Implement MVC for Pipeline deletion API

5b45cd24 · Matija Čupić · d15c9ae3 · 5b45cd24 · 5b45cd24
Commit 5b45cd24 authored Nov 12, 2018 by Matija Čupić
Hide whitespace changes
Inline Side-by-side

Showing with 62 additions and 0 deletions

lib/api/pipelines.rb lib/api/pipelines.rb +15 -0

spec/requests/api/pipelines_spec.rb spec/requests/api/pipelines_spec.rb +47 -0

No files found.
--- a/lib/api/pipelines.rb
+++ b/lib/api/pipelines.rb
@@ -81,6 +81,21 @@ module API
        present pipeline, with: Entities::Pipeline
      end

+      desc 'Deletes a pipeline' do
+        detail 'This feature was introduced in GitLab 11.6'
+        http_codes [[204, 'Pipeline was deleted'], [403, 'Forbidden']]
+      end
+      params do
+        requires :pipeline_id, type: Integer, desc: 'The pipeline ID'
+      end
+      delete ':id/pipelines/:pipeline_id' do
+        authorize! :admin_pipeline, user_project
+
+        AuditEventService.new(current_user, user_project).security_event
+
+        destroy_conditionally!(pipeline)
+      end
+
      desc 'Retry builds in the pipeline' do
        detail 'This feature was introduced in GitLab 8.11.'
        success Entities::Pipeline

--- a/spec/requests/api/pipelines_spec.rb
+++ b/spec/requests/api/pipelines_spec.rb
@@ -438,6 +438,53 @@ describe API::Pipelines do
    end
  end

+  describe 'DELETE /projects/:id/pipelines/:pipeline_id' do
+    context 'authorized user' do
+      it 'deletes the pipeline' do
+        delete api("/projects/#{project.id}/pipelines/#{pipeline.id}", user)
+
+        expect(response).to have_gitlab_http_status(204)
+        expect { pipeline.reload }.to raise_error(ActiveRecord::RecordNotFound)
+      end
+
+      it 'returns 404 when it does not exist' do
+        delete api("/projects/#{project.id}/pipelines/123456", user)
+
+        expect(response).to have_gitlab_http_status(404)
+        expect(json_response['message']).to eq '404 Not found'
+      end
+
+      it 'logs an audit event' do
+        expect { delete api("/projects/#{project.id}/pipelines/#{pipeline.id}", user) }.to change { SecurityEvent.count }.by(1)
+      end
+
+      context 'when the pipeline has jobs' do
+        let!(:pipeline) do
+          create(:ci_pipeline, project: project, sha: project.commit.id,
+                               ref: project.default_branch, user: user)
+        end
+
+        let!(:build) { create(:ci_build, project: project, pipeline: pipeline) }
+
+        it 'deletes associated jobs' do
+          delete api("/projects/#{project.id}/pipelines/#{pipeline.id}", user)
+
+          expect(response).to have_gitlab_http_status(204)
+          expect { build.reload }.to raise_error(ActiveRecord::RecordNotFound)
+        end
+      end
+    end
+
+    context 'unauthorized user' do
+      it 'should not return a project pipeline' do
+        get api("/projects/#{project.id}/pipelines/#{pipeline.id}", non_member)
+
+        expect(response).to have_gitlab_http_status(404)
+        expect(json_response['message']).to eq '404 Project Not Found'
+      end
+    end
+  end
+
  describe 'POST /projects/:id/pipelines/:pipeline_id/retry' do
    context 'authorized user' do
      let!(:pipeline) do