Adding permissions values to upload endpoint and test case

a2858d4d · Darby Frey · 3485d4d1 · a2858d4d · a2858d4d
Commit a2858d4d authored Jan 17, 2022 by Darby Frey
Hide whitespace changes
Inline Side-by-side

Showing with 17 additions and 3 deletions

lib/api/ci/secure_files.rb lib/api/ci/secure_files.rb +1 -1

spec/requests/api/ci/secure_files_spec.rb spec/requests/api/ci/secure_files_spec.rb +16 -2

No files found.
--- a/lib/api/ci/secure_files.rb
+++ b/lib/api/ci/secure_files.rb
@@ -57,7 +57,7 @@ module API
        params do
          requires :name, type: String, desc: 'The name of the file'
          requires :file, types: [Rack::Multipart::UploadedFile, ::API::Validations::Types::WorkhorseFile], desc: 'The secure file to be uploaded'
-          optional :permissions, type: String, desc: 'The file permissions'
+          optional :permissions, type: String, desc: 'The file permissions', default: 'read_only', values: %w[read_only read_write execute]
        end
        route_setting :authentication, basic_auth_personal_access_token: true, job_token_allowed: true

--- a/spec/requests/api/ci/secure_files_spec.rb
+++ b/spec/requests/api/ci/secure_files_spec.rb
@@ -117,7 +117,8 @@ RSpec.describe API::Ci::SecureFiles do
      it 'uploads and downloads a secure file' do
        post_params = {
          file: fixture_file_upload('spec/fixtures/ci_secure_files/upload-keystore.jks'),
-          name: 'upload-keystore.jks'
+          name: 'upload-keystore.jks',
+          permissions: 'read_write'
        }
        post api("/projects/#{project.id}/secure_files", user), params: post_params
@@ -159,7 +160,20 @@ RSpec.describe API::Ci::SecureFiles do
        expect(json_response['error']).to eq('name is missing')
      end
-      it 'retuns an error when an unexpected validation failure happens' do
+      it 'returns an error when an unexpected permission is supplied' do
+        post_params = {
+          file: fixture_file_upload('spec/fixtures/ci_secure_files/upload-keystore.jks'),
+          name: 'upload-keystore.jks',
+          permissions: 'foo'
+        }
+        post api("/projects/#{project.id}/secure_files", user), params: post_params
+        expect(response).to have_gitlab_http_status(:bad_request)
+        expect(json_response['error']).to eq('permissions does not have a valid value')
+      end
+      it 'returns an error when an unexpected validation failure happens' do
        allow_next_instance_of(Ci::SecureFile) do |instance|
          allow(instance).to receive(:valid?).and_return(false)
          allow(instance).to receive_message_chain(:errors, :any?).and_return(true)