Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Tatuya Kamada
gitlab-ce
Commits
1d778228
Commit
1d778228
authored
Mar 18, 2016
by
Zeger-Jan van de Weg
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
minor improvements and fixed specs
parent
7342a456
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
34 additions
and
29 deletions
+34
-29
lib/api/helpers.rb
lib/api/helpers.rb
+1
-3
lib/api/issues.rb
lib/api/issues.rb
+2
-1
lib/api/merge_requests.rb
lib/api/merge_requests.rb
+2
-2
spec/controllers/projects/merge_requests_controller_spec.rb
spec/controllers/projects/merge_requests_controller_spec.rb
+1
-1
spec/requests/api/issues_spec.rb
spec/requests/api/issues_spec.rb
+15
-13
spec/requests/api/merge_requests_spec.rb
spec/requests/api/merge_requests_spec.rb
+13
-9
No files found.
lib/api/helpers.rb
View file @
1d778228
...
...
@@ -118,9 +118,7 @@ module API
end
def
authorize!
(
action
,
subject
)
unless
abilities
.
allowed?
(
current_user
,
action
,
subject
)
forbidden!
end
forbidden!
unless
abilities
.
allowed?
(
current_user
,
action
,
subject
)
end
def
authorize_push_project
...
...
lib/api/issues.rb
View file @
1d778228
...
...
@@ -200,7 +200,8 @@ module API
# DELETE /projects/:id/issues/:issue_id
delete
":id/issues/:issue_id"
do
issue
=
user_project
.
issues
.
find
(
params
[
:issue_id
])
!
JLJsdf
sdfijsf
current_user
.
can?
(
:remove_issue
,
issue
)
authorize!
(
:remove_issue
,
issue
)
issue
=
user_project
.
issues
.
find
(
params
[
:issue_id
])
issue
.
destroy
...
...
lib/api/merge_requests.rb
View file @
1d778228
...
...
@@ -106,9 +106,9 @@ module API
# id (required) - The ID of the project
# merge_request_id (required) - The MR id
delete
":id/merge_requests/:merge_request_id"
do
authenticated_as_admin!
merge_request
=
user_project
.
merge_requests
.
find
(
params
[
:merge_request_id
])
authorize!
(
:remove_merge_request
,
merge_request
)
merge_request
.
destroy
present
merge_request
,
with:
Entities
::
MergeRequest
...
...
spec/controllers/projects/merge_requests_controller_spec.rb
View file @
1d778228
...
...
@@ -164,7 +164,7 @@ describe Projects::MergeRequestsController do
expect
(
response
.
status
).
to
eq
404
end
context
"user is an admin"
do
context
"user is an admin
or owner
"
do
before
do
user
.
admin
=
true
user
.
save
...
...
spec/requests/api/issues_spec.rb
View file @
1d778228
...
...
@@ -2,12 +2,12 @@ require 'spec_helper'
describe
API
::
API
,
api:
true
do
include
ApiHelpers
let
(
:user
)
{
create
(
:user
)
}
let
(
:non_member
)
{
create
(
:user
)
}
let
(
:author
)
{
create
(
:author
)
}
let
(
:assignee
)
{
create
(
:assignee
)
}
let
(
:admin
)
{
create
(
:admin
)
}
let!
(
:project
)
{
create
(
:project
,
:public
,
namespace:
user
.
namespace
)
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:non_member
)
{
create
(
:user
)
}
let
(
:author
)
{
create
(
:author
)
}
let
(
:assignee
)
{
create
(
:assignee
)
}
let
(
:admin
)
{
create
(
:user
,
:admin
)
}
let!
(
:project
)
{
create
(
:project
,
:public
,
namespace:
user
.
namespace
)
}
let!
(
:closed_issue
)
do
create
:closed_issue
,
author:
user
,
...
...
@@ -469,16 +469,18 @@ describe API::API, api: true do
end
describe
"DELETE /projects/:id/issues/:issue_id"
do
it
"should reject
non admins for
m deleting an issue"
do
delete
api
(
"/projects/
#{
project
.
id
}
/issues/
#{
issue
.
id
}
"
,
us
er
)
expect
(
response
.
status
).
to
eq
(
403
)
it
"should reject
a non member fro
m deleting an issue"
do
delete
api
(
"/projects/
#{
project
.
id
}
/issues/
#{
issue
.
id
}
"
,
non_memb
er
)
expect
(
response
.
status
).
to
be
(
403
)
end
it
"deletes the issue if an admin requests it"
do
user
.
admin
=
true
user
.
save
it
"should reject a developer from deleting an issue"
do
delete
api
(
"/projects/
#{
project
.
id
}
/issues/
#{
issue
.
id
}
"
,
author
)
expect
(
response
.
status
).
to
be
(
403
)
end
delete
api
(
"/projects/
#{
project
.
id
}
/issues/
#{
issue
.
id
}
"
,
user
)
it
"deletes the issue if an admin requests it"
do
delete
api
(
"/projects/
#{
project
.
id
}
/issues/
#{
issue
.
id
}
"
,
admin
)
expect
(
response
.
status
).
to
eq
(
200
)
expect
(
json_response
[
'state'
]).
to
eq
'opened'
end
...
...
spec/requests/api/merge_requests_spec.rb
View file @
1d778228
...
...
@@ -3,8 +3,10 @@ require "spec_helper"
describe
API
::
API
,
api:
true
do
include
ApiHelpers
let
(
:base_time
)
{
Time
.
now
}
let
(
:user
)
{
create
(
:user
)
}
let!
(
:project
)
{
create
(
:project
,
creator_id:
user
.
id
,
namespace:
user
.
namespace
)
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:admin
)
{
create
(
:user
,
:admin
)
}
let
(
:non_member
)
{
create
(
:user
)
}
let!
(
:project
)
{
create
(
:project
,
creator_id:
user
.
id
,
namespace:
user
.
namespace
)
}
let!
(
:merge_request
)
{
create
(
:merge_request
,
:simple
,
author:
user
,
assignee:
user
,
source_project:
project
,
target_project:
project
,
title:
"Test"
,
created_at:
base_time
)
}
let!
(
:merge_request_closed
)
{
create
(
:merge_request
,
state:
"closed"
,
author:
user
,
assignee:
user
,
source_project:
project
,
target_project:
project
,
title:
"Closed test"
,
created_at:
base_time
+
1
.
second
)
}
let!
(
:merge_request_merged
)
{
create
(
:merge_request
,
state:
"merged"
,
author:
user
,
assignee:
user
,
source_project:
project
,
target_project:
project
,
title:
"Merged test"
,
created_at:
base_time
+
2
.
seconds
)
}
...
...
@@ -316,21 +318,23 @@ describe API::API, api: true do
end
describe
"DELETE /projects/:id/merge_request/:merge_request_id"
do
it
"
rejects non admin users from deletions
"
do
it
"
owners can destroy
"
do
delete
api
(
"/projects/
#{
project
.
id
}
/merge_requests/
#{
merge_request
.
id
}
"
,
user
)
expect
(
response
.
status
).
to
eq
(
403
)
expect
(
response
.
status
).
to
eq
(
200
)
end
it
"let's Admins delete a merge request"
do
user
.
admin
=
true
user
.
save
delete
api
(
"/projects/
#{
project
.
id
}
/merge_requests/
#{
merge_request
.
id
}
"
,
user
)
it
"let's Admins and owners delete a merge request"
do
delete
api
(
"/projects/
#{
project
.
id
}
/merge_requests/
#{
merge_request
.
id
}
"
,
admin
)
expect
(
response
.
status
).
to
eq
(
200
)
expect
(
json_response
[
'id'
]).
to
eq
merge_request
.
id
end
it
"rejects removal from other users"
do
delete
api
(
"/projects/
#{
project
.
id
}
/merge_requests/
#{
merge_request
.
id
}
"
,
non_member
)
expect
(
response
.
status
).
to
eq
(
404
)
end
end
describe
"PUT /projects/:id/merge_requests/:merge_request_id to close MR"
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment