Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
b5399517
Commit
b5399517
authored
Jul 18, 2017
by
Shinya Maeda
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Ini
parent
045e4de4
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
321 additions
and
0 deletions
+321
-0
lib/api/api.rb
lib/api/api.rb
+1
-0
lib/api/group_variables.rb
lib/api/group_variables.rb
+95
-0
lib/api/helpers.rb
lib/api/helpers.rb
+4
-0
spec/requests/api/group_variables_spec.rb
spec/requests/api/group_variables_spec.rb
+221
-0
No files found.
lib/api/api.rb
View file @
b5399517
...
...
@@ -134,6 +134,7 @@ module API
mount
::
API
::
Triggers
mount
::
API
::
Users
mount
::
API
::
Variables
mount
::
API
::
GroupVariables
mount
::
API
::
Version
route
:any
,
'*path'
do
...
...
lib/api/group_variables.rb
0 → 100644
View file @
b5399517
module
API
class
GroupVariables
<
Grape
::
API
include
PaginationParams
before
{
authenticate!
}
before
{
authorize!
:admin_build
,
user_group
}
params
do
requires
:id
,
type:
String
,
desc:
'The ID of a group'
end
resource
:groups
,
requirements:
{
id:
%r{[^/]+}
}
do
desc
'Get group-level variables'
do
success
Entities
::
Variable
end
params
do
use
:pagination
end
get
':id/variables'
do
variables
=
user_group
.
variables
present
paginate
(
variables
),
with:
Entities
::
Variable
end
desc
'Get a specific variable from a group'
do
success
Entities
::
Variable
end
params
do
requires
:key
,
type:
String
,
desc:
'The key of the variable'
end
get
':id/variables/:key'
do
key
=
params
[
:key
]
variable
=
user_group
.
variables
.
find_by
(
key:
key
)
return
not_found!
(
'GroupVariable'
)
unless
variable
present
variable
,
with:
Entities
::
Variable
end
desc
'Create a new variable in a group'
do
success
Entities
::
Variable
end
params
do
requires
:key
,
type:
String
,
desc:
'The key of the variable'
requires
:value
,
type:
String
,
desc:
'The value of the variable'
optional
:protected
,
type:
String
,
desc:
'Whether the variable is protected'
end
post
':id/variables'
do
variable_params
=
declared_params
(
include_missing:
false
)
variable
=
user_group
.
variables
.
create
(
variable_params
)
if
variable
.
valid?
present
variable
,
with:
Entities
::
Variable
else
render_validation_error!
(
variable
)
end
end
desc
'Update an existing variable from a group'
do
success
Entities
::
Variable
end
params
do
optional
:key
,
type:
String
,
desc:
'The key of the variable'
optional
:value
,
type:
String
,
desc:
'The value of the variable'
optional
:protected
,
type:
String
,
desc:
'Whether the variable is protected'
end
put
':id/variables/:key'
do
variable
=
user_group
.
variables
.
find_by
(
key:
params
[
:key
])
return
not_found!
(
'GroupVariable'
)
unless
variable
variable_params
=
declared_params
(
include_missing:
false
).
except
(
:key
)
if
variable
.
update
(
variable_params
)
present
variable
,
with:
Entities
::
Variable
else
render_validation_error!
(
variable
)
end
end
desc
'Delete an existing variable from a group'
do
success
Entities
::
Variable
end
params
do
requires
:key
,
type:
String
,
desc:
'The key of the variable'
end
delete
':id/variables/:key'
do
variable
=
user_group
.
variables
.
find_by
(
key:
params
[
:key
])
not_found!
(
'GroupVariable'
)
unless
variable
variable
.
destroy
end
end
end
end
lib/api/helpers.rb
View file @
b5399517
...
...
@@ -29,6 +29,10 @@ module API
@project
||=
find_project!
(
params
[
:id
])
end
def
user_group
@group
||=
find_group!
(
params
[
:id
])
end
def
available_labels
@available_labels
||=
LabelsFinder
.
new
(
current_user
,
project_id:
user_project
.
id
).
execute
end
...
...
spec/requests/api/group_variables_spec.rb
0 → 100644
View file @
b5399517
require
'spec_helper'
describe
API
::
GroupVariables
do
let
(
:group
)
{
create
(
:group
)
}
let
(
:user
)
{
create
(
:user
)
}
describe
'GET /groups/:id/variables'
do
let!
(
:variable
)
{
create
(
:ci_group_variable
,
group:
group
)
}
context
'authorized user with proper permissions'
do
before
do
group
.
add_master
(
user
)
end
it
'returns group variables'
do
get
api
(
"/groups/
#{
group
.
id
}
/variables"
,
user
)
expect
(
response
).
to
have_http_status
(
200
)
expect
(
json_response
).
to
be_a
(
Array
)
end
end
context
'authorized user with invalid permissions'
do
it
'does not return group variables'
do
get
api
(
"/groups/
#{
group
.
id
}
/variables"
,
user
)
expect
(
response
).
to
have_http_status
(
403
)
end
end
context
'unauthorized user'
do
it
'does not return group variables'
do
get
api
(
"/groups/
#{
group
.
id
}
/variables"
)
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
describe
'GET /groups/:id/variables/:key'
do
let!
(
:variable
)
{
create
(
:ci_group_variable
,
group:
group
)
}
context
'authorized user with proper permissions'
do
before
do
group
.
add_master
(
user
)
end
it
'returns group variable details'
do
get
api
(
"/groups/
#{
group
.
id
}
/variables/
#{
variable
.
key
}
"
,
user
)
expect
(
response
).
to
have_http_status
(
200
)
expect
(
json_response
[
'value'
]).
to
eq
(
variable
.
value
)
expect
(
json_response
[
'protected'
]).
to
eq
(
variable
.
protected?
)
end
it
'responds with 404 Not Found if requesting non-existing variable'
do
get
api
(
"/groups/
#{
group
.
id
}
/variables/non_existing_variable"
,
user
)
expect
(
response
).
to
have_http_status
(
404
)
end
end
context
'authorized user with invalid permissions'
do
it
'does not return group variable details'
do
get
api
(
"/groups/
#{
group
.
id
}
/variables/
#{
variable
.
key
}
"
,
user
)
expect
(
response
).
to
have_http_status
(
403
)
end
end
context
'unauthorized user'
do
it
'does not return group variable details'
do
get
api
(
"/groups/
#{
group
.
id
}
/variables/
#{
variable
.
key
}
"
)
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
describe
'POST /groups/:id/variables'
do
context
'authorized user with proper permissions'
do
let!
(
:variable
)
{
create
(
:ci_group_variable
,
group:
group
)
}
before
do
group
.
add_master
(
user
)
end
it
'creates variable'
do
expect
do
post
api
(
"/groups/
#{
group
.
id
}
/variables"
,
user
),
key:
'TEST_VARIABLE_2'
,
value:
'VALUE_2'
,
protected:
true
end
.
to
change
{
group
.
variables
.
count
}.
by
(
1
)
expect
(
response
).
to
have_http_status
(
201
)
expect
(
json_response
[
'key'
]).
to
eq
(
'TEST_VARIABLE_2'
)
expect
(
json_response
[
'value'
]).
to
eq
(
'VALUE_2'
)
expect
(
json_response
[
'protected'
]).
to
be_truthy
end
it
'creates variable with optional attributes'
do
expect
do
post
api
(
"/groups/
#{
group
.
id
}
/variables"
,
user
),
key:
'TEST_VARIABLE_2'
,
value:
'VALUE_2'
end
.
to
change
{
group
.
variables
.
count
}.
by
(
1
)
expect
(
response
).
to
have_http_status
(
201
)
expect
(
json_response
[
'key'
]).
to
eq
(
'TEST_VARIABLE_2'
)
expect
(
json_response
[
'value'
]).
to
eq
(
'VALUE_2'
)
expect
(
json_response
[
'protected'
]).
to
be_falsey
end
it
'does not allow to duplicate variable key'
do
expect
do
post
api
(
"/groups/
#{
group
.
id
}
/variables"
,
user
),
key:
variable
.
key
,
value:
'VALUE_2'
end
.
to
change
{
group
.
variables
.
count
}.
by
(
0
)
expect
(
response
).
to
have_http_status
(
400
)
end
end
context
'authorized user with invalid permissions'
do
it
'does not create variable'
do
post
api
(
"/groups/
#{
group
.
id
}
/variables"
,
user
)
expect
(
response
).
to
have_http_status
(
403
)
end
end
context
'unauthorized user'
do
it
'does not create variable'
do
post
api
(
"/groups/
#{
group
.
id
}
/variables"
)
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
describe
'PUT /groups/:id/variables/:key'
do
let!
(
:variable
)
{
create
(
:ci_group_variable
,
group:
group
)
}
context
'authorized user with proper permissions'
do
before
do
group
.
add_master
(
user
)
end
it
'updates variable data'
do
initial_variable
=
group
.
variables
.
first
value_before
=
initial_variable
.
value
put
api
(
"/groups/
#{
group
.
id
}
/variables/
#{
variable
.
key
}
"
,
user
),
value:
'VALUE_1_UP'
,
protected:
true
updated_variable
=
group
.
variables
.
first
expect
(
response
).
to
have_http_status
(
200
)
expect
(
value_before
).
to
eq
(
variable
.
value
)
expect
(
updated_variable
.
value
).
to
eq
(
'VALUE_1_UP'
)
expect
(
updated_variable
).
to
be_protected
end
it
'responds with 404 Not Found if requesting non-existing variable'
do
put
api
(
"/groups/
#{
group
.
id
}
/variables/non_existing_variable"
,
user
)
expect
(
response
).
to
have_http_status
(
404
)
end
end
context
'authorized user with invalid permissions'
do
it
'does not update variable'
do
put
api
(
"/groups/
#{
group
.
id
}
/variables/
#{
variable
.
key
}
"
,
user
)
expect
(
response
).
to
have_http_status
(
403
)
end
end
context
'unauthorized user'
do
it
'does not update variable'
do
put
api
(
"/groups/
#{
group
.
id
}
/variables/
#{
variable
.
key
}
"
)
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
describe
'DELETE /groups/:id/variables/:key'
do
let!
(
:variable
)
{
create
(
:ci_group_variable
,
group:
group
)
}
context
'authorized user with proper permissions'
do
before
do
group
.
add_master
(
user
)
end
it
'deletes variable'
do
expect
do
delete
api
(
"/groups/
#{
group
.
id
}
/variables/
#{
variable
.
key
}
"
,
user
)
expect
(
response
).
to
have_http_status
(
204
)
end
.
to
change
{
group
.
variables
.
count
}.
by
(
-
1
)
end
it
'responds with 404 Not Found if requesting non-existing variable'
do
delete
api
(
"/groups/
#{
group
.
id
}
/variables/non_existing_variable"
,
user
)
expect
(
response
).
to
have_http_status
(
404
)
end
end
context
'authorized user with invalid permissions'
do
it
'does not delete variable'
do
delete
api
(
"/groups/
#{
group
.
id
}
/variables/
#{
variable
.
key
}
"
,
user
)
expect
(
response
).
to
have_http_status
(
403
)
end
end
context
'unauthorized user'
do
it
'does not delete variable'
do
delete
api
(
"/groups/
#{
group
.
id
}
/variables/
#{
variable
.
key
}
"
)
expect
(
response
).
to
have_http_status
(
401
)
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment