Commit 1be15162 authored by Rémy Coutable's avatar Rémy Coutable

Merge branch 'ben.boeckel/gitlab-ce-api-visible-projects' into 'master'

Add visible projects API

## What does this MR do?

Add a new `/projects/visible` API endpoint. Originally created by @ben.boeckel in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5970.

## Are there points in the code the reviewer needs to double check?

Does the API make sense?

## Why was this MR needed?

The `/projects` endpoint only returned projects the user was explicitly a member of.

Closes #19361, #3119.

See merge request !6681
parents b58ea12a 7623ab0c
...@@ -5,6 +5,7 @@ v 8.13.0 (unreleased) ...@@ -5,6 +5,7 @@ v 8.13.0 (unreleased)
- Add link from system note to compare with previous version - Add link from system note to compare with previous version
- Improve issue load time performance by avoiding ORDER BY in find_by call - Improve issue load time performance by avoiding ORDER BY in find_by call
- Use gitlab-shell v3.6.2 (GIT TRACE logging) - Use gitlab-shell v3.6.2 (GIT TRACE logging)
- Add `/projects/visible` API endpoint (Ben Boeckel)
- Fix centering of custom header logos (Ashley Dumaine) - Fix centering of custom header logos (Ashley Dumaine)
- AbstractReferenceFilter caches project_refs on RequestStore when active - AbstractReferenceFilter caches project_refs on RequestStore when active
- Replaced the check sign to arrow in the show build view. !6501 - Replaced the check sign to arrow in the show build view. !6501
......
This diff is collapsed.
...@@ -22,14 +22,25 @@ module API ...@@ -22,14 +22,25 @@ module API
# Example Request: # Example Request:
# GET /projects # GET /projects
get do get do
@projects = current_user.authorized_projects projects = current_user.authorized_projects
@projects = filter_projects(@projects) projects = filter_projects(projects)
@projects = paginate @projects projects = paginate projects
if params[:simple] entity = params[:simple] ? Entities::BasicProjectDetails : Entities::ProjectWithAccess
present @projects, with: Entities::BasicProjectDetails, user: current_user
else present projects, with: entity, user: current_user
present @projects, with: Entities::ProjectWithAccess, user: current_user end
end
# Get a list of visible projects for authenticated user
#
# Example Request:
# GET /projects/visible
get '/visible' do
projects = ProjectsFinder.new.execute(current_user)
projects = filter_projects(projects)
projects = paginate projects
entity = params[:simple] ? Entities::BasicProjectDetails : Entities::ProjectWithAccess
present projects, with: entity, user: current_user
end end
# Get an owned projects list for authenticated user # Get an owned projects list for authenticated user
...@@ -37,10 +48,10 @@ module API ...@@ -37,10 +48,10 @@ module API
# Example Request: # Example Request:
# GET /projects/owned # GET /projects/owned
get '/owned' do get '/owned' do
@projects = current_user.owned_projects projects = current_user.owned_projects
@projects = filter_projects(@projects) projects = filter_projects(projects)
@projects = paginate @projects projects = paginate projects
present @projects, with: Entities::ProjectWithAccess, user: current_user present projects, with: Entities::ProjectWithAccess, user: current_user
end end
# Gets starred project for the authenticated user # Gets starred project for the authenticated user
...@@ -48,10 +59,10 @@ module API ...@@ -48,10 +59,10 @@ module API
# Example Request: # Example Request:
# GET /projects/starred # GET /projects/starred
get '/starred' do get '/starred' do
@projects = current_user.viewable_starred_projects projects = current_user.viewable_starred_projects
@projects = filter_projects(@projects) projects = filter_projects(projects)
@projects = paginate @projects projects = paginate projects
present @projects, with: Entities::Project, user: current_user present projects, with: Entities::Project, user: current_user
end end
# Get all projects for admin user # Get all projects for admin user
...@@ -60,10 +71,10 @@ module API ...@@ -60,10 +71,10 @@ module API
# GET /projects/all # GET /projects/all
get '/all' do get '/all' do
authenticated_as_admin! authenticated_as_admin!
@projects = Project.all projects = Project.all
@projects = filter_projects(@projects) projects = filter_projects(projects)
@projects = paginate @projects projects = paginate projects
present @projects, with: Entities::ProjectWithAccess, user: current_user present projects, with: Entities::ProjectWithAccess, user: current_user
end end
# Get a single project # Get a single project
......
...@@ -175,6 +175,36 @@ describe API::API, api: true do ...@@ -175,6 +175,36 @@ describe API::API, api: true do
end end
end end
describe 'GET /projects/visible' do
let(:public_project) { create(:project, :public) }
before do
public_project
project
project2
project3
project4
end
it 'returns the projects viewable by the user' do
get api('/projects/visible', user)
expect(response).to have_http_status(200)
expect(json_response).to be_an Array
expect(json_response.map { |project| project['id'] }).
to contain_exactly(public_project.id, project.id, project2.id, project3.id)
end
it 'shows only public projects when the user only has access to those' do
get api('/projects/visible', user2)
expect(response).to have_http_status(200)
expect(json_response).to be_an Array
expect(json_response.map { |project| project['id'] }).
to contain_exactly(public_project.id)
end
end
describe 'GET /projects/starred' do describe 'GET /projects/starred' do
let(:public_project) { create(:project, :public) } let(:public_project) { create(:project, :public) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment