Commit e5da0e50 authored by Bob Van Landuyt's avatar Bob Van Landuyt

Separate CE from EE logic

The `app/controllers/projects/boards_controller.rb` is identical to
the CE version by doing this.

I've split up the `spec/controllers/projects/boards_spec.rb` into the
logic that is on CE en what is on EE. However, they have diverged. So
they are likely (however less than before) to cause conflicts in the
future.

We'd need to move the EE specific spec logic for
`Projects::BoardsController#index` & `Projects::BoardsController#show`
into `spec/controllers/ee/projects/boards_controller.rb` however, some
of the tests in EE have been improved, so those improvements would
need to be ported to CE.
parent 07016077
module EE
module Projects
module BoardsController
extend ActiveSupport::Concern
prepended do
before_action :authorize_admin_board!, only: [:create, :update, :destroy]
before_action :find_board, only: [:update, :destroy]
end
def create
board = ::Boards::CreateService.new(project, current_user, board_params).execute
respond_to do |format|
format.json do
if board.valid?
render json: serialize_as_json(board)
else
render json: board.errors, status: :unprocessable_entity
end
end
end
end
def update
service = ::Boards::UpdateService.new(project, current_user, board_params)
service.execute(@board)
respond_to do |format|
format.json do
if @board.valid?
render json: serialize_as_json(@board)
else
render json: @board.errors, status: :unprocessable_entity
end
end
end
end
def destroy
service = ::Boards::DestroyService.new(project, current_user)
service.execute(@board)
respond_to do |format|
format.html { redirect_to project_boards_path(@project), status: 302 }
end
end
private
def authorize_admin_board!
return render_404 unless can?(current_user, :admin_board, project)
end
def board_params
params.require(:board).permit(:name, :milestone_id)
end
def find_board
@board = project.boards.find(params[:id])
end
def serialize_as_json(resource)
resource.as_json(
only: [:id, :name],
include: {
milestone: { only: [:id, :title] }
}
)
end
end
end
end
class Projects::BoardsController < Projects::ApplicationController class Projects::BoardsController < Projects::ApplicationController
prepend EE::Projects::BoardsController
include IssuableCollections include IssuableCollections
before_action :authorize_read_board!, only: [:index, :show] before_action :authorize_read_board!, only: [:index, :show]
before_action :authorize_admin_board!, only: [:create, :update, :destroy]
before_action :find_board, only: [:show, :update, :destroy]
def index def index
@boards = ::Boards::ListService.new(project, current_user).execute @boards = ::Boards::ListService.new(project, current_user).execute
...@@ -17,77 +16,23 @@ class Projects::BoardsController < Projects::ApplicationController ...@@ -17,77 +16,23 @@ class Projects::BoardsController < Projects::ApplicationController
end end
def show def show
respond_to do |format| @board = project.boards.find(params[:id])
format.html
format.json do
render json: serialize_as_json(@board)
end
end
end
def create
board = ::Boards::CreateService.new(project, current_user, board_params).execute
respond_to do |format|
format.json do
if board.valid?
render json: serialize_as_json(board)
else
render json: board.errors, status: :unprocessable_entity
end
end
end
end
def update
service = ::Boards::UpdateService.new(project, current_user, board_params)
service.execute(@board)
respond_to do |format| respond_to do |format|
format.html
format.json do format.json do
if @board.valid?
render json: serialize_as_json(@board) render json: serialize_as_json(@board)
else
render json: @board.errors, status: :unprocessable_entity
end
end end
end end
end end
def destroy
service = ::Boards::DestroyService.new(project, current_user)
service.execute(@board)
respond_to do |format|
format.html { redirect_to project_boards_path(@project), status: 302 }
end
end
private private
def authorize_admin_board!
return render_404 unless can?(current_user, :admin_board, project)
end
def authorize_read_board! def authorize_read_board!
return render_404 unless can?(current_user, :read_board, project) return access_denied! unless can?(current_user, :read_board, project)
end
def board_params
params.require(:board).permit(:name, :milestone_id)
end
def find_board
@board = project.boards.find(params[:id])
end end
def serialize_as_json(resource) def serialize_as_json(resource)
resource.as_json( resource.as_json(only: [:id])
only: [:id, :name],
include: {
milestone: { only: [:id, :title] }
}
)
end end
end end
require 'spec_helper'
describe Projects::BoardsController do # rubocop:disable RSpec/FilePath
let(:project) { create(:empty_project) }
let(:user) { create(:user) }
before do
project.team << [user, :master]
sign_in(user)
end
describe 'GET index' do
it 'returns a list of project boards including milestones' do
create(:board, project: project, milestone: create(:milestone, project: project))
create(:board, project: project, milestone_id: Milestone::Upcoming.id)
list_boards format: :json
parsed_response = JSON.parse(response.body)
expect(response).to match_response_schema('boards')
expect(parsed_response.length).to eq 2
end
def list_boards(format: :html)
get :index, namespace_id: project.namespace,
project_id: project,
format: format
end
end
describe 'POST create' do
context 'with valid params' do
it 'returns a successful 200 response' do
create_board name: 'Backend'
expect(response).to have_http_status(200)
end
it 'returns the created board' do
create_board name: 'Backend'
expect(response).to match_response_schema('board')
end
end
context 'with invalid params' do
it 'returns an unprocessable entity 422 response' do
create_board name: nil
expect(response).to have_http_status(422)
end
end
context 'with unauthorized user' do
before do
allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
allow(Ability).to receive(:allowed?).with(user, :admin_board, project).and_return(false)
end
it 'returns a not found 404 response' do
create_board name: 'Backend'
expect(response.content_type).to eq 'application/json'
expect(response).to have_http_status(404)
end
end
def create_board(name:)
post :create, namespace_id: project.namespace.to_param,
project_id: project.to_param,
board: { name: name },
format: :json
end
end
describe 'PATCH update' do
let(:board) { create(:board, project: project, name: 'Backend') }
context 'with valid params' do
it 'returns a successful 200 response' do
update_board board: board, name: 'Frontend'
expect(response).to have_http_status(200)
end
it 'returns the updated board' do
update_board board: board, name: 'Frontend'
expect(response).to match_response_schema('board')
end
end
context 'with invalid params' do
it 'returns an unprocessable entity 422 response' do
update_board board: board, name: nil
expect(response).to have_http_status(422)
end
end
context 'with invalid board id' do
it 'returns a not found 404 response' do
update_board board: 999, name: 'Frontend'
expect(response).to have_http_status(404)
end
end
context 'with unauthorized user' do
before do
allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
allow(Ability).to receive(:allowed?).with(user, :admin_board, project).and_return(false)
end
it 'returns a not found 404 response' do
update_board board: board, name: 'Backend'
expect(response.content_type).to eq 'application/json'
expect(response).to have_http_status(404)
end
end
def update_board(board:, name:)
patch :update, namespace_id: project.namespace.to_param,
project_id: project.to_param,
id: board.to_param,
board: { name: name },
format: :json
end
end
describe 'DELETE destroy' do
let!(:boards) { create_pair(:board, project: project) }
let(:board) { project.boards.first }
context 'with valid board id' do
it 'redirects to the issue boards page' do
remove_board board: board
expect(response).to redirect_to(project_boards_path(project))
end
it 'removes board from project' do
expect { remove_board board: board }.to change(project.boards, :size).by(-1)
end
end
context 'with invalid board id' do
it 'returns a not found 404 response' do
remove_board board: 999
expect(response).to have_http_status(404)
end
end
context 'with unauthorized user' do
before do
allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
allow(Ability).to receive(:allowed?).with(user, :admin_board, project).and_return(false)
end
it 'returns a not found 404 response' do
remove_board board: board
expect(response).to have_http_status(404)
end
end
def remove_board(board:)
delete :destroy, namespace_id: project.namespace.to_param,
project_id: project.to_param,
id: board.to_param,
format: :html
end
end
end
...@@ -137,150 +137,4 @@ describe Projects::BoardsController do ...@@ -137,150 +137,4 @@ describe Projects::BoardsController do
format: format format: format
end end
end end
describe 'POST create' do
context 'with valid params' do
it 'returns a successful 200 response' do
create_board name: 'Backend'
expect(response).to have_http_status(200)
end
it 'returns the created board' do
create_board name: 'Backend'
expect(response).to match_response_schema('board')
end
end
context 'with invalid params' do
it 'returns an unprocessable entity 422 response' do
create_board name: nil
expect(response).to have_http_status(422)
end
end
context 'with unauthorized user' do
before do
allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
allow(Ability).to receive(:allowed?).with(user, :admin_board, project).and_return(false)
end
it 'returns a not found 404 response' do
create_board name: 'Backend'
expect(response.content_type).to eq 'application/json'
expect(response).to have_http_status(404)
end
end
def create_board(name:)
post :create, namespace_id: project.namespace.to_param,
project_id: project.to_param,
board: { name: name },
format: :json
end
end
describe 'PATCH update' do
let(:board) { create(:board, project: project, name: 'Backend') }
context 'with valid params' do
it 'returns a successful 200 response' do
update_board board: board, name: 'Frontend'
expect(response).to have_http_status(200)
end
it 'returns the updated board' do
update_board board: board, name: 'Frontend'
expect(response).to match_response_schema('board')
end
end
context 'with invalid params' do
it 'returns an unprocessable entity 422 response' do
update_board board: board, name: nil
expect(response).to have_http_status(422)
end
end
context 'with invalid board id' do
it 'returns a not found 404 response' do
update_board board: 999, name: 'Frontend'
expect(response).to have_http_status(404)
end
end
context 'with unauthorized user' do
before do
allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
allow(Ability).to receive(:allowed?).with(user, :admin_board, project).and_return(false)
end
it 'returns a not found 404 response' do
update_board board: board, name: 'Backend'
expect(response.content_type).to eq 'application/json'
expect(response).to have_http_status(404)
end
end
def update_board(board:, name:)
patch :update, namespace_id: project.namespace.to_param,
project_id: project.to_param,
id: board.to_param,
board: { name: name },
format: :json
end
end
describe 'DELETE destroy' do
let!(:boards) { create_pair(:board, project: project) }
let(:board) { project.boards.first }
context 'with valid board id' do
it 'redirects to the issue boards page' do
remove_board board: board
expect(response).to redirect_to(project_boards_path(project))
end
it 'removes board from project' do
expect { remove_board board: board }.to change(project.boards, :size).by(-1)
end
end
context 'with invalid board id' do
it 'returns a not found 404 response' do
remove_board board: 999
expect(response).to have_http_status(404)
end
end
context 'with unauthorized user' do
before do
allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
allow(Ability).to receive(:allowed?).with(user, :admin_board, project).and_return(false)
end
it 'returns a not found 404 response' do
remove_board board: board
expect(response).to have_http_status(404)
end
end
def remove_board(board:)
delete :destroy, namespace_id: project.namespace.to_param,
project_id: project.to_param,
id: board.to_param,
format: :html
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment