Allow creating protected branches with specific group access.

1. Add a `autocomplete/project_groups` controller action. Prefer this to `autocomplete/groups` because the latter (wierdly) seems to break other dropdowns that list groups. 2. This commit does _not_ change the actual UI, because this is probably better saved for @alfredo1 to work on. However, all the other pieces have been set up, so there shouldn't be a need for any more backend changes.

Allow creating protected branches with specific group access.
1. Add a `autocomplete/project_groups` controller action. Prefer this to `autocomplete/groups` because the latter (wierdly) seems to break other dropdowns that list groups. 2. This commit does _not_ change the actual UI, because this is probably better saved for @alfredo1 to work on. However, all the other pieces have been set up, so there shouldn't be a need for any more backend changes.
c38ed397 · Timothy Andrew · Alfredo Sumaran · 7714c114 · c38ed397 · c38ed397
Commit c38ed397 authored Aug 15, 2016 by Timothy Andrew Committed by Alfredo Sumaran Oct 17, 2016
5 changed files
--- a/app/controllers/autocomplete_controller.rb
+++ b/app/controllers/autocomplete_controller.rb
 class AutocompleteController < ApplicationController
  skip_before_action :authenticate_user!, only: [:users]
-  before_action :load_project, only: [:users]
+  before_action :load_project, only: [:users, :project_groups]
  before_action :find_users, only: [:users]

  def users
@@ -28,6 +28,10 @@ class AutocompleteController < ApplicationController
    render json: @users, only: [:name, :username, :id], methods: [:avatar_url]
  end

+  def project_groups
+    render json: @project.invited_groups, only: [:id, :name], methods: [:avatar_url]
+  end
+
  def user
    @user = User.find(params[:id])
    render json: @user, only: [:name, :username, :id], methods: [:avatar_url]

--- a/app/controllers/projects/protected_branches_controller.rb
+++ b/app/controllers/projects/protected_branches_controller.rb
@@ -59,8 +59,8 @@ class Projects::ProtectedBranchesController < Projects::ApplicationController

  def protected_branch_params
    params.require(:protected_branch).permit(:name,
-                                             merge_access_levels_attributes: [:access_level, :id, :user_id, :_destroy],
-                                             push_access_levels_attributes: [:access_level, :id, :user_id, :_destroy])
+                                             merge_access_levels_attributes: [:access_level, :id, :user_id, :_destroy, :group_id],
+                                             push_access_levels_attributes: [:access_level, :id, :user_id, :_destroy, :group_id])
  end

  def load_protected_branches

--- a/app/models/concerns/protected_branch_access.rb
+++ b/app/models/concerns/protected_branch_access.rb
@@ -9,6 +9,8 @@ module ProtectedBranchAccess
  def type
    if self.user.present?
      :user
+    elsif self.group.present?
+      :group
    else
      :role
    end
@@ -16,6 +18,7 @@ module ProtectedBranchAccess

  def humanize
    return self.user.name if self.user.present?
+    return self.group.name if self.group.present?

    self.class.human_access_levels[self.access_level]
  end

--- a/config/routes.rb
+++ b/config/routes.rb
@@ -40,6 +40,7 @@ Rails.application.routes.draw do
  get '/autocomplete/users' => 'autocomplete#users'
  get '/autocomplete/users/:id' => 'autocomplete#user'
  get '/autocomplete/projects' => 'autocomplete#projects'
+  get '/autocomplete/project_groups' => 'autocomplete#project_groups'

  # Emojis
  resources :emojis, only: :index

--- a/spec/controllers/autocomplete_controller_spec.rb
+++ b/spec/controllers/autocomplete_controller_spec.rb
@@ -338,4 +338,44 @@ describe AutocompleteController do
      end
    end
  end
+
+  context "groups" do
+    let(:matching_group) { create(:group) }
+    let(:non_matching_group) { create(:group) }
+
+    context "while fetching all groups belonging to a project" do
+      before do
+        project.team << [user, :developer]
+        project.invited_groups << matching_group
+        sign_in(user)
+        get(:project_groups, project_id: project.id)
+      end
+
+      let(:body) { JSON.parse(response.body) }
+
+      it { expect(body).to be_kind_of(Array) }
+      it { expect(body.size).to eq 1 }
+      it { expect(body.first.values_at('id', 'name')).to eq [matching_group.id, matching_group.name] }
+    end
+
+    context "while fetching all groups belonging to a project the current user cannot access" do
+      before do
+        project.invited_groups << matching_group
+        sign_in(user)
+        get(:project_groups, project_id: project.id)
+      end
+
+      it { expect(response).to be_not_found }
+    end
+
+    context "while fetching all groups belonging to an invalid project ID" do
+      before do
+        project.invited_groups << matching_group
+        sign_in(user)
+        get(:project_groups, project_id: 'invalid')
+      end
+
+      it { expect(response).to be_not_found }
+    end
+  end
 end