Merge pull request #2877 from former03/feature_groups_api

Add groups api

doc/api/README.md

@@ -32,6 +32,7 @@ When listing resources you can pass the following parameters:
 + [Users](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/users.md)
 + [Session](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/session.md)
 + [Projects](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/projects.md)
++ [Groups](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/groups.md)
 + [Snippets](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/snippets.md)
 + [Repositories](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/repositories.md)
 + [Issues](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/issues.md)

doc/api/groups.md

+## List project groups
+
+Get a list of groups. (As user: my groups, as admin: all groups)
+
+```
+GET /groups
+```
+
+```json
+[
+    {
+        "id": 1,
+        "name": "Foobar Group",
+        "path": "foo-bar",
+        "owner_id": 18
+    }
+]
+```
+
+## Details of group
+
+Get all details of a group.
+
+```
+GET /groups/:id
+```
+
+Parameters:
+
++ `id` (required) - The ID of a group
+
+## New group
+
+Create a new project group. Available only for admin
+
+```
+POST /groups
+```
+
+Parameters:
++ `name` (required)                  - Email
++ `path`                             - Password
+
+Will return created group with status `201 Created` on success, or `404 Not found` on fail.
+

lib/api.rb

@@ -12,6 +12,7 @@ module Gitlab
     error_format :json
     helpers APIHelpers
     
+    mount Groups
     mount Users
     mount Projects
     mount Issues

lib/api/entities.rb

@@ -32,6 +32,15 @@ module Gitlab
       end
     end
 
+    class Group < Grape::Entity
+      expose :id, :name, :path, :owner_id
+    end
+    
+    class GroupDetail < Group
+      expose :projects, using: Entities::Project
+    end
+
+    
     class RepoObject < Grape::Entity
       expose :name, :commit
       expose :protected do |repo, options|

lib/api/groups.rb

+module Gitlab
+  # groups API
+  class Groups < Grape::API
+    before { authenticate! }
+
+    resource :groups do
+      # Get a groups list
+      #
+      # Example Request:
+      #  GET /groups
+      get do
+        if current_user.admin
+          @groups = paginate Group
+        else
+          @groups = paginate current_user.groups
+        end
+        present @groups, with: Entities::Group
+      end
+
+      # Create group. Available only for admin
+      #
+      # Parameters:
+      #   name (required)                   - Name
+      #   path (required)                   - Path
+      # Example Request:
+      #   POST /groups
+      post do
+        authenticated_as_admin!
+        attrs = attributes_for_keys [:name, :path]
+        @group = Group.new(attrs)
+        @group.owner = current_user
+
+        if @group.save
+          present @group, with: Entities::Group
+        else
+          not_found!
+        end
+      end
+
+      # Get a single group, with containing projects
+      #
+      # Parameters:
+      #   id (required) - The ID of a group
+      # Example Request:
+      #   GET /groups/:id
+      get ":id" do
+        @group = Group.find(params[:id])
+        if current_user.admin or current_user.groups.include? @group
+          present @group, with: Entities::GroupDetail
+        else
+          not_found!
+        end
+      end
+    end
+  end
+end

spec/requests/api/groups_spec.rb

+require 'spec_helper'
+
+describe Gitlab::API do
+  include ApiHelpers
+
+  let(:user1)  { create(:user) }
+  let(:user2)  { create(:user) }
+  let(:admin) { create(:admin) }
+  let!(:group1)  { create(:group, owner: user1) }
+  let!(:group2)  { create(:group, owner: user2) }
+
+  describe "GET /groups" do
+    context "when unauthenticated" do
+      it "should return authentication error" do
+        get api("/groups")
+        response.status.should == 401
+      end
+    end
+
+    context "when authenticated as user" do
+      it "normal user: should return an array of groups of user1" do
+        get api("/groups", user1)
+        response.status.should == 200
+        json_response.should be_an Array
+        json_response.length.should == 1
+        json_response.first['name'].should == group1.name
+      end
+    end
+    
+    context "when authenticated as  admin" do
+      it "admin: should return an array of all groups" do
+        get api("/groups", admin)
+        response.status.should == 200
+        json_response.should be_an Array
+        json_response.length.should == 2
+      end
+    end
+  end
+  
+  describe "GET /groups/:id" do
+    context "when authenticated as user" do
+      it "should return one of user1's groups" do
+        get api("/groups/#{group1.id}", user1)
+        response.status.should == 200
+        json_response['name'] == group1.name
+      end
+      
+      it "should not return a non existing group" do
+        get api("/groups/1328", user1)
+        response.status.should == 404
+      end
+      
+      it "should not return a group not attached to user1" do
+        get api("/groups/#{group2.id}", user1)
+        response.status.should == 404
+      end
+    end
+    
+    context "when authenticated as admin" do
+      it "should return any existing group" do
+        get api("/groups/#{group2.id}", admin)
+        response.status.should == 200
+        json_response['name'] == group2.name
+      end
+      
+      it "should not return a non existing group" do
+        get api("/groups/1328", admin)
+        response.status.should == 404
+      end
+    end
+  end
+  
+  describe "POST /groups" do
+    context "when authenticated as user" do
+      it "should not create group" do
+        post api("/groups", user1), attributes_for(:group)
+        response.status.should == 403
+      end
+    end
+    
+    context "when authenticated as admin" do
+      it "should create group" do
+        post api("/groups", admin), attributes_for(:group)
+        response.status.should == 201
+      end
+
+      it "should not create group, duplicate" do
+        post api("/groups", admin), {:name => "Duplicate Test", :path => group2.path}
+        response.status.should == 404
+      end
+    end
+  end
+end