Commit f93424e8 authored by Abdul Wadood's avatar Abdul Wadood Committed by Douglas Barbosa Alexandre

Add Additional Minimal Access API Response Error Messages

Current return message does not tell the caller why the call failed.

This change adds two additional messages to the returned error message.

Changelog: changed
EE: true
Co-authored-by: default avatarAbdul Wadood <awadood@gitlab.com>
parent 550a2feb
...@@ -45,6 +45,11 @@ module EE ...@@ -45,6 +45,11 @@ module EE
return if access_level.in?(levels) return if access_level.in?(levels)
errors.add(:access_level, "is not included in the list") errors.add(:access_level, "is not included in the list")
if access_level == ::Gitlab::Access::MINIMAL_ACCESS
errors.add(:access_level, "supported on top level groups only") if group.has_parent?
errors.add(:access_level, "not supported by license") unless group.feature_available?(:minimal_access_role)
end
end end
override :post_create_hook override :post_create_hook
......
...@@ -7,11 +7,13 @@ RSpec.describe API::Members do ...@@ -7,11 +7,13 @@ RSpec.describe API::Members do
context 'group members endpoints for group with minimal access feature' do context 'group members endpoints for group with minimal access feature' do
let_it_be(:group) { create(:group) } let_it_be(:group) { create(:group) }
let_it_be(:subgroup) { create(:group, parent: group) }
let_it_be(:minimal_access_member) { create(:group_member, :minimal_access, source: group) } let_it_be(:minimal_access_member) { create(:group_member, :minimal_access, source: group) }
let_it_be(:owner) { create(:user) } let_it_be(:owner) { create(:user) }
before do before do
group.add_owner(owner) group.add_owner(owner)
subgroup.add_owner(owner)
end end
describe "GET /groups/:id/members" do describe "GET /groups/:id/members" do
...@@ -41,21 +43,23 @@ RSpec.describe API::Members do ...@@ -41,21 +43,23 @@ RSpec.describe API::Members do
params: { user_id: stranger.id, access_level: Member::MINIMAL_ACCESS } params: { user_id: stranger.id, access_level: Member::MINIMAL_ACCESS }
end end
context 'when minimal access role is not available' do context 'when minimal access license is not available' do
it 'does not create a member' do it 'does not create a member' do
expect do expect do
subject subject
end.not_to change { group.all_group_members.count } end.not_to change { group.all_group_members.count }
expect(response).to have_gitlab_http_status(:bad_request) expect(response).to have_gitlab_http_status(:bad_request)
expect(json_response['message']).to eq({ 'access_level' => ['is not included in the list'] }) expect(json_response['message']).to eq({ 'access_level' => ['is not included in the list', 'not supported by license'] })
end end
end end
context 'when minimal access role is available' do context 'when minimal access license is available' do
it 'creates a member' do before do
stub_licensed_features(minimal_access_role: true) stub_licensed_features(minimal_access_role: true)
end
it 'creates a member' do
expect do expect do
subject subject
end.to change { group.all_group_members.count }.by(1) end.to change { group.all_group_members.count }.by(1)
...@@ -63,6 +67,16 @@ RSpec.describe API::Members do ...@@ -63,6 +67,16 @@ RSpec.describe API::Members do
expect(response).to have_gitlab_http_status(:created) expect(response).to have_gitlab_http_status(:created)
expect(json_response['id']).to eq(stranger.id) expect(json_response['id']).to eq(stranger.id)
end end
it 'cannot be assigned to subgroup' do
expect do
post api("/groups/#{subgroup.id}/members", owner),
params: { user_id: stranger.id, access_level: Member::MINIMAL_ACCESS }
end.not_to change { subgroup.all_group_members.count }
expect(response).to have_gitlab_http_status(:bad_request)
expect(json_response['message']).to eq({ 'access_level' => ['is not included in the list', 'supported on top level groups only'] })
end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment