Commit 01f52ff3 authored by Jarka Košanová's avatar Jarka Košanová Committed by Stan Hu

Add confidential attr to API for notes update

- update endpoint and specs
- update the documentation
- add changelog entry
parent d7400d4e
---
title: Add confidential attribute to public API for notes update
merge_request: 37932
author:
type: added
...@@ -145,10 +145,11 @@ PUT /projects/:id/issues/:issue_iid/notes/:note_id ...@@ -145,10 +145,11 @@ PUT /projects/:id/issues/:issue_iid/notes/:note_id
Parameters: Parameters:
- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) - `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding).
- `issue_iid` (required) - The IID of an issue - `issue_iid` (required) - The IID of an issue.
- `note_id` (required) - The ID of a note - `note_id` (required) - The ID of a note.
- `body` (required) - The content of a note. Limited to 1,000,000 characters. - `body` (optional) - The content of a note. Limited to 1,000,000 characters.
- `confidential` (optional) - The confidential flag of a note.
```shell ```shell
curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/issues/11/notes?body=note" curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/issues/11/notes?body=note"
......
...@@ -17,8 +17,9 @@ module API ...@@ -17,8 +17,9 @@ module API
authorize! :admin_note, note authorize! :admin_note, note
opts = { opts = {
note: params[:body] note: params[:body],
} confidential: params[:confidential]
}.compact
parent = noteable_parent(noteable) parent = noteable_parent(noteable)
project = parent if parent.is_a?(Project) project = parent if parent.is_a?(Project)
......
...@@ -101,7 +101,8 @@ module API ...@@ -101,7 +101,8 @@ module API
params do params do
requires :noteable_id, type: Integer, desc: 'The ID of the noteable' requires :noteable_id, type: Integer, desc: 'The ID of the noteable'
requires :note_id, type: Integer, desc: 'The ID of a note' requires :note_id, type: Integer, desc: 'The ID of a note'
requires :body, type: String, desc: 'The content of a note' optional :body, type: String, allow_blank: false, desc: 'The content of a note'
optional :confidential, type: Boolean, desc: 'Confidentiality note flag'
end end
put ":id/#{noteables_str}/:noteable_id/notes/:note_id" do put ":id/#{noteables_str}/:noteable_id/notes/:note_id" do
noteable = find_noteable(noteable_type, params[:noteable_id]) noteable = find_noteable(noteable_type, params[:noteable_id])
......
...@@ -277,12 +277,53 @@ RSpec.shared_examples 'noteable API' do |parent_type, noteable_type, id_name| ...@@ -277,12 +277,53 @@ RSpec.shared_examples 'noteable API' do |parent_type, noteable_type, id_name|
end end
describe "PUT /#{parent_type}/:id/#{noteable_type}/:noteable_id/notes/:note_id" do describe "PUT /#{parent_type}/:id/#{noteable_type}/:noteable_id/notes/:note_id" do
it 'returns modified note' do let(:params) { { body: 'Hello!', confidential: false } }
put api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\
"notes/#{note.id}", user), params: { body: 'Hello!' }
expect(response).to have_gitlab_http_status(:ok) subject do
expect(json_response['body']).to eq('Hello!') put api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/notes/#{note.id}", user), params: params
end
context 'when eveything is ok' do
before do
note.update!(confidential: true)
end
context 'with multiple params present' do
before do
subject
end
it 'returns modified note' do
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['body']).to eq('Hello!')
expect(json_response['confidential']).to be_falsey
end
it 'updates the note' do
expect(note.reload.note).to eq('Hello!')
expect(note.confidential).to be_falsey
end
end
context 'when only body param is present' do
let(:params) { { body: 'Hello!' } }
it 'updates only the note text' do
expect { subject }.not_to change { note.reload.confidential }
expect(note.note).to eq('Hello!')
end
end
context 'when only confidential param is present' do
let(:params) { { confidential: false } }
it 'updates only the note text' do
expect { subject }.not_to change { note.reload.note }
expect(note.confidential).to be_falsey
end
end
end end
it 'returns a 404 error when note id not found' do it 'returns a 404 error when note id not found' do
...@@ -292,9 +333,9 @@ RSpec.shared_examples 'noteable API' do |parent_type, noteable_type, id_name| ...@@ -292,9 +333,9 @@ RSpec.shared_examples 'noteable API' do |parent_type, noteable_type, id_name|
expect(response).to have_gitlab_http_status(:not_found) expect(response).to have_gitlab_http_status(:not_found)
end end
it 'returns a 400 bad request error if body not given' do it 'returns a 400 bad request error if body is empty' do
put api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\ put api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\
"notes/#{note.id}", user) "notes/#{note.id}", user), params: { body: '' }
expect(response).to have_gitlab_http_status(:bad_request) expect(response).to have_gitlab_http_status(:bad_request)
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment