Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
84b7dd76
Commit
84b7dd76
authored
Jul 29, 2016
by
Rémy Coutable
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Use Grape DSL to document methods and their params
Signed-off-by:
Rémy Coutable
<
remy@rymai.me
>
parent
4dc61dc7
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
79 additions
and
97 deletions
+79
-97
lib/api/access_requests.rb
lib/api/access_requests.rb
+26
-38
lib/api/members.rb
lib/api/members.rb
+41
-55
spec/requests/api/members_spec.rb
spec/requests/api/members_spec.rb
+12
-4
No files found.
lib/api/access_requests.rb
View file @
84b7dd76
...
@@ -5,15 +5,14 @@ module API
...
@@ -5,15 +5,14 @@ module API
helpers
::
API
::
Helpers
::
MembersHelpers
helpers
::
API
::
Helpers
::
MembersHelpers
%w[group project]
.
each
do
|
source_type
|
%w[group project]
.
each
do
|
source_type
|
params
do
requires
:id
,
type:
String
,
desc:
"The
#{
source_type
}
ID"
end
resource
source_type
.
pluralize
do
resource
source_type
.
pluralize
do
# Get a list of group/project access requests viewable by the authenticated user.
desc
"Gets a list of access requests for a
#{
source_type
}
."
do
#
detail
'This feature was introduced in GitLab 8.11.'
# Parameters:
success
Entities
::
AccessRequester
# id (required) - The group/project ID
end
#
# Example Request:
# GET /groups/:id/access_requests
# GET /projects/:id/access_requests
get
":id/access_requests"
do
get
":id/access_requests"
do
source
=
find_source
(
source_type
,
params
[
:id
])
source
=
find_source
(
source_type
,
params
[
:id
])
...
@@ -23,14 +22,10 @@ module API
...
@@ -23,14 +22,10 @@ module API
present
access_requesters
.
map
(
&
:user
),
with:
Entities
::
AccessRequester
,
source:
source
present
access_requesters
.
map
(
&
:user
),
with:
Entities
::
AccessRequester
,
source:
source
end
end
# Request access to the group/project
desc
"Requests access for the authenticated user to a
#{
source_type
}
."
do
#
detail
'This feature was introduced in GitLab 8.11.'
# Parameters:
success
Entities
::
AccessRequester
# id (required) - The group/project ID
end
#
# Example Request:
# POST /groups/:id/access_requests
# POST /projects/:id/access_requests
post
":id/access_requests"
do
post
":id/access_requests"
do
source
=
find_source
(
source_type
,
params
[
:id
])
source
=
find_source
(
source_type
,
params
[
:id
])
access_requester
=
source
.
request_access
(
current_user
)
access_requester
=
source
.
request_access
(
current_user
)
...
@@ -42,37 +37,30 @@ module API
...
@@ -42,37 +37,30 @@ module API
end
end
end
end
# Approve a group/project access request
desc
'Approves an access request for the given user.'
do
#
detail
'This feature was introduced in GitLab 8.11.'
# Parameters:
success
Entities
::
Member
# id (required) - The group/project ID
end
# user_id (required) - The user ID of the access requester
params
do
# access_level (optional) - Access level
requires
:user_id
,
type:
Integer
,
desc:
'The user ID of the access requester'
#
optional
:access_level
,
type:
Integer
,
desc:
'A valid access level (defaults: `30`, developer access level)'
# Example Request:
end
# PUT /groups/:id/access_requests/:user_id/approve
# PUT /projects/:id/access_requests/:user_id/approve
put
':id/access_requests/:user_id/approve'
do
put
':id/access_requests/:user_id/approve'
do
required_attributes!
[
:user_id
]
source
=
find_source
(
source_type
,
params
[
:id
])
source
=
find_source
(
source_type
,
params
[
:id
])
member
=
::
Members
::
ApproveAccessRequestService
.
new
(
source
,
current_user
,
params
).
execute
member
=
::
Members
::
ApproveAccessRequestService
.
new
(
source
,
current_user
,
declared
(
params
)
).
execute
status
:created
status
:created
present
member
.
user
,
with:
Entities
::
Member
,
member:
member
present
member
.
user
,
with:
Entities
::
Member
,
member:
member
end
end
# Deny a group/project access request
desc
'Denies an access request for the given user.'
do
#
detail
'This feature was introduced in GitLab 8.11.'
# Parameters:
end
# id (required) - The group/project ID
params
do
# user_id (required) - The user ID of the access requester
requires
:user_id
,
type:
Integer
,
desc:
'The user ID of the access requester'
#
end
# Example Request:
# DELETE /groups/:id/access_requests/:user_id
# DELETE /projects/:id/access_requests/:user_id
delete
":id/access_requests/:user_id"
do
delete
":id/access_requests/:user_id"
do
required_attributes!
[
:user_id
]
source
=
find_source
(
source_type
,
params
[
:id
])
source
=
find_source
(
source_type
,
params
[
:id
])
::
Members
::
DestroyService
.
new
(
source
,
current_user
,
params
).
::
Members
::
DestroyService
.
new
(
source
,
current_user
,
params
).
...
...
lib/api/members.rb
View file @
84b7dd76
...
@@ -5,16 +5,16 @@ module API
...
@@ -5,16 +5,16 @@ module API
helpers
::
API
::
Helpers
::
MembersHelpers
helpers
::
API
::
Helpers
::
MembersHelpers
%w[group project]
.
each
do
|
source_type
|
%w[group project]
.
each
do
|
source_type
|
params
do
requires
:id
,
type:
String
,
desc:
"The
#{
source_type
}
ID"
end
resource
source_type
.
pluralize
do
resource
source_type
.
pluralize
do
# Get a list of group/project members viewable by the authenticated user.
desc
'Gets a list of group or project members viewable by the authenticated user.'
do
#
success
Entities
::
Member
# Parameters:
end
# id (required) - The group/project ID
params
do
# query - Query string
optional
:query
,
type:
String
,
desc:
'A query string to search for members'
#
end
# Example Request:
# GET /groups/:id/members
# GET /projects/:id/members
get
":id/members"
do
get
":id/members"
do
source
=
find_source
(
source_type
,
params
[
:id
])
source
=
find_source
(
source_type
,
params
[
:id
])
...
@@ -25,15 +25,12 @@ module API
...
@@ -25,15 +25,12 @@ module API
present
users
,
with:
Entities
::
Member
,
source:
source
present
users
,
with:
Entities
::
Member
,
source:
source
end
end
# Get a group/project member
desc
'Gets a member of a group or project.'
do
#
success
Entities
::
Member
# Parameters:
end
# id (required) - The group/project ID
params
do
# user_id (required) - The user ID of the member
requires
:user_id
,
type:
Integer
,
desc:
'The user ID of the member'
#
end
# Example Request:
# GET /groups/:id/members/:user_id
# GET /projects/:id/members/:user_id
get
":id/members/:user_id"
do
get
":id/members/:user_id"
do
source
=
find_source
(
source_type
,
params
[
:id
])
source
=
find_source
(
source_type
,
params
[
:id
])
...
@@ -43,26 +40,25 @@ module API
...
@@ -43,26 +40,25 @@ module API
present
member
.
user
,
with:
Entities
::
Member
,
member:
member
present
member
.
user
,
with:
Entities
::
Member
,
member:
member
end
end
# Add a new group/project member
desc
'Adds a member to a group or project.'
do
#
success
Entities
::
Member
# Parameters:
end
# id (required) - The group/project ID
params
do
# user_id (required) - The user ID of the new member
requires
:user_id
,
type:
Integer
,
desc:
'The user ID of the new member'
# access_level (required) - A valid access level
requires
:access_level
,
type:
Integer
,
desc:
'A valid access level (defaults: `30`, developer access level)'
# expires_at (optional) - Date string in the format YEAR-MONTH-DAY
optional
:expires_at
,
type:
DateTime
,
desc:
'Date string in the format YEAR-MONTH-DAY'
#
end
# Example Request:
# POST /groups/:id/members
# POST /projects/:id/members
post
":id/members"
do
post
":id/members"
do
source
=
find_source
(
source_type
,
params
[
:id
])
source
=
find_source
(
source_type
,
params
[
:id
])
authorize_admin_source!
(
source_type
,
source
)
authorize_admin_source!
(
source_type
,
source
)
required_attributes!
[
:user_id
,
:access_level
]
member
=
source
.
members
.
find_by
(
user_id:
params
[
:user_id
])
member
=
source
.
members
.
find_by
(
user_id:
params
[
:user_id
])
# This is to ensure back-compatibility but 409 behavior should be used
# We need this explicit check because `source.add_user` doesn't
# for both project and group members in 9.0!
# currently return the member created so it would return 201 even if
# the member already existed...
# The `source_type == 'group'` check is to ensure back-compatibility
# but 409 behavior should be used for both project and group members in 9.0!
conflict!
(
'Member already exists'
)
if
source_type
==
'group'
&&
member
conflict!
(
'Member already exists'
)
if
source_type
==
'group'
&&
member
unless
member
unless
member
...
@@ -79,21 +75,17 @@ module API
...
@@ -79,21 +75,17 @@ module API
end
end
end
end
# Update a group/project member
desc
'Updates a member of a group or project.'
do
#
success
Entities
::
Member
# Parameters:
end
# id (required) - The group/project ID
params
do
# user_id (required) - The user ID of the member
requires
:user_id
,
type:
Integer
,
desc:
'The user ID of the new member'
# access_level (required) - A valid access level
requires
:access_level
,
type:
Integer
,
desc:
'A valid access level'
# expires_at (optional) - Date string in the format YEAR-MONTH-DAY
optional
:expires_at
,
type:
DateTime
,
desc:
'Date string in the format YEAR-MONTH-DAY'
#
end
# Example Request:
# PUT /groups/:id/members/:user_id
# PUT /projects/:id/members/:user_id
put
":id/members/:user_id"
do
put
":id/members/:user_id"
do
source
=
find_source
(
source_type
,
params
[
:id
])
source
=
find_source
(
source_type
,
params
[
:id
])
authorize_admin_source!
(
source_type
,
source
)
authorize_admin_source!
(
source_type
,
source
)
required_attributes!
[
:user_id
,
:access_level
]
member
=
source
.
members
.
find_by!
(
user_id:
params
[
:user_id
])
member
=
source
.
members
.
find_by!
(
user_id:
params
[
:user_id
])
attrs
=
attributes_for_keys
[
:access_level
,
:expires_at
]
attrs
=
attributes_for_keys
[
:access_level
,
:expires_at
]
...
@@ -108,18 +100,12 @@ module API
...
@@ -108,18 +100,12 @@ module API
end
end
end
end
# Remove a group/project member
desc
'Removes a user from a group or project.'
#
params
do
# Parameters:
requires
:user_id
,
type:
Integer
,
desc:
'The user ID of the member'
# id (required) - The group/project ID
end
# user_id (required) - The user ID of the member
#
# Example Request:
# DELETE /groups/:id/members/:user_id
# DELETE /projects/:id/members/:user_id
delete
":id/members/:user_id"
do
delete
":id/members/:user_id"
do
source
=
find_source
(
source_type
,
params
[
:id
])
source
=
find_source
(
source_type
,
params
[
:id
])
required_attributes!
[
:user_id
]
# This is to ensure back-compatibility but find_by! should be used
# This is to ensure back-compatibility but find_by! should be used
# in that casse in 9.0!
# in that casse in 9.0!
...
@@ -134,7 +120,7 @@ module API
...
@@ -134,7 +120,7 @@ module API
if
member
.
nil?
if
member
.
nil?
{
message:
"Access revoked"
,
id:
params
[
:user_id
].
to_i
}
{
message:
"Access revoked"
,
id:
params
[
:user_id
].
to_i
}
else
else
::
Members
::
DestroyService
.
new
(
source
,
current_user
,
params
).
execute
::
Members
::
DestroyService
.
new
(
source
,
current_user
,
declared
(
params
)
).
execute
present
member
.
user
,
with:
Entities
::
Member
,
member:
member
present
member
.
user
,
with:
Entities
::
Member
,
member:
member
end
end
...
...
spec/requests/api/members_spec.rb
View file @
84b7dd76
...
@@ -97,7 +97,10 @@ describe API::Members, api: true do
...
@@ -97,7 +97,10 @@ describe API::Members, api: true do
shared_examples
'POST /:sources/:id/members'
do
|
source_type
|
shared_examples
'POST /:sources/:id/members'
do
|
source_type
|
context
"with :sources ==
#{
source_type
.
pluralize
}
"
do
context
"with :sources ==
#{
source_type
.
pluralize
}
"
do
it_behaves_like
'a 404 response when source is private'
do
it_behaves_like
'a 404 response when source is private'
do
let
(
:route
)
{
post
api
(
"/
#{
source_type
.
pluralize
}
/
#{
source
.
id
}
/members"
,
stranger
)
}
let
(
:route
)
do
post
api
(
"/
#{
source_type
.
pluralize
}
/
#{
source
.
id
}
/members"
,
stranger
),
user_id:
access_requester
.
id
,
access_level:
Member
::
MASTER
end
end
end
context
'when authenticated as a non-member or member with insufficient rights'
do
context
'when authenticated as a non-member or member with insufficient rights'
do
...
@@ -105,7 +108,8 @@ describe API::Members, api: true do
...
@@ -105,7 +108,8 @@ describe API::Members, api: true do
context
"as a
#{
type
}
"
do
context
"as a
#{
type
}
"
do
it
'returns 403'
do
it
'returns 403'
do
user
=
public_send
(
type
)
user
=
public_send
(
type
)
post
api
(
"/
#{
source_type
.
pluralize
}
/
#{
source
.
id
}
/members"
,
user
)
post
api
(
"/
#{
source_type
.
pluralize
}
/
#{
source
.
id
}
/members"
,
user
),
user_id:
access_requester
.
id
,
access_level:
Member
::
MASTER
expect
(
response
).
to
have_http_status
(
403
)
expect
(
response
).
to
have_http_status
(
403
)
end
end
...
@@ -174,7 +178,10 @@ describe API::Members, api: true do
...
@@ -174,7 +178,10 @@ describe API::Members, api: true do
shared_examples
'PUT /:sources/:id/members/:user_id'
do
|
source_type
|
shared_examples
'PUT /:sources/:id/members/:user_id'
do
|
source_type
|
context
"with :sources ==
#{
source_type
.
pluralize
}
"
do
context
"with :sources ==
#{
source_type
.
pluralize
}
"
do
it_behaves_like
'a 404 response when source is private'
do
it_behaves_like
'a 404 response when source is private'
do
let
(
:route
)
{
put
api
(
"/
#{
source_type
.
pluralize
}
/
#{
source
.
id
}
/members/
#{
developer
.
id
}
"
,
stranger
)
}
let
(
:route
)
do
put
api
(
"/
#{
source_type
.
pluralize
}
/
#{
source
.
id
}
/members/
#{
developer
.
id
}
"
,
stranger
),
access_level:
Member
::
MASTER
end
end
end
context
'when authenticated as a non-member or member with insufficient rights'
do
context
'when authenticated as a non-member or member with insufficient rights'
do
...
@@ -182,7 +189,8 @@ describe API::Members, api: true do
...
@@ -182,7 +189,8 @@ describe API::Members, api: true do
context
"as a
#{
type
}
"
do
context
"as a
#{
type
}
"
do
it
'returns 403'
do
it
'returns 403'
do
user
=
public_send
(
type
)
user
=
public_send
(
type
)
put
api
(
"/
#{
source_type
.
pluralize
}
/
#{
source
.
id
}
/members/
#{
developer
.
id
}
"
,
user
)
put
api
(
"/
#{
source_type
.
pluralize
}
/
#{
source
.
id
}
/members/
#{
developer
.
id
}
"
,
user
),
access_level:
Member
::
MASTER
expect
(
response
).
to
have_http_status
(
403
)
expect
(
response
).
to
have_http_status
(
403
)
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment