Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
d5d0c00e
Commit
d5d0c00e
authored
May 27, 2013
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'former03-feature_teams_api'
parents
69d70400
c3ba0ee6
Changes
6
Show whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
863 additions
and
0 deletions
+863
-0
doc/api/README.md
doc/api/README.md
+1
-0
doc/api/user_teams.md
doc/api/user_teams.md
+209
-0
lib/api/api.rb
lib/api/api.rb
+1
-0
lib/api/entities.rb
lib/api/entities.rb
+16
-0
lib/api/user_teams.rb
lib/api/user_teams.rb
+276
-0
spec/requests/api/user_teams_spec.rb
spec/requests/api/user_teams_spec.rb
+360
-0
No files found.
doc/api/README.md
View file @
d5d0c00e
...
...
@@ -79,3 +79,4 @@ When listing resources you can pass the following parameters:
+
[
Milestones
](
doc/api/milestones.md
)
+
[
Notes
](
doc/api/notes.md
)
+
[
System Hooks
](
doc/api/system_hooks.md
)
+
[
User Teams
](
doc/api/user_teams.md
)
doc/api/user_teams.md
0 → 100644
View file @
d5d0c00e
## User teams
### List user teams
Get a list of user teams viewable by the authenticated user.
```
GET /user_teams
```
```
json
[
{
id:
1
,
name:
"User team 1"
,
path:
"user_team1"
,
owner_id:
1
},
{
id:
2
,
name:
"User team 2"
,
path:
"user_team2"
,
owner_id:
1
}
]
```
### Get single user team
Get a specific user team, identified by user team ID, which is viewable by the authenticated user.
```
GET /user_teams/:id
```
Parameters:
+
`id`
(required) - The ID of a user_team
```
json
{
id:
1
,
name:
"User team 1"
,
path:
"user_team1"
,
owner_id:
1
}
```
### Create user team
Creates new user team owned by user. Available only for admins.
```
POST /user_teams
```
Parameters:
+
`name`
(required) - new user team name
+
`path`
(required) - new user team internal name
## User team members
### List user team members
Get a list of project team members.
```
GET /user_teams/:id/members
```
Parameters:
+
`id`
(required) - The ID of a user_team
### Get user team member
Gets a user team member.
```
GET /user_teams/:id/members/:user_id
```
Parameters:
+
`id`
(required) - The ID of a user_team
+
`user_id`
(required) - The ID of a user
```
json
{
id:
2
,
username:
"john_doe"
,
email:
"joh@doe.org"
,
name:
"John Doe"
,
state:
"active"
,
created_at:
"2012-10-22T14:13:35Z"
,
access_level:
30
}
```
### Add user team member
Adds a user to a user team.
```
POST /user_teams/:id/members
```
Parameters:
+
`id`
(required) - The ID of a user team
+
`user_id`
(required) - The ID of a user to add
+
`access_level`
(required) - Project access level
### Remove user team member
Removes user from user team.
```
DELETE /user_teams/:id/members/:user_id
```
Parameters:
+
`id`
(required) - The ID of a user team
+
`user_id`
(required) - The ID of a team member
## User team projects
### List user team projects
Get a list of project team projects.
```
GET /user_teams/:id/projects
```
Parameters:
+
`id`
(required) - The ID of a user_team
### Get user team project
Gets a user team project.
```
GET /user_teams/:id/projects/:project_id
```
Parameters:
+
`id`
(required) - The ID of a user_team
+
`project_id`
(required) - The ID of a user
```
json
{
id:
12
,
name:
"project1"
,
description:
null
,
default_branch:
"develop"
,
public:
false
,
path:
"project1"
,
path_with_namespace:
"group1/project1"
,
issues_enabled:
false
,
merge_requests_enabled:
true
,
wall_enabled:
true
,
wiki_enabled:
false
,
created_at:
"2013-03-11T12:59:08Z"
,
greatest_access_level:
30
}
```
### Add user team project
Adds a project to a user team.
```
POST /user_teams/:id/projects
```
Parameters:
+
`id`
(required) - The ID of a user team
+
`project_id`
(required) - The ID of a project to add
+
`greatest_access_level`
(required) - Maximum project access level
### Remove user team project
Removes project from user team.
```
DELETE /user_teams/:id/projects/:project_id
```
Parameters:
+
`id`
(required) - The ID of a user team
+
`project_id`
(required) - The ID of a team project
lib/api/api.rb
View file @
d5d0c00e
...
...
@@ -35,5 +35,6 @@ module API
mount
Notes
mount
Internal
mount
SystemHooks
mount
UserTeams
end
end
lib/api/entities.rb
View file @
d5d0c00e
...
...
@@ -40,6 +40,18 @@ module API
end
end
class
TeamMember
<
UserBasic
expose
:permission
,
as: :access_level
do
|
user
,
options
|
options
[
:user_team
].
user_team_user_relationships
.
find_by_user_id
(
user
.
id
).
permission
end
end
class
TeamProject
<
Project
expose
:greatest_access
,
as: :greatest_access_level
do
|
project
,
options
|
options
[
:user_team
].
user_team_project_relationships
.
find_by_project_id
(
project
.
id
).
greatest_access
end
end
class
Group
<
Grape
::
Entity
expose
:id
,
:name
,
:path
,
:owner_id
end
...
...
@@ -87,6 +99,10 @@ module API
expose
:id
,
:title
,
:key
,
:created_at
end
class
UserTeam
<
Grape
::
Entity
expose
:id
,
:name
,
:path
,
:owner_id
end
class
MergeRequest
<
Grape
::
Entity
expose
:id
,
:target_branch
,
:source_branch
,
:project_id
,
:title
,
:state
expose
:author
,
:assignee
,
using:
Entities
::
UserBasic
...
...
lib/api/user_teams.rb
0 → 100644
View file @
d5d0c00e
module
API
# user_teams API
class
UserTeams
<
Grape
::
API
before
{
authenticate!
}
resource
:user_teams
do
helpers
do
def
handle_team_member_errors
(
errors
)
if
errors
[
:permission
].
any?
render_api_error!
(
errors
[
:permission
],
422
)
end
not_found!
end
def
validate_access_level?
(
level
)
[
UsersProject
::
GUEST
,
UsersProject
::
REPORTER
,
UsersProject
::
DEVELOPER
,
UsersProject
::
MASTER
].
include?
level
.
to_i
end
end
# Get a user_teams list
#
# Example Request:
# GET /user_teams
get
do
if
current_user
.
admin
@user_teams
=
paginate
UserTeam
else
@user_teams
=
paginate
current_user
.
user_teams
end
present
@user_teams
,
with:
Entities
::
UserTeam
end
# Create user_team. Available only for admin
#
# Parameters:
# name (required) - The name of the user_team
# path (required) - The path of the user_team
# Example Request:
# POST /user_teams
post
do
authenticated_as_admin!
required_attributes!
[
:name
,
:path
]
attrs
=
attributes_for_keys
[
:name
,
:path
]
@user_team
=
UserTeam
.
new
(
attrs
)
@user_team
.
owner
=
current_user
if
@user_team
.
save
present
@user_team
,
with:
Entities
::
UserTeam
else
not_found!
end
end
# Get a single user_team
#
# Parameters:
# id (required) - The ID of a user_team
# Example Request:
# GET /user_teams/:id
get
":id"
do
@user_team
=
UserTeam
.
find
(
params
[
:id
])
if
current_user
.
admin
or
current_user
.
user_teams
.
include?
@user_team
present
@user_team
,
with:
Entities
::
UserTeam
else
not_found!
end
end
# Get user_team members
#
# Parameters:
# id (required) - The ID of a user_team
# Example Request:
# GET /user_teams/:id/members
get
":id/members"
do
@user_team
=
UserTeam
.
find
(
params
[
:id
])
if
current_user
.
admin
or
current_user
.
user_teams
.
include?
@user_team
@members
=
paginate
@user_team
.
members
present
@members
,
with:
Entities
::
TeamMember
,
user_team:
@user_team
else
not_found!
end
end
# Add a new user_team member
#
# Parameters:
# id (required) - The ID of a user_team
# user_id (required) - The ID of a user
# access_level (required) - Project access level
# Example Request:
# POST /user_teams/:id/members
post
":id/members"
do
authenticated_as_admin!
required_attributes!
[
:user_id
,
:access_level
]
if
not
validate_access_level?
(
params
[
:access_level
])
render_api_error!
(
"Wrong access level"
,
422
)
end
@user_team
=
UserTeam
.
find
(
params
[
:id
])
if
@user_team
team_member
=
@user_team
.
user_team_user_relationships
.
find_by_user_id
(
params
[
:user_id
])
# Not existing member
if
team_member
.
nil?
@user_team
.
add_member
(
params
[
:user_id
],
params
[
:access_level
],
false
)
team_member
=
@user_team
.
user_team_user_relationships
.
find_by_user_id
(
params
[
:user_id
])
if
team_member
.
nil?
render_api_error!
(
"Error creating membership"
,
500
)
else
@member
=
team_member
.
user
present
@member
,
with:
Entities
::
TeamMember
,
user_team:
@user_team
end
else
render_api_error!
(
"Already exists"
,
409
)
end
else
not_found!
end
end
# Get a single team member from user_team
#
# Parameters:
# id (required) - The ID of a user_team
# user_id (required) - The ID of a team member
# Example Request:
# GET /user_teams/:id/members/:user_id
get
":id/members/:user_id"
do
@user_team
=
UserTeam
.
find
(
params
[
:id
])
if
current_user
.
admin
or
current_user
.
user_teams
.
include?
@user_team
team_member
=
@user_team
.
user_team_user_relationships
.
find_by_user_id
(
params
[
:user_id
])
unless
team_member
.
nil?
present
team_member
.
user
,
with:
Entities
::
TeamMember
,
user_team:
@user_team
else
not_found!
end
else
not_found!
end
end
# Remove a team member from user_team
#
# Parameters:
# id (required) - The ID of a user_team
# user_id (required) - The ID of a team member
# Example Request:
# DELETE /user_teams/:id/members/:user_id
delete
":id/members/:user_id"
do
authenticated_as_admin!
@user_team
=
UserTeam
.
find
(
params
[
:id
])
if
@user_team
team_member
=
@user_team
.
user_team_user_relationships
.
find_by_user_id
(
params
[
:user_id
])
unless
team_member
.
nil?
team_member
.
destroy
else
not_found!
end
else
not_found!
end
end
# Get to user_team assigned projects
#
# Parameters:
# id (required) - The ID of a user_team
# Example Request:
# GET /user_teams/:id/projects
get
":id/projects"
do
@user_team
=
UserTeam
.
find
(
params
[
:id
])
if
current_user
.
admin
or
current_user
.
user_teams
.
include?
@user_team
@projects
=
paginate
@user_team
.
projects
present
@projects
,
with:
Entities
::
TeamProject
,
user_team:
@user_team
else
not_found!
end
end
# Add a new user_team project
#
# Parameters:
# id (required) - The ID of a user_team
# project_id (required) - The ID of a project
# greatest_access_level (required) - Project access level
# Example Request:
# POST /user_teams/:id/projects
post
":id/projects"
do
authenticated_as_admin!
required_attributes!
[
:project_id
,
:greatest_access_level
]
if
not
validate_access_level?
(
params
[
:greatest_access_level
])
render_api_error!
(
"Wrong greatest_access_level"
,
422
)
end
@user_team
=
UserTeam
.
find
(
params
[
:id
])
if
@user_team
team_project
=
@user_team
.
user_team_project_relationships
.
find_by_project_id
(
params
[
:project_id
])
# No existing project
if
team_project
.
nil?
@user_team
.
assign_to_projects
([
params
[
:project_id
]],
params
[
:greatest_access_level
])
team_project
=
@user_team
.
user_team_project_relationships
.
find_by_project_id
(
params
[
:project_id
])
if
team_project
.
nil?
render_api_error!
(
"Error creating project assignment"
,
500
)
else
@project
=
team_project
.
project
present
@project
,
with:
Entities
::
TeamProject
,
user_team:
@user_team
end
else
render_api_error!
(
"Already exists"
,
409
)
end
else
not_found!
end
end
# Show a single team project from user_team
#
# Parameters:
# id (required) - The ID of a user_team
# project_id (required) - The ID of a project assigned to the team
# Example Request:
# GET /user_teams/:id/projects/:project_id
get
":id/projects/:project_id"
do
@user_team
=
UserTeam
.
find
(
params
[
:id
])
if
current_user
.
admin
or
current_user
.
user_teams
.
include?
@user_team
team_project
=
@user_team
.
user_team_project_relationships
.
find_by_project_id
(
params
[
:project_id
])
unless
team_project
.
nil?
present
team_project
.
project
,
with:
Entities
::
TeamProject
,
user_team:
@user_team
else
not_found!
end
else
not_found!
end
end
# Remove a team project from user_team
#
# Parameters:
# id (required) - The ID of a user_team
# project_id (required) - The ID of a project assigned to the team
# Example Request:
# DELETE /user_teams/:id/projects/:project_id
delete
":id/projects/:project_id"
do
authenticated_as_admin!
@user_team
=
UserTeam
.
find
(
params
[
:id
])
if
@user_team
team_project
=
@user_team
.
user_team_project_relationships
.
find_by_project_id
(
params
[
:project_id
])
unless
team_project
.
nil?
team_project
.
destroy
else
not_found!
end
else
not_found!
end
end
end
end
end
spec/requests/api/user_teams_spec.rb
0 → 100644
View file @
d5d0c00e
require
'spec_helper'
describe
API
::
API
do
include
ApiHelpers
# Create test objects
let
(
:user1
)
{
create
(
:user
)
}
let
(
:user2
)
{
create
(
:user
)
}
let
(
:admin
)
{
create
(
:admin
)
}
let!
(
:group1
)
{
create
(
:group
,
owner:
user1
)
}
let!
(
:group2
)
{
create
(
:group
,
owner:
user2
)
}
let
(
:user_team1
)
{
create
(
:user_team
,
owner:
user1
)
}
let
(
:user_team2
)
{
create
(
:user_team
,
owner:
user2
)
}
let!
(
:project1
)
{
create
(
:project
,
creator_id:
admin
.
id
)
}
let!
(
:project2
)
{
create
(
:project
,
creator_id:
admin
.
id
)
}
before
{
# Add members to teams
user_team1
.
add_member
(
user1
,
UsersProject
::
MASTER
,
false
)
user_team2
.
add_member
(
user2
,
UsersProject
::
MASTER
,
false
)
# Add projects to teams
user_team1
.
assign_to_projects
([
project1
.
id
],
UsersProject
::
MASTER
)
user_team2
.
assign_to_projects
([
project2
.
id
],
UsersProject
::
MASTER
)
}
describe
"GET /user_teams"
do
context
"when unauthenticated"
do
it
"should return authentication error"
do
get
api
(
"/user_teams"
)
response
.
status
.
should
==
401
end
end
context
"when authenticated as user"
do
it
"normal user: should return an array of user_teams of user1"
do
get
api
(
"/user_teams"
,
user1
)
response
.
status
.
should
==
200
json_response
.
should
be_an
Array
json_response
.
length
.
should
==
1
json_response
.
first
[
'name'
].
should
==
user_team1
.
name
end
end
context
"when authenticated as admin"
do
it
"admin: should return an array of all user_teams"
do
get
api
(
"/user_teams"
,
admin
)
response
.
status
.
should
==
200
json_response
.
should
be_an
Array
json_response
.
length
.
should
==
2
end
end
end
describe
"GET /user_teams/:id"
do
context
"when authenticated as user"
do
it
"should return one of user1's user_teams"
do
get
api
(
"/user_teams/
#{
user_team1
.
id
}
"
,
user1
)
response
.
status
.
should
==
200
json_response
[
'name'
]
==
user_team1
.
name
end
it
"should not return a non existing team"
do
get
api
(
"/user_teams/1328"
,
user1
)
response
.
status
.
should
==
404
end
it
"should not return a user_team not attached to user1"
do
get
api
(
"/user_teams/
#{
user_team2
.
id
}
"
,
user1
)
response
.
status
.
should
==
404
end
end
context
"when authenticated as admin"
do
it
"should return any existing user_team"
do
get
api
(
"/user_teams/
#{
user_team2
.
id
}
"
,
admin
)
response
.
status
.
should
==
200
json_response
[
'name'
].
should
==
user_team2
.
name
end
it
"should not return a non existing user_team"
do
get
api
(
"/user_teams/1328"
,
admin
)
response
.
status
.
should
==
404
end
end
end
describe
"POST /user_teams"
do
context
"when authenticated as user"
do
it
"should not create user_team"
do
count_before
=
UserTeam
.
count
post
api
(
"/user_teams"
,
user1
),
attributes_for
(
:user_team
)
response
.
status
.
should
==
403
UserTeam
.
count
.
should
==
count_before
end
end
context
"when authenticated as admin"
do
it
"should create user_team"
do
count_before
=
UserTeam
.
count
post
api
(
"/user_teams"
,
admin
),
attributes_for
(
:user_team
)
response
.
status
.
should
==
201
UserTeam
.
count
.
should
==
count_before
+
1
end
it
"should not create user_team, duplicate"
do
post
api
(
"/user_teams"
,
admin
),
{
:name
=>
"Duplicate Test"
,
:path
=>
user_team2
.
path
}
response
.
status
.
should
==
404
end
it
"should return 400 bad request error if name not given"
do
post
api
(
"/user_teams"
,
admin
),
{
:path
=>
user_team2
.
path
}
response
.
status
.
should
==
400
end
it
"should return 400 bad request error if path not given"
do
post
api
(
"/user_teams"
,
admin
),
{
:name
=>
'test'
}
response
.
status
.
should
==
400
end
end
end
# Members
describe
"GET /user_teams/:id/members"
do
context
"when authenticated as user"
do
it
"should return user1 as member of user1's user_teams"
do
get
api
(
"/user_teams/
#{
user_team1
.
id
}
/members"
,
user1
)
response
.
status
.
should
==
200
json_response
.
first
[
'name'
].
should
==
user1
.
name
json_response
.
first
[
'access_level'
].
should
==
UsersProject
::
MASTER
end
end
context
"when authenticated as admin"
do
it
"should return member of any existing user_team"
do
get
api
(
"/user_teams/
#{
user_team2
.
id
}
/members"
,
admin
)
response
.
status
.
should
==
200
json_response
.
first
[
'name'
].
should
==
user2
.
name
json_response
.
first
[
'access_level'
].
should
==
UsersProject
::
MASTER
end
end
end
describe
"POST /user_teams/:id/members"
do
context
"when authenticated as user"
do
it
"should not add user2 as member of user_team1"
do
post
api
(
"/user_teams/
#{
user_team1
.
id
}
/members"
,
user1
),
user_id:
user2
.
id
,
access_level:
UsersProject
::
MASTER
response
.
status
.
should
==
403
end
end
context
"when authenticated as admin"
do
it
"should return ok and add new member"
do
count_before
=
user_team1
.
user_team_user_relationships
.
count
post
api
(
"/user_teams/
#{
user_team1
.
id
}
/members"
,
admin
),
user_id:
user2
.
id
,
access_level:
UsersProject
::
MASTER
response
.
status
.
should
==
201
json_response
[
'name'
].
should
==
user2
.
name
json_response
[
'access_level'
].
should
==
UsersProject
::
MASTER
user_team1
.
user_team_user_relationships
.
count
.
should
==
count_before
+
1
end
it
"should return ok if member already exists"
do
post
api
(
"/user_teams/
#{
user_team2
.
id
}
/members"
,
admin
),
user_id:
user2
.
id
,
access_level:
UsersProject
::
MASTER
response
.
status
.
should
==
409
end
it
"should return a 400 error when user id is not given"
do
post
api
(
"/user_teams/
#{
user_team2
.
id
}
/members"
,
admin
),
access_level:
UsersProject
::
MASTER
response
.
status
.
should
==
400
end
it
"should return a 400 error when access level is not given"
do
post
api
(
"/user_teams/
#{
user_team2
.
id
}
/members"
,
admin
),
user_id:
user2
.
id
response
.
status
.
should
==
400
end
it
"should return a 422 error when access level is not known"
do
post
api
(
"/user_teams/
#{
user_team2
.
id
}
/members"
,
admin
),
user_id:
user1
.
id
,
access_level:
1234
response
.
status
.
should
==
422
end
end
end
# Get single member
describe
"GET /user_teams/:id/members/:user_id"
do
context
"when authenticated as member"
do
it
"should show user1's membership of user_team1"
do
get
api
(
"/user_teams/
#{
user_team1
.
id
}
/members/
#{
user1
.
id
}
"
,
user1
)
response
.
status
.
should
==
200
json_response
[
'name'
].
should
==
user1
.
name
json_response
[
'access_level'
].
should
==
UsersProject
::
MASTER
end
it
"should show that user2 is not member of user_team1"
do
get
api
(
"/user_teams/
#{
user_team1
.
id
}
/members/
#{
user2
.
id
}
"
,
user1
)
response
.
status
.
should
==
404
end
end
context
"when authenticated as non-member"
do
it
"should not show user1's membership of user_team1"
do
get
api
(
"/user_teams/
#{
user_team1
.
id
}
/members/
#{
user1
.
id
}
"
,
user2
)
response
.
status
.
should
==
404
end
end
context
"when authenticated as admin"
do
it
"should show user1's membership of user_team1"
do
get
api
(
"/user_teams/
#{
user_team1
.
id
}
/members/
#{
user1
.
id
}
"
,
admin
)
response
.
status
.
should
==
200
json_response
[
'name'
].
should
==
user1
.
name
json_response
[
'access_level'
].
should
==
UsersProject
::
MASTER
end
it
"should return a 404 error when user id is not known"
do
get
api
(
"/user_teams/
#{
user_team2
.
id
}
/members/1328"
,
admin
)
response
.
status
.
should
==
404
end
end
end
describe
"DELETE /user_teams/:id/members/:user_id"
do
context
"when authenticated as user"
do
it
"should not delete user1's membership of user_team1"
do
delete
api
(
"/user_teams/
#{
user_team1
.
id
}
/members/
#{
user1
.
id
}
"
,
user1
)
response
.
status
.
should
==
403
end
end
context
"when authenticated as admin"
do
it
"should delete user1's membership of user_team1"
do
count_before
=
user_team1
.
user_team_user_relationships
.
count
delete
api
(
"/user_teams/
#{
user_team1
.
id
}
/members/
#{
user1
.
id
}
"
,
admin
)
response
.
status
.
should
==
200
user_team1
.
user_team_user_relationships
.
count
.
should
==
count_before
-
1
end
it
"should return a 404 error when user id is not known"
do
delete
api
(
"/user_teams/
#{
user_team2
.
id
}
/members/1328"
,
admin
)
response
.
status
.
should
==
404
end
end
end
# Projects
describe
"GET /user_teams/:id/projects"
do
context
"when authenticated as user"
do
it
"should return project1 as assigned to user_team1 as member user1"
do
get
api
(
"/user_teams/
#{
user_team1
.
id
}
/projects"
,
user1
)
response
.
status
.
should
==
200
json_response
.
first
[
'name'
].
should
==
project1
.
name
json_response
.
length
.
should
==
user_team1
.
user_team_project_relationships
.
count
end
end
context
"when authenticated as admin"
do
it
"should return project2 as assigned to user_team2 as non-member, but admin"
do
get
api
(
"/user_teams/
#{
user_team2
.
id
}
/projects"
,
admin
)
response
.
status
.
should
==
200
json_response
.
first
[
'name'
].
should
==
project2
.
name
json_response
.
first
[
'greatest_access_level'
].
should
==
UsersProject
::
MASTER
end
end
end
describe
"POST /user_teams/:id/projects"
do
context
"when authenticated as admin"
do
it
"should return ok and add new project"
do
count_before
=
user_team1
.
user_team_project_relationships
.
count
post
api
(
"/user_teams/
#{
user_team1
.
id
}
/projects"
,
admin
),
project_id:
project2
.
id
,
greatest_access_level:
UsersProject
::
MASTER
response
.
status
.
should
==
201
json_response
[
'name'
].
should
==
project2
.
name
json_response
[
'greatest_access_level'
].
should
==
UsersProject
::
MASTER
user_team1
.
user_team_project_relationships
.
count
.
should
==
count_before
+
1
end
it
"should return ok if project already exists"
do
post
api
(
"/user_teams/
#{
user_team2
.
id
}
/projects"
,
admin
),
project_id:
project2
.
id
,
greatest_access_level:
UsersProject
::
MASTER
response
.
status
.
should
==
409
end
it
"should return a 400 error when project id is not given"
do
post
api
(
"/user_teams/
#{
user_team2
.
id
}
/projects"
,
admin
),
greatest_access_level:
UsersProject
::
MASTER
response
.
status
.
should
==
400
end
it
"should return a 400 error when access level is not given"
do
post
api
(
"/user_teams/
#{
user_team2
.
id
}
/projects"
,
admin
),
project_id:
project2
.
id
response
.
status
.
should
==
400
end
it
"should return a 422 error when access level is not known"
do
post
api
(
"/user_teams/
#{
user_team2
.
id
}
/projects"
,
admin
),
project_id:
project2
.
id
,
greatest_access_level:
1234
response
.
status
.
should
==
422
end
end
end
describe
"GET /user_teams/:id/projects/:project_id"
do
context
"when authenticated as member"
do
it
"should show project1's assignment to user_team1"
do
get
api
(
"/user_teams/
#{
user_team1
.
id
}
/projects/
#{
project1
.
id
}
"
,
user1
)
response
.
status
.
should
==
200
json_response
[
'name'
].
should
==
project1
.
name
json_response
[
'greatest_access_level'
].
should
==
UsersProject
::
MASTER
end
it
"should show project2's is not assigned to user_team1"
do
get
api
(
"/user_teams/
#{
user_team1
.
id
}
/projects/
#{
project2
.
id
}
"
,
user1
)
response
.
status
.
should
==
404
end
end
context
"when authenticated as non-member"
do
it
"should not show project1's assignment to user_team1"
do
get
api
(
"/user_teams/
#{
user_team1
.
id
}
/projects/
#{
project1
.
id
}
"
,
user2
)
response
.
status
.
should
==
404
end
end
context
"when authenticated as admin"
do
it
"should show project1's assignment to user_team1"
do
get
api
(
"/user_teams/
#{
user_team1
.
id
}
/projects/
#{
project1
.
id
}
"
,
admin
)
response
.
status
.
should
==
200
json_response
[
'name'
].
should
==
project1
.
name
json_response
[
'greatest_access_level'
].
should
==
UsersProject
::
MASTER
end
it
"should return a 404 error when project id is not known"
do
get
api
(
"/user_teams/
#{
user_team2
.
id
}
/projects/1328"
,
admin
)
response
.
status
.
should
==
404
end
end
end
describe
"DELETE /user_teams/:id/projects/:project_id"
do
context
"when authenticated as user"
do
it
"should not delete project1's assignment to user_team2"
do
delete
api
(
"/user_teams/
#{
user_team2
.
id
}
/projects/
#{
project1
.
id
}
"
,
user1
)
response
.
status
.
should
==
403
end
end
context
"when authenticated as admin"
do
it
"should delete project1's assignment to user_team1"
do
count_before
=
user_team1
.
user_team_project_relationships
.
count
delete
api
(
"/user_teams/
#{
user_team1
.
id
}
/projects/
#{
project1
.
id
}
"
,
admin
)
response
.
status
.
should
==
200
user_team1
.
user_team_project_relationships
.
count
.
should
==
count_before
-
1
end
it
"should return a 404 error when project id is not known"
do
delete
api
(
"/user_teams/
#{
user_team2
.
id
}
/projects/1328"
,
admin
)
response
.
status
.
should
==
404
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment