project" do
-      delete api("/projects/#{project.id}/members/#{user3.id}", user)
-      expect {
-        delete api("/projects/#{project.id}/members/#{user3.id}", user)
-      }.to_not change { UsersProject.count }.by(1)
-    end
-
-    it "should return 200 if team member already removed" do
-      delete api("/projects/#{project.id}/members/#{user3.id}", user)
-      delete api("/projects/#{project.id}/members/#{user3.id}", user)
-      response.status.should == 200
-    end
-
-    it "should return 200 OK when the user was not member" do
-      expect {
-        delete api("/projects/#{project.id}/members/1000000", user)
-      }.to change { UsersProject.count }.by(0)
-      response.status.should == 200
-      json_response['message'].should == "Access revoked"
-      json_response['id'].should == 1000000
-    end
-  end
-
   describe "GET /projects/:id/snippets" do
     before { snippet }