Merge branch 'exculde_project_namespace_from_namespaces_api' into 'master'

Exclude ProjectNamespace from Namespace fetches in namespaces REST API See merge request gitlab-org/gitlab!71987

Merge branch 'exculde_project_namespace_from_namespaces_api' into 'master'
Exclude ProjectNamespace from Namespace fetches in namespaces REST API See merge request gitlab-org/gitlab!71987
237dd588 · Andreas Brandl · 3e2c29a9 · 4b8e33a8 · 237dd588 · 237dd588
Commit 237dd588 authored Oct 22, 2021 by Andreas Brandl
4 changed files
--- a/ee/spec/requests/api/namespaces_spec.rb
+++ b/ee/spec/requests/api/namespaces_spec.rb
@@ -11,6 +11,9 @@ RSpec.describe API::Namespaces do
  let_it_be(:group1, reload: true) { create(:group, name: 'test.test-group.2') }
  let_it_be(:group2) { create(:group, :nested) }
  let_it_be(:ultimate_plan) { create(:ultimate_plan) }
+  let_it_be(:project) { create(:project, namespace: group2) }
+  let_it_be(:project) { create(:project, namespace: group2, name: group2.name, path: group2.path) }
+  let_it_be(:project_namespace) { create(:project_namespace, project: project) }

  describe "GET /namespaces" do
    context "when authenticated as admin" do
@@ -324,6 +327,15 @@ RSpec.describe API::Namespaces do
      end
    end

+    context 'when project namespace is passed' do
+      it 'returns 404' do
+        put api("/namespaces/#{project_namespace.id}", admin), params: params
+
+        expect(response).to have_gitlab_http_status(:not_found)
+        expect(json_response).to eq('message' => '404 Namespace Not Found')
+      end
+    end
+
    context 'when invalid params' do
      where(:attr) do
        [
@@ -485,6 +497,28 @@ RSpec.describe API::Namespaces do
          expect(group1.gitlab_subscription).to be_present
        end
      end
+
+      context 'when namespace does not exist' do
+        it 'creates a subscription using full_path when the namespace path contains dots' do
+          post api("/namespaces/#{non_existing_record_id}/gitlab_subscription", admin), params: params
+
+          aggregate_failures do
+            expect(response).to have_gitlab_http_status(:not_found)
+            expect(json_response).to eq('message' => '404 Namespace Not Found')
+          end
+        end
+      end
+
+      context 'when creating subscription for project namespace' do
+        it 'creates a subscription using full_path when the namespace path contains dots' do
+          post api("/namespaces/#{project_namespace.id}/gitlab_subscription", admin), params: params
+
+          aggregate_failures do
+            expect(response).to have_gitlab_http_status(:not_found)
+            expect(json_response).to eq('message' => '404 Namespace Not Found')
+          end
+        end
+      end
    end
  end

@@ -538,6 +572,15 @@ RSpec.describe API::Namespaces do
        expect(json_response['billing'].keys).to match_array(%w[subscription_start_date subscription_end_date trial_ends_on])
      end
    end
+
+    context 'when namespace is a project namespace' do
+      it 'returns a 404 error' do
+        get api("/namespaces/#{project_namespace.id}/gitlab_subscription", admin)
+
+        expect(response).to have_gitlab_http_status(:not_found)
+        expect(json_response).to eq('message' => '404 Namespace Not Found')
+      end
+    end
  end

  describe 'PUT :id/gitlab_subscription' do
@@ -585,6 +628,15 @@ RSpec.describe API::Namespaces do
        end
      end

+      context 'when namespace is a project namespace' do
+        it 'returns a 404 error' do
+          do_put(project_namespace.id, admin, params)
+
+          expect(response).to have_gitlab_http_status(:not_found)
+          expect(json_response).to eq('message' => '404 Namespace Not Found')
+        end
+      end
+
      context 'when params are invalid' do
        it 'returns a 400 error' do
          do_put(namespace.id, admin, params.merge(seats: nil))

--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -174,9 +174,9 @@ module API
    # rubocop: disable CodeReuse/ActiveRecord
    def find_namespace(id)
      if id.to_s =~ /^\d+$/
-        Namespace.find_by(id: id)
+        Namespace.without_project_namespaces.find_by(id: id)
      else
-        Namespace.find_by_full_path(id)
+        find_namespace_by_path(id)
      end
    end
    # rubocop: enable CodeReuse/ActiveRecord
@@ -186,7 +186,7 @@ module API
    end

    def find_namespace_by_path(path)
-      Namespace.find_by_full_path(path)
+      Namespace.without_project_namespaces.find_by_full_path(path)
    end

    def find_namespace_by_path!(path)

--- a/lib/api/namespaces.rb
+++ b/lib/api/namespaces.rb
@@ -37,7 +37,7 @@ module API

        namespaces = current_user.admin ? Namespace.all : current_user.namespaces(owned_only: owned_only)

-        namespaces = namespaces.include_route
+        namespaces = namespaces.without_project_namespaces.include_route

        namespaces = namespaces.include_gitlab_subscription_with_hosted_plan if Gitlab.ee?


--- a/spec/requests/api/namespaces_spec.rb
+++ b/spec/requests/api/namespaces_spec.rb
@@ -3,10 +3,12 @@
 require 'spec_helper'

 RSpec.describe API::Namespaces do
-  let(:admin) { create(:admin) }
-  let(:user) { create(:user) }
-  let!(:group1) { create(:group, name: 'group.one') }
-  let!(:group2) { create(:group, :nested) }
+  let_it_be(:admin) { create(:admin) }
+  let_it_be(:user) { create(:user) }
+  let_it_be(:group1) { create(:group, name: 'group.one') }
+  let_it_be(:group2) { create(:group, :nested) }
+  let_it_be(:project) { create(:project, namespace: group2, name: group2.name, path: group2.path) }
+  let_it_be(:project_namespace) { create(:project_namespace, project: project) }

  describe "GET /namespaces" do
    context "when unauthenticated" do
@@ -26,7 +28,7 @@ RSpec.describe API::Namespaces do
        expect(response).to have_gitlab_http_status(:ok)
        expect(response).to include_pagination_headers
        expect(group_kind_json_response.keys).to include('id', 'kind', 'name', 'path', 'full_path',
-                                                         'parent_id', 'members_count_with_descendants')
+          'parent_id', 'members_count_with_descendants')

        expect(user_kind_json_response.keys).to include('id', 'kind', 'name', 'path', 'full_path', 'parent_id')
      end
@@ -37,7 +39,8 @@ RSpec.describe API::Namespaces do
        expect(response).to have_gitlab_http_status(:ok)
        expect(response).to include_pagination_headers
        expect(json_response).to be_an Array
-        expect(json_response.length).to eq(Namespace.count)
+        # project namespace is excluded
+        expect(json_response.length).to eq(Namespace.count - 1)
      end

      it "admin: returns an array of matched namespaces" do
@@ -61,7 +64,7 @@ RSpec.describe API::Namespaces do
        owned_group_response = json_response.find { |resource| resource['id'] == group1.id }

        expect(owned_group_response.keys).to include('id', 'kind', 'name', 'path', 'full_path',
-                                                     'parent_id', 'members_count_with_descendants')
+          'parent_id', 'members_count_with_descendants')
      end

      it "returns correct attributes when user cannot admin group" do
@@ -109,7 +112,8 @@ RSpec.describe API::Namespaces do

  describe 'GET /namespaces/:id' do
    let(:owned_group) { group1 }
-    let(:user2) { create(:user) }
+
+    let_it_be(:user2) { create(:user) }

    shared_examples 'can access namespace' do
      it 'returns namespace details' do
@@ -144,6 +148,16 @@ RSpec.describe API::Namespaces do

            it_behaves_like 'can access namespace'
          end
+
+          context 'when requesting project_namespace' do
+            let(:namespace_id) { project_namespace.id }
+
+            it 'returns not-found' do
+              get api("/namespaces/#{namespace_id}", request_actor)
+
+              expect(response).to have_gitlab_http_status(:not_found)
+            end
+          end
        end

        context 'when requested by path' do
@@ -159,6 +173,16 @@ RSpec.describe API::Namespaces do

            it_behaves_like 'can access namespace'
          end
+
+          context 'when requesting project_namespace' do
+            let(:namespace_id) { project_namespace.full_path }
+
+            it 'returns not-found' do
+              get api("/namespaces/#{namespace_id}", request_actor)
+
+              expect(response).to have_gitlab_http_status(:not_found)
+            end
+          end
        end
      end

@@ -177,6 +201,12 @@ RSpec.describe API::Namespaces do

        expect(response).to have_gitlab_http_status(:unauthorized)
      end
+
+      it 'returns authentication error' do
+        get api("/namespaces/#{project_namespace.id}")
+
+        expect(response).to have_gitlab_http_status(:unauthorized)
+      end
    end

    context 'when authenticated as regular user' do
@@ -231,10 +261,10 @@ RSpec.describe API::Namespaces do
  end

  describe 'GET /namespaces/:namespace/exists' do
-    let!(:namespace1) { create(:group, name: 'Namespace 1', path: 'namespace-1') }
-    let!(:namespace2) { create(:group, name: 'Namespace 2', path: 'namespace-2') }
-    let!(:namespace1sub) { create(:group, name: 'Sub Namespace 1', path: 'sub-namespace-1', parent: namespace1) }
-    let!(:namespace2sub) { create(:group, name: 'Sub Namespace 2', path: 'sub-namespace-2', parent: namespace2) }
+    let_it_be(:namespace1) { create(:group, name: 'Namespace 1', path: 'namespace-1') }
+    let_it_be(:namespace2) { create(:group, name: 'Namespace 2', path: 'namespace-2') }
+    let_it_be(:namespace1sub) { create(:group, name: 'Sub Namespace 1', path: 'sub-namespace-1', parent: namespace1) }
+    let_it_be(:namespace2sub) { create(:group, name: 'Sub Namespace 2', path: 'sub-namespace-2', parent: namespace2) }

    context 'when unauthenticated' do
      it 'returns authentication error' do