Add spec for Release API

Add spec for all release API - GET, POST, PUT, DELETE.
Also, fixes some minior bugs.

app/controllers/projects/tags/releases_controller.rb

@@ -4,7 +4,7 @@ class Projects::Tags::ReleasesController < Projects::ApplicationController
   # Authorize
   before_action :require_non_empty_project
   before_action :authorize_download_code!
-  before_action :authorize_update_release!
+  before_action :authorize_push_code!
   before_action :tag
   before_action :release
 

app/controllers/projects/tags_controller.rb

@@ -48,8 +48,15 @@ class Projects::TagsController < Projects::ApplicationController
     if result[:status] == :success
       # Release creation with Tags was deprecated in GitLab 11.7
       if params[:release_description].present?
-        release_params = { tag: params[:tag_name], description: params[:release_description] }
-        CreateReleaseService.new(@project, current_user, release_params).execute
+        release_params = {
+          tag: params[:tag_name],
+          name: params[:tag_name],
+          description: params[:release_description]
+        }
+
+        Releases::CreateService
+          .new(@project, current_user, release_params)
+          .execute
       end
 
       @tag = result[:tag]

app/models/release.rb

@@ -2,6 +2,7 @@
 
 class Release < ActiveRecord::Base
   include CacheMarkdownField
+  include Gitlab::Utils::StrongMemoize
 
   cache_markdown_field :description
 
@@ -15,25 +16,25 @@ class Release < ActiveRecord::Base
 
   delegate :repository, to: :project
 
-  def self.by_tag(project, tag)
-    self.find_by(project: project, tag: tag)
-  end
-
   def commit
-    git_tag = repository.find_tag(tag)
-    repository.commit(git_tag.dereferenced_target)
+    strong_memoize(:commit) do
+      repository.commit(actual_sha)
+    end
   end
 
-  def sources_formats
-    @sources_formats ||= %w(zip tar.gz tar.bz2 tar).freeze
+  def tag_missing?
+    actual_tag.nil?
   end
 
-  # TODO: placeholder for frontend API compatibility
-  def links
-    []
+  private
+
+  def actual_sha
+    sha || actual_tag&.dereferenced_target
   end
 
-  def assets_count
-    links.size + sources_formats.size
+  def actual_tag
+    strong_memoize(:actual_tag) do
+      repository.find_tag(tag)
+    end
   end
 end

app/policies/project_policy.rb

@@ -270,7 +270,7 @@ class ProjectPolicy < BasePolicy
     enable :update_cluster
     enable :admin_cluster
     enable :create_environment_terminal
-    enable :admin_release
+    enable :destroy_release
   end
 
   rule { (mirror_available & can?(:admin_project)) | admin }.enable :admin_remote_mirror

app/policies/release_policy.rb

+# frozen_string_literal: true
+
+class ReleasePolicy < BasePolicy
+  delegate { @subject.project }
+end

app/services/create_release_service.rb

-# frozen_string_literal: true
-
-class CreateReleaseService < BaseService
-  def execute(ref = nil)
-    return error('Unauthorized', 401) unless Ability.allowed?(current_user, :create_release, project)
-
-    tag_result = find_or_create_tag(ref)
-    return tag_result if tag_result[:status] != :success
-
-    create_release(tag_result[:tag])
-  end
-
-  private
-
-  def find_or_create_tag(ref)
-    tag = repository.find_tag(params[:tag])
-    return success(tag: tag) if tag
-    return error('Tag does not exist', 404) if ref.blank?
-
-    Tags::CreateService.new(project, current_user).execute(params[:tag], ref, nil)
-  end
-
-  def create_release(tag)
-    release = Release.by_tag(project, tag.name)
-
-    if release
-      error('Release already exists', 409)
-    else
-      create_params = {
-        author: current_user,
-        name: tag.name,
-        sha: tag.dereferenced_target.sha
-      }.merge(params)
-
-      release = project.releases.create!(create_params)
-
-      success(tag: tag, release: release)
-    end
-  end
-end

app/services/delete_release_service.rb

-# frozen_string_literal: true
-
-class DeleteReleaseService < BaseService
-  include Gitlab::Utils::StrongMemoize
-
-  def execute
-    return error('Tag does not exist', 404) unless existing_tag
-    return error('Release does not exist', 404) unless release
-    return error('Access Denied', 403) unless allowed?
-
-    if release.destory
-      success(release: release)
-    else
-      error(release.errors.messages || '400 Bad request', 400)
-    end
-  end
-
-  private
-
-  def allowed?
-    Ability.allowed?(current_user, :admin_release, release)
-  end
-
-  def release
-    strong_memoize(:release) do
-      project.releases.find_by_tag(@tag_name)
-    end
-  end
-
-  def existing_tag
-    strong_memoize(:existing_tag) do
-      repository.find_tag(@tag_name)
-    end
-  end
-
-  def repository
-    strong_memoize(:repository) do
-      project.repository
-    end
-  end  
-end

app/services/releases/concerns.rb

+# frozen_string_literal: true
+
+module Releases
+  module Concerns
+    extend ActiveSupport::Concern
+    include Gitlab::Utils::StrongMemoize
+
+    included do
+      def tag_name
+        params[:tag]
+      end
+
+      def ref
+        params[:ref]
+      end
+
+      def name
+        params[:name]
+      end
+
+      def description
+        params[:description]
+      end
+
+      def release
+        strong_memoize(:release) do
+          project.releases.find_by_tag(tag_name)
+        end
+      end
+
+      def existing_tag
+        strong_memoize(:existing_tag) do
+          repository.find_tag(tag_name)
+        end
+      end
+
+      def tag_exist?
+        existing_tag.present?
+      end
+
+      def repository
+        strong_memoize(:repository) do
+          project.repository
+        end
+      end
+    end
+  end
+end

app/services/releases/create_service.rb

+# frozen_string_literal: true
+
+module Releases
+  class CreateService < BaseService
+    include Releases::Concerns
+
+    def execute
+      return error('Access Denied', 403) unless allowed?
+      return error('Release already exists', 409) if release
+
+      new_tag = nil
+
+      unless tag_exist?
+        return error('Ref is not specified', 422) unless ref
+
+        result = Tags::CreateService
+          .new(project, current_user)
+          .execute(tag_name, ref, nil)
+
+        return result unless result[:status] == :success
+
+        new_tag = result[:tag]
+      end
+
+      create_release(existing_tag || new_tag)
+    end
+
+    private
+
+    def allowed?
+      Ability.allowed?(current_user, :create_release, project)
+    end
+
+    def create_release(tag)
+      release = project.releases.create!(
+        name: name,
+        description: description,
+        author: current_user,
+        tag: tag.name,
+        sha: tag.dereferenced_target.sha
+      )
+
+      success(tag: tag, release: release)
+    rescue ActiveRecord::RecordInvalid => e
+      error(e.message, 400)
+    end
+  end
+end

app/services/releases/destroy_service.rb

+# frozen_string_literal: true
+
+module Releases
+  class DestroyService < BaseService
+    include Releases::Concerns
+
+    def execute
+      return error('Tag does not exist', 404) unless existing_tag
+      return error('Release does not exist', 404) unless release
+      return error('Access Denied', 403) unless allowed?
+
+      if release.destroy
+        success(tag: existing_tag, release: release)
+      else
+        error(release.errors.messages || '400 Bad request', 400)
+      end
+    end
+
+    private
+
+    def allowed?
+      Ability.allowed?(current_user, :destroy_release, release)
+    end
+  end
+end

app/services/releases/update_service.rb

+# frozen_string_literal: true
+
+module Releases
+  class UpdateService < BaseService
+    include Releases::Concerns
+
+    def execute
+      return error('Tag does not exist', 404) unless existing_tag
+      return error('Release does not exist', 404) unless release
+      return error('Access Denied', 403) unless allowed?
+      return error('params is empty', 400) if empty_params?
+
+      if release.update(params)
+        success(tag: existing_tag, release: release)
+      else
+        error(release.errors.messages || '400 Bad request', 400)
+      end
+    end
+
+    private
+
+    def allowed?
+      Ability.allowed?(current_user, :update_release, release)
+    end
+
+    # rubocop: disable CodeReuse/ActiveRecord
+    def empty_params?
+      params.except(:tag).empty?
+    end
+    # rubocop: enable CodeReuse/ActiveRecord
+  end
+end

app/services/tags/destroy_service.rb

@@ -2,7 +2,6 @@
 
 module Tags
   class DestroyService < BaseService
-    # rubocop: disable CodeReuse/ActiveRecord
     def execute(tag_name)
       repository = project.repository
       tag = repository.find_tag(tag_name)
@@ -12,8 +11,12 @@ module Tags
       end
 
       if repository.rm_tag(current_user, tag_name)
-        release = project.releases.find_by(tag: tag_name)
-        release&.destroy
+        ##
+        # When a tag in a repository is destroyed,
+        # release assets will be destroyed too.
+        Releases::DestroyService
+          .new(project, current_user, tag: tag_name)
+          .execute
 
         push_data = build_push_data(tag)
         EventCreateService.new.push(project, current_user, push_data)
@@ -27,7 +30,6 @@ module Tags
     rescue Gitlab::Git::PreReceiveError => ex
       error(ex.message)
     end
-    # rubocop: enable CodeReuse/ActiveRecord
 
     def error(message, return_code = 400)
       super(message).merge(return_code: return_code)

app/services/update_release_service.rb

-# frozen_string_literal: true
-
-class UpdateReleaseService < BaseService
-  def execute
-    return error('Unauthorized', 401) unless Ability.allowed?(current_user, :update_release, project)
-
-    tag_name = params[:tag]
-    release = Release.by_tag(project, tag_name)
-
-    return error('Release does not exist', 404) if release.blank?
-
-    if release.update(params)
-      success(release: release)
-    else
-      error(release.errors.messages || '400 Bad request', 400)
-    end
-  end
-end

lib/api/entities.rb

@@ -1099,20 +1099,6 @@ module API
       expose :created_at
       expose :author, using: Entities::UserBasic, if: -> (release, _) { release.author.present? }
       expose :commit, using: Entities::Commit
-
-      expose :assets do
-        expose :assets_count, as: :count
-        expose :links
-        expose :sources do |release, _opts|
-          archive_path = "#{release.project.path}-#{release.tag.tr('/', '-')}"
-          release.sources_formats.map do |format|
-            {
-              format: format,
-              url: Gitlab::Routing.url_helpers.project_archive_url(release.project, id: File.join(release.tag, archive_path), format: format)
-            }
-          end
-        end
-      end
     end
 
     class Tag < Grape::Entity

lib/api/helpers.rb

@@ -255,18 +255,6 @@ module API
       authorize! :update_build, user_project
     end
 
-    def authorize_create_release!
-      authorize! :create_release, user_project
-    end
-
-    def authorize_read_release!
-      authorize! :read_release, user_project
-    end
-
-    def authorize_update_release!
-      authorize! :update_release, user_project
-    end
-
     def require_gitlab_workhorse!
       unless env['HTTP_GITLAB_WORKHORSE'].present?
         forbidden!('Request should be executed via GitLab Workhorse')

lib/api/releases.rb

@@ -4,10 +4,11 @@ module API
   class Releases < Grape::API
     include PaginationParams
 
-    RELEASE_ENDPOINT_REQUIREMETS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS.merge(tag_name: API::NO_SLASH_URL_PART_REGEX)
+    RELEASE_ENDPOINT_REQUIREMETS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS
+      .merge(tag_name: API::NO_SLASH_URL_PART_REGEX)
 
     before { error!('404 Not Found', 404) unless Feature.enabled?(:releases_page, user_project) }
-    before { authorize_read_release! }
+    before { authorize_read_releases! }
 
     params do
       requires :id, type: String, desc: 'The ID of a project'
@@ -31,11 +32,10 @@ module API
         success Entities::Release
       end
       params do
-        requires :tag_name, type: String, desc: 'The name of the tag'
+        requires :tag_name, type: String, desc: 'The name of the tag', as: :tag
       end
       get ':id/releases/:tag_name', requirements: RELEASE_ENDPOINT_REQUIREMETS do
-        release = user_project.releases.find_by_tag(params[:tag_name])
-        not_found!('Release') unless release
+        authorize_read_release!
 
         present release, with: Entities::Release
       end
@@ -45,25 +45,22 @@ module API
         success Entities::Release
       end
       params do
-        requires :name,                type: String, desc: 'The name of the release'
-        requires :tag_name,            type: String, desc: 'The name of the tag', as: :tag
-        requires :description,         type: String, desc: 'The release notes'
-        optional :ref,                 type: String, desc: 'The commit sha or branch name'
+        requires :tag_name,    type: String, desc: 'The name of the tag', as: :tag
+        requires :name,        type: String, desc: 'The name of the release'
+        requires :description, type: String, desc: 'The release notes'
+        optional :ref,         type: String, desc: 'The commit sha or branch name'
       end
       post ':id/releases' do
         authorize_create_release!
 
-        attributes = declared(params)
-        ref = attributes.delete(:ref)
-        attributes.delete(:id)
-
-        result = ::CreateReleaseService.new(user_project, current_user, attributes)
-          .execute(ref)
+        result = ::Releases::CreateService
+          .new(user_project, current_user, declared_params(include_missing: false))
+          .execute
 
         if result[:status] == :success
           present result[:release], with: Entities::Release
         else
-          render_api_error!(result[:message], 400)
+          render_api_error!(result[:message], result[:http_status])
         end
       end
 
@@ -73,15 +70,15 @@ module API
       end
       params do
         requires :tag_name,    type: String, desc: 'The name of the tag', as: :tag
-        requires :name,        type: String, desc: 'The name of the release'
-        requires :description, type: String, desc: 'Release notes with markdown support'
+        optional :name,        type: String, desc: 'The name of the release'
+        optional :description, type: String, desc: 'Release notes with markdown support'
       end
       put ':id/releases/:tag_name', requirements: RELEASE_ENDPOINT_REQUIREMETS do
         authorize_update_release!
 
-        attributes = declared(params)
-        attributes.delete(:id)
-        result = UpdateReleaseService.new(user_project, current_user, attributes).execute
+        result = ::Releases::UpdateService
+          .new(user_project, current_user, declared_params(include_missing: false))
+          .execute
 
         if result[:status] == :success
           present result[:release], with: Entities::Release
@@ -98,11 +95,11 @@ module API
         requires :tag_name,    type: String, desc: 'The name of the tag', as: :tag
       end
       delete ':id/releases/:tag_name', requirements: RELEASE_ENDPOINT_REQUIREMETS do
-        authorize_update_release!
+        authorize_destroy_release!
 
-        attributes = declared(params)
-        attributes.delete(:id)
-        result = DeleteReleaseService.new(user_project, current_user, attributes).execute
+        result = ::Releases::DestroyService
+          .new(user_project, current_user, declared_params(include_missing: false))
+          .execute
 
         if result[:status] == :success
           present result[:release], with: Entities::Release
@@ -111,5 +108,31 @@ module API
         end
       end
     end
+
+    helpers do
+      def authorize_create_release!
+        authorize! :create_release, user_project
+      end
+
+      def authorize_read_releases!
+        authorize! :read_release, user_project
+      end
+
+      def authorize_read_release!
+        authorize! :read_release, release
+      end
+
+      def authorize_update_release!
+        authorize! :update_release, release
+      end
+
+      def authorize_destroy_release!
+        authorize! :destroy_release, release
+      end
+
+      def release
+        @release ||= user_project.releases.find_by_tag(params[:tag])
+      end
+    end
   end
 end

lib/api/tags.rb

@@ -60,10 +60,15 @@ module API
         if result[:status] == :success
           # Release creation with Tags API was deprecated in GitLab 11.7
           if params[:release_description].present?
-            CreateReleaseService.new(
-              user_project, current_user,
-              tag: params[:tag_name], description: params[:release_description]
-            ).execute
+            release_create_params = {
+              tag: params[:tag_name],
+              name: params[:tag_name], # Name can be specified in new API
+              description: params[:release_description]
+            }
+
+            ::Releases::CreateService
+              .new(user_project, current_user, release_create_params)
+              .execute
           end
 
           present result[:tag],
@@ -107,9 +112,18 @@ module API
       post ':id/repository/tags/:tag_name/release', requirements: TAG_ENDPOINT_REQUIREMENTS do
         authorize_create_release!
 
-        attributes = declared(params)
-        attributes.delete(:id)
-        result = CreateReleaseService.new(user_project, current_user, attributes)
+        ##
+        # Legacy API does not support tag auto creation.
+        not_found!('Tag') unless user_project.repository.find_tag(params[:tag])
+
+        release_create_params = {
+          tag: params[:tag],
+          name: params[:tag], # Name can be specified in new API
+          description: params[:description]
+        }
+
+        result = ::Releases::CreateService
+          .new(user_project, current_user, release_create_params)
           .execute
 
         if result[:status] == :success
@@ -124,18 +138,15 @@ module API
         success Entities::TagRelease
       end
       params do
-        requires :tag_name,    type: String, desc: 'The name of the tag'
+        requires :tag_name,    type: String, desc: 'The name of the tag', as: :tag
         requires :description, type: String, desc: 'Release notes with markdown support'
       end
       put ':id/repository/tags/:tag_name/release', requirements: TAG_ENDPOINT_REQUIREMENTS do
         authorize_update_release!
 
-        result = UpdateReleaseService.new(
-          user_project,
-          current_user,
-          tag: params[:tag_name],
-          description: params[:description]
-        ).execute
+        result = ::Releases::UpdateService
+          .new(user_project, current_user, declared_params(include_missing: false))
+          .execute
 
         if result[:status] == :success
           present result[:release], with: Entities::TagRelease
@@ -144,5 +155,19 @@ module API
         end
       end
     end
+
+    helpers do
+      def authorize_create_release!
+        authorize! :create_release, user_project
+      end
+
+      def authorize_update_release!
+        authorize! :update_release, release
+      end
+
+      def release
+        @release ||= user_project.releases.find_by_tag(params[:tag])
+      end
+    end
   end
 end

spec/factories/releases.rb

 FactoryBot.define do
   factory :release do
     tag "v1.1.0"
+    sha 'b83d6e391c22777fca1ed3012fce84f633d7fed0'
     name { tag }
     description "Awesome release"
     project
     author
+
+    trait :legacy do
+      sha nil
+      author nil
+    end
   end
 end

spec/fixtures/api/schemas/release.json

+{
+  "type": "object",
+  "required": ["name", "tag_name"],
+  "properties": {
+    "name": { "type": "string" },
+    "tag_name": { "type": "string" },
+    "description": { "type": "string" },
+    "description_html": { "type": "string" },
+    "created_at": { "type": "date" },
+    "commit": {
+      "oneOf": [{ "type": "null" }, { "$ref": "public_api/v4/commit/basic.json" }]
+    },
+    "author": {
+      "oneOf": [{ "type": "null" }, { "$ref": "public_api/v4/user/basic.json" }]
+    }
+  },
+  "additionalProperties": false
+}

spec/fixtures/api/schemas/releases.json

+{
+  "type": "array",
+  "items": { "$ref": "release.json" }
+}

spec/lib/gitlab/legacy_github_import/importer_spec.rb

@@ -138,7 +138,7 @@ describe Gitlab::LegacyGithubImport::Importer do
 
     let(:release2) do
       double(
-        tag_name: 'v2.0.0',
+        tag_name: 'v1.1.0',
         name: 'Second release',
         body: nil,
         draft: false,

spec/models/release_spec.rb

@@ -16,18 +16,4 @@ RSpec.describe Release do
     it { is_expected.to validate_presence_of(:project) }
     it { is_expected.to validate_presence_of(:description) }
   end
-
-  describe '.by_tag' do
-    let(:tag) { release.tag }
-
-    subject { described_class.by_tag(project, tag) }
-
-    it { is_expected.to eq(release) }
-
-    context 'when no releases exists' do
-      let(:tag) { 'not-existing' }
-
-      it { is_expected.to be_nil }
-    end
-  end
 end

spec/policies/project_policy_spec.rb

@@ -48,7 +48,7 @@ describe ProjectPolicy do
       update_deployment admin_project_snippet
       admin_project_member admin_note admin_wiki admin_project
       admin_commit_status admin_build admin_container_image
-      admin_pipeline admin_environment admin_deployment admin_release add_cluster
+      admin_pipeline admin_environment admin_deployment destroy_release add_cluster
     ]
   end
 
@@ -184,7 +184,7 @@ describe ProjectPolicy do
         :create_environment, :read_environment, :update_environment, :admin_environment, :destroy_environment,
         :create_cluster, :read_cluster, :update_cluster, :admin_cluster,
         :create_deployment, :read_deployment, :update_deployment, :admin_deployment, :destroy_deployment,
-        :admin_release
+        :destroy_release
       ]
 
       expect_disallowed(*repository_permissions)

spec/requests/api/tags_spec.rb

@@ -107,9 +107,12 @@ describe API::Tags do
     context 'with releases' do
       let(:description) { 'Awesome release!' }
 
-      before do
-        release = project.releases.find_or_initialize_by(tag: tag_name)
-        release.update(description: description)
+      let!(:release) do
+        create(:release,
+               :legacy,
+               project: project,
+               tag: tag_name,
+               description: description)
       end
 
       it 'returns an array of project tags with release info' do
@@ -373,7 +376,7 @@ describe API::Tags do
 
         it_behaves_like '404 response' do
           let(:request) { post api(route, current_user), params: { description: description } }
-          let(:message) { 'Tag does not exist' }
+          let(:message) { '404 Tag Not Found' }
         end
       end
 
@@ -398,10 +401,7 @@ describe API::Tags do
       end
 
       context 'on tag with existing release' do
-        before do
-          release = project.releases.find_or_initialize_by(tag: tag_name)
-          release.update(description: description)
-        end
+        let!(:release) { create(:release, :legacy, project: project, tag: tag_name, description: description) }
 
         it 'returns 409 if there is already a release' do
           post api(route, user), params: { description: description }
@@ -420,9 +420,12 @@ describe API::Tags do
 
     shared_examples_for 'repository update release' do
       context 'on tag with existing release' do
-        before do
-          release = project.releases.find_or_initialize_by(tag: tag_name)
-          release.update(description: description)
+        let!(:release) do
+          create(:release,
+                 :legacy,
+                 project: project,
+                 tag: tag_name,
+                 description: description)
         end
 
         it 'updates the release description' do
@@ -437,9 +440,9 @@ describe API::Tags do
       context 'when tag does not exist' do
         let(:tag_name) { 'unknown' }
 
-        it_behaves_like '404 response' do
+        it_behaves_like '403 response' do
           let(:request) { put api(route, current_user), params: { description: new_description } }
-          let(:message) { 'Tag does not exist' }
+          let(:message) { '403 Forbidden' }
         end
       end
 
@@ -464,9 +467,9 @@ describe API::Tags do
       end
 
       context 'when release does not exist' do
-        it_behaves_like '404 response' do
+        it_behaves_like '403 response' do
           let(:request) { put api(route, current_user), params: { description: new_description } }
-          let(:message) { 'Release does not exist' }
+          let(:message) { '403 Forbidden' }
         end
       end
     end

spec/services/create_release_service_spec.rb

-require 'spec_helper'
-
-describe CreateReleaseService do
-  let(:project) { create(:project, :repository) }
-  let(:user) { create(:user) }
-  let(:tag_name) { project.repository.tag_names.first }
-  let(:name) { 'Bionic Beaver'}
-  let(:description) { 'Awesome release!' }
-  let(:params) { { tag: tag_name, name: name, description: description } }
-  let(:service) { described_class.new(project, user, params) }
-  let(:ref) { nil }
-
-  before do
-    project.add_maintainer(user)
-  end
-
-  shared_examples 'a successful release creation' do
-    it 'creates a new release' do
-      result = service.execute(ref)
-      expect(result[:status]).to eq(:success)
-      release = project.releases.find_by(tag: tag_name)
-      expect(release).not_to be_nil
-      expect(release.description).to eq(description)
-      expect(release.name).to eq(name)
-      expect(release.author).to eq(user)
-    end
-  end
-
-  it_behaves_like 'a successful release creation'
-
-  it 'raises an error if the tag does not exist' do
-    service.params[:tag] = 'foobar'
-
-    result = service.execute
-    expect(result[:status]).to eq(:error)
-  end
-
-  it 'keeps track of the commit sha' do
-    tag = project.repository.find_tag(tag_name)
-    sha = tag.dereferenced_target.sha
-    result = service.execute
-
-    expect(result[:status]).to eq(:success)
-    expect(project.releases.find_by(tag: tag_name).sha).to eq(sha)
-  end
-
-  context 'when ref is provided' do
-    let(:ref) { 'master' }
-    let(:tag_name) { 'foobar' }
-
-    it_behaves_like 'a successful release creation'
-
-    it 'creates a tag if the tag does not exist' do
-      expect(project.repository.ref_exists?("refs/tags/#{tag_name}")).to be_falsey
-
-      result = service.execute(ref)
-      expect(result[:status]).to eq(:success)
-      expect(project.repository.ref_exists?("refs/tags/#{tag_name}")).to be_truthy
-
-      release = project.releases.find_by(tag: tag_name)
-      expect(release).not_to be_nil
-    end
-  end
-
-  context 'there already exists a release on a tag' do
-    before do
-      service.execute
-    end
-
-    it 'raises an error and does not update the release' do
-      service.params[:description] = 'The best release!'
-
-      result = service.execute
-      expect(result[:status]).to eq(:error)
-      expect(project.releases.find_by(tag: tag_name).description).to eq(description)
-    end
-  end
-end

spec/services/delete_release_service_spec.rb

-#TODO:
\ No newline at end of file

spec/services/releases/create_service_spec.rb

+require 'spec_helper'
+
+describe Releases::CreateService do
+  let(:project) { create(:project, :repository) }
+  let(:user) { create(:user) }
+  let(:tag_name) { project.repository.tag_names.first }
+  let(:tag_sha) { project.repository.find_tag(tag_name).dereferenced_target.sha }
+  let(:name) { 'Bionic Beaver' }
+  let(:description) { 'Awesome release!' }
+  let(:params) { { tag: tag_name, name: name, description: description, ref: ref } }
+  let(:ref) { nil }
+  let(:service) { described_class.new(project, user, params) }
+
+  before do
+    project.add_maintainer(user)
+  end
+
+  describe '#execute' do
+    shared_examples 'a successful release creation' do
+      it 'creates a new release' do
+        result = service.execute
+        expect(result[:status]).to eq(:success)
+        expect(result[:tag]).not_to be_nil
+        expect(result[:release]).not_to be_nil
+        expect(result[:release].description).to eq(description)
+        expect(result[:release].name).to eq(name)
+        expect(result[:release].author).to eq(user)
+        expect(result[:release].sha).to eq(tag_sha)
+      end
+    end
+
+    it_behaves_like 'a successful release creation'
+
+    context 'when the tag does not exist' do
+      let(:tag_name) { 'non-exist-tag' }
+
+      it 'raises an error' do
+        result = service.execute
+
+        expect(result[:status]).to eq(:error)
+      end
+    end
+
+    context 'when ref is provided' do
+      let(:ref) { 'master' }
+      let(:tag_name) { 'foobar' }
+
+      it_behaves_like 'a successful release creation'
+
+      it 'creates a tag if the tag does not exist' do
+        expect(project.repository.ref_exists?("refs/tags/#{tag_name}")).to be_falsey
+
+        result = service.execute
+        expect(result[:status]).to eq(:success)
+        expect(result[:tag]).not_to be_nil
+        expect(result[:release]).not_to be_nil
+      end
+    end
+
+    context 'there already exists a release on a tag' do
+      let!(:release) do
+        create(:release, project: project, tag: tag_name, description: description)
+      end
+
+      it 'raises an error and does not update the release' do
+        result = service.execute
+        expect(result[:status]).to eq(:error)
+        expect(project.releases.find_by(tag: tag_name).description).to eq(description)
+      end
+    end
+  end
+end

spec/services/releases/destroy_service_spec.rb

+require 'spec_helper'
+
+describe Releases::DestroyService do
+  let(:project) { create(:project, :repository) }
+  let(:mainatiner) { create(:user) }
+  let(:repoter) { create(:user) }
+  let(:tag) { 'v1.1.0' }
+  let!(:release) { create(:release, project: project, tag: tag) }
+  let(:service) { described_class.new(project, user, params) }
+  let(:params) { { tag: tag } }
+  let(:user) { mainatiner }
+
+  before do
+    project.add_maintainer(mainatiner)
+    project.add_reporter(repoter)
+  end
+
+  describe '#execute' do
+    subject { service.execute }
+
+    context 'when there is a release' do
+      it 'removes the release' do
+        expect { subject }.to change { project.releases.count }.by(-1)
+      end
+
+      it 'returns the destroyed object' do
+        is_expected.to include(status: :success, release: release)
+      end
+    end
+
+    context 'when tag is not found' do
+      let(:tag) { 'v1.1.1' }
+
+      it 'returns an error' do
+        is_expected.to include(status: :error,
+                               message: 'Tag does not exist',
+                               http_status: 404)
+      end
+    end
+
+    context 'when release is not found' do
+      let!(:release) { }
+
+      it 'returns an error' do
+        is_expected.to include(status: :error,
+                               message: 'Release does not exist',
+                               http_status: 404)
+      end
+    end
+
+    context 'when user does not have permission' do
+      let(:user) { repoter }
+
+      it 'returns an error' do
+        is_expected.to include(status: :error,
+                               message: 'Access Denied',
+                               http_status: 403)
+      end
+    end
+  end
+end

spec/services/releases/update_service_spec.rb

+require 'spec_helper'
+
+describe Releases::UpdateService do
+  let(:project) { create(:project, :repository) }
+  let(:user) { create(:user) }
+  let(:new_name) { 'A new name' }
+  let(:new_description) { 'The best release!' }
+  let(:params) { { name: new_name, description: new_description, tag: tag_name } }
+  let(:service) { described_class.new(project, user, params) }
+  let!(:release) { create(:release, project: project, author: user, tag: tag_name) }
+  let(:tag_name) { 'v1.1.0' }
+
+  before do
+    project.add_developer(user)
+  end
+
+  describe '#execute' do
+    shared_examples 'a failed update' do
+      it 'raises an error' do
+        result = service.execute
+        expect(result[:status]).to eq(:error)
+      end
+    end
+
+    it 'successfully updates an existing release' do
+      result = service.execute
+      expect(result[:status]).to eq(:success)
+      expect(result[:release].name).to eq(new_name)
+      expect(result[:release].description).to eq(new_description)
+    end
+
+    context 'when the tag does not exists' do
+      let(:tag_name) { 'foobar' }
+
+      it_behaves_like 'a failed update'
+    end
+
+    context 'when the release does not exist' do
+      let!(:release) { }
+
+      it_behaves_like 'a failed update'
+    end
+
+    context 'with an invalid update' do
+      let(:new_description) { '' }
+
+      it_behaves_like 'a failed update'
+    end
+  end
+end

spec/services/update_release_service_spec.rb

-require 'spec_helper'
-
-describe UpdateReleaseService do
-  let(:project) { create(:project, :repository) }
-  let(:user) { create(:user) }
-  let(:tag_name) { project.repository.tag_names.first }
-  let(:description) { 'Awesome release!' }
-  let(:new_name) { 'A new name' }
-  let(:new_description) { 'The best release!' }
-  let(:params) { { name: new_name, description: new_description, tag: tag_name } }
-  let(:service) { described_class.new(project, user, params) }
-  let(:create_service) { CreateReleaseService.new(project, user, tag: tag_name, description: description) }
-
-  before do
-    create_service.execute
-  end
-
-  shared_examples 'a failed update' do
-    it 'raises an error' do
-      result = service.execute
-      expect(result[:status]).to eq(:error)
-    end
-  end
-
-  it 'successfully updates an existing release' do
-    result = service.execute
-    expect(result[:status]).to eq(:success)
-
-    release = project.releases.find_by(tag: tag_name)
-    expect(release.name).to eq(new_name)
-    expect(release.description).to eq(new_description)
-  end
-
-  context 'when the tag does not exists' do
-    let(:tag_name) { 'foobar' }
-
-    it_behaves_like 'a failed update'
-  end
-
-  context 'when the release does not exist' do
-    before do
-      project.releases.delete_all
-    end
-
-    it_behaves_like 'a failed update'
-  end
-
-  context 'with an invalid update' do
-    let(:new_description) { '' }
-
-    it_behaves_like 'a failed update'
-  end
-end