Merge branch 'feature/project_share_api' of /home/git/repositories/gitlab/gitlab-ee

app/models/project_group_link.rb

@@ -16,14 +16,11 @@ class ProjectGroupLink < ActiveRecord::Base
   validates :project_id, presence: true
   validates :group_id, presence: true
   validates :group_id, uniqueness: { scope: [:project_id], message: "already shared with this group" }
+  validates :group_access, presence: true
+  validates :group_access, inclusion: { in: Gitlab::Access.values }, presence: true
 
   def self.access_options
-    {
-      "Guest"     => GUEST,
-      "Reporter"  => REPORTER,
-      "Developer" => DEVELOPER,
-      "Master"    => MASTER
-    }
+    Gitlab::Access.options
   end
 
   def self.default_access

doc/api/projects.md

@@ -484,3 +484,20 @@ DELETE /projects/:id/fork
 Parameter:
 
 + `id` (required) - The ID of the project
+
+
+### Share project with group
+
+Shares project with group. In order to share project with several groups - do several requests.
+You must be a master or owner of project in order to perform action
+
+
+```
+POST /projects/:id/share
+```
+
+Parameters:
+
++ `id` (required) - The ID of a project
++ `group_id` (required) - The ID of a group to share with
++ `group_access` (required) - Group access level

lib/api/entities.rb

@@ -140,5 +140,9 @@ module API
     class LdapGroup < Grape::Entity
       expose :cn
     end
+
+    class ProjectGroupLink < Grape::Entity
+      expose :id, :project_id, :group_id, :group_access
+    end
   end
 end

lib/api/projects.rb

@@ -262,6 +262,29 @@ module API
           {message: "Access revoked", id: params[:user_id].to_i}
         end
       end
+
+      # Share project with group
+      #
+      # Parameters:
+      #   id (required) - The ID of a project
+      #   group_id (required) - The ID of a group
+      #   group_access (required) - Level of permissions for sharing
+      #
+      # Example Request:
+      #   POST /projects/:id/share
+      post ":id/share" do
+        authorize! :admin_project, user_project
+        required_attributes! [:group_id, :group_access]
+
+        link = user_project.project_group_links.new
+        link.group_id = params[:group_id]
+        link.group_access = params[:group_access]
+        if link.save
+          present link, with: Entities::ProjectGroupLink
+        else
+          render_api_error!(link.errors.full_messages.first, 409)
+        end
+      end
     end
   end
 end

spec/models/project_group_link_spec.rb

@@ -17,5 +17,6 @@ describe ProjectGroupLink do
     it { should validate_presence_of(:project_id) }
     it { should validate_uniqueness_of(:group_id).scoped_to(:project_id).with_message(/already shared/) }
     it { should validate_presence_of(:group_id) }
+    it { should validate_presence_of(:group_access) }
   end
 end

spec/requests/api/projects_spec.rb

@@ -692,4 +692,35 @@ describe API::API do
       end
     end
   end
+
+  describe "POST /projects/:id/share" do
+    let(:group) { create(:group) }
+
+    it "should share project with group" do
+      expect {
+        post api("/projects/#{project.id}/share", user), group_id: group.id,
+          group_access: Gitlab::Access::DEVELOPER
+      }.to change { ProjectGroupLink.count }.by(1)
+
+      response.status.should == 201
+      json_response['group_id'].should == group.id
+      json_response['group_access'].should == Gitlab::Access::DEVELOPER
+    end
+
+    it "should return a 400 error when group id is not given" do
+      post api("/projects/#{project.id}/share", user), group_access: Gitlab::Access::DEVELOPER
+      response.status.should == 400
+    end
+
+    it "should return a 400 error when access level is not given" do
+      post api("/projects/#{project.id}/share", user), group_id: group.id
+      response.status.should == 400
+    end
+
+    it "should return a 409 error when wrong params passed" do
+      post api("/projects/#{project.id}/share", user), group_id: group.id, group_access: 1234
+      response.status.should == 409
+      json_response['message'].should == 'Group access is not included in the list'
+    end
+  end
 end