Commit 5845dd6f authored by Tomasz Maczukin's avatar Tomasz Maczukin

Allow request namespace by ID or path

parent 0e354080
...@@ -101,7 +101,7 @@ GET /namespaces/:id ...@@ -101,7 +101,7 @@ GET /namespaces/:id
| Attribute | Type | Required | Description | | Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- | | --------- | ---- | -------- | ----------- |
| `id` | integer | yes | ID of the namespace | | `id` | integer/string | yes | ID or path of the namespace |
Example request: Example request:
...@@ -122,3 +122,23 @@ Example response: ...@@ -122,3 +122,23 @@ Example response:
"members_count_with_descendants": 2 "members_count_with_descendants": 2
} }
``` ```
Example request:
```bash
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/namespaces/group1
```
Example response:
```json
{
"id": 2,
"name": "group1",
"path": "group1",
"kind": "group",
"full_path": "group1",
"parent_id": "null",
"members_count_with_descendants": 2
}
```
...@@ -52,6 +52,10 @@ module API ...@@ -52,6 +52,10 @@ module API
initial_current_user != current_user initial_current_user != current_user
end end
def user_namespace
@user_namespace ||= find_namespace!(params[:id])
end
def user_group def user_group
@group ||= find_group!(params[:id]) @group ||= find_group!(params[:id])
end end
...@@ -109,14 +113,6 @@ module API ...@@ -109,14 +113,6 @@ module API
end end
end end
def find_namespace(id)
if id =~ /^\d+$/
Namespace.find_by(id: id)
else
Namespace.find_by_full_path(id)
end
end
def find_group!(id) def find_group!(id)
# CI job token authentication: # CI job token authentication:
# currently we do not allow any group access for CI job token # currently we do not allow any group access for CI job token
...@@ -131,6 +127,24 @@ module API ...@@ -131,6 +127,24 @@ module API
end end
end end
def find_namespace(id)
if id.to_s =~ /^\d+$/
Namespace.find_by(id: id)
else
Namespace.find_by_full_path(id)
end
end
def find_namespace!(id)
namespace = find_namespace(id)
if can?(current_user, :admin_namespace, namespace)
namespace
else
not_found!('Namespace')
end
end
def find_project_label(id) def find_project_label(id)
label = available_labels.find_by_id(id) || available_labels.find_by_title(id) label = available_labels.find_by_id(id) || available_labels.find_by_title(id)
label || not_found!('Label') label || not_found!('Label')
......
...@@ -45,24 +45,10 @@ module API ...@@ -45,24 +45,10 @@ module API
success Entities::Namespace success Entities::Namespace
end end
params do params do
requires :id, type: Integer, desc: "Namespace's ID" requires :id, type: String, desc: "Namespace's ID or path"
end end
get ':id' do get ':id' do
namespace = Namespace.find(params[:id]) present user_namespace, with: Entities::Namespace, current_user: current_user
authenticate_get_namespace!(namespace)
present namespace, with: Entities::Namespace, current_user: current_user
end
end
helpers do
def authenticate_get_namespace!(namespace)
return if current_user.admin?
forbidden!('No access granted') unless user_can_access_namespace?(namespace)
end
def user_can_access_namespace?(namespace)
namespace.has_owner?(current_user)
end end
end end
end end
......
...@@ -143,19 +143,36 @@ describe API::Namespaces do ...@@ -143,19 +143,36 @@ describe API::Namespaces do
describe 'GET /namespaces/:id' do describe 'GET /namespaces/:id' do
let(:owned_group) { group1 } let(:owned_group) { group1 }
shared_examples 'can access namespace' do
it 'returns namespace details' do
get api("/namespaces/#{namespace_id}", request_actor)
expect(response).to have_gitlab_http_status(200)
expect(json_response['id']).to eq(requested_namespace.id)
expect(json_response['path']).to eq(requested_namespace.path)
expect(json_response['name']).to eq(requested_namespace.name)
end
end
shared_examples 'namespace reader' do shared_examples 'namespace reader' do
let(:requested_namespace) { owned_group }
before do before do
owned_group.add_owner(request_actor) owned_group.add_owner(request_actor)
end end
context 'when namespace exists' do context 'when namespace exists' do
it 'returns namespace details' do context 'when requested by ID' do
get api("/namespaces/#{owned_group.id}", request_actor) let(:namespace_id) { owned_group.id }
expect(response).to have_gitlab_http_status(200) it_behaves_like 'can access namespace'
end
context 'when requested by path' do
let(:namespace_id) { owned_group.path }
expect(json_response['id']).to eq(owned_group.id) it_behaves_like 'can access namespace'
expect(json_response['name']).to eq(owned_group.name)
end end
end end
...@@ -180,10 +197,10 @@ describe API::Namespaces do ...@@ -180,10 +197,10 @@ describe API::Namespaces do
let(:request_actor) { user } let(:request_actor) { user }
context 'when requested namespace is not owned by user' do context 'when requested namespace is not owned by user' do
it 'returns authentication error' do it 'returns not-found' do
get api("/namespaces/#{group2.id}", request_actor) get api("/namespaces/#{group2.id}", request_actor)
expect(response).to have_gitlab_http_status(403) expect(response).to have_gitlab_http_status(404)
end end
end end
...@@ -196,11 +213,10 @@ describe API::Namespaces do ...@@ -196,11 +213,10 @@ describe API::Namespaces do
let(:request_actor) { admin } let(:request_actor) { admin }
context 'when requested namespace is not owned by user' do context 'when requested namespace is not owned by user' do
it 'returns authentication error' do let(:namespace_id) { group2.id }
get api("/namespaces/#{group2.id}", request_actor) let(:requested_namespace) { group2 }
expect(response).to have_gitlab_http_status(200) it_behaves_like 'can access namespace'
end
end end
context 'when requested namespace is owned by user' do context 'when requested namespace is owned by user' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment