Merge pull request #198 from abf/rosa-build:105-pull_requests_api

#105 pull requests api && fixes issues api
This commit is contained in:
avokhmin 2013-07-01 12:46:58 +04:00
commit 5195f5ec0b
16 changed files with 581 additions and 42 deletions

1
.gitignore vendored
View File

@ -20,3 +20,4 @@ crash.log
config/newrelic.yml
config/deploy/*.rb
config/deploy.rb
*.swo

View File

@ -3,11 +3,11 @@ class Api::V1::IssuesController < Api::V1::BaseController
respond_to :json
before_filter :authenticate_user!
skip_before_filter :authenticate_user!, :only => [:show] if APP_CONFIG['anonymous_access']
skip_before_filter :authenticate_user!, :only => [:index, :group_index, :show] if APP_CONFIG['anonymous_access']
load_resource :group, :only => :group_index, :find_by => :id, :parent => false
load_resource :project
load_and_authorize_resource :issue, :through => :project, :find_by => :serial_id, :only => [:show, :update, :destroy, :create, :index]
load_and_authorize_resource :group, :only => :group_index, :find_by => :id, :parent => false
load_and_authorize_resource :project
load_and_authorize_resource :issue, :through => :project, :find_by => :serial_id, :only => [:show, :update, :create, :index]
def index
@issues = @project.issues
@ -15,20 +15,20 @@ class Api::V1::IssuesController < Api::V1::BaseController
end
def all_index
project_ids = get_all_project_ids Project.accessible_by(current_ability, :membered).uniq.pluck(:id)
project_ids = get_all_project_ids Project.accessible_by(current_ability, :membered).pluck(:id)
@issues = Issue.where('issues.project_id IN (?)', project_ids)
render_issues_list
end
def user_index
project_ids = get_all_project_ids current_user.projects.select('distinct projects.id').pluck(:id)
project_ids = get_all_project_ids current_user.projects.pluck(:id)
@issues = Issue.where('issues.project_id IN (?)', project_ids)
render_issues_list
end
def group_index
project_ids = @group.projects.select('distinct projects.id').pluck(:id)
project_ids = Project.accessible_by(current_ability, :membered).where(:id => project_ids).uniq.pluck(:id)
project_ids = @group.projects.pluck(:id)
project_ids = Project.accessible_by(current_ability, :membered).where(:id => project_ids).pluck(:id)
@issues = Issue.where(:project_id => project_ids)
render_issues_list
end
@ -42,11 +42,18 @@ class Api::V1::IssuesController < Api::V1::BaseController
end
def update
update_subject @issue
unless can?(:write, @project)
params.delete :update_labels
[:assignee_id, :labelings, :labelings_attributes].each do |k|
params[:issue].delete k
end if params[:issue]
end
def destroy
destroy_subject @issue
@issue.labelings.destroy_all if params[:update_labels]
if params[:issue] && status = params[:issue].delete(:status)
@issue.set_close(current_user) if status == 'closed'
@issue.set_open if status == 'open'
end
update_subject @issue
end
private
@ -92,7 +99,7 @@ class Api::V1::IssuesController < Api::V1::BaseController
@issues = @issues.order("#{sort} #{direction}")
@issues = @issues.where('issues.created_at >= to_timestamp(?)', params[:since]) if params[:since] =~ /\A\d+\z/
@issues.paginate(paginate_params)
@issues = @issues.paginate(paginate_params)
render :index
end
@ -101,7 +108,7 @@ class Api::V1::IssuesController < Api::V1::BaseController
if ['created', 'all'].include? params[:filter]
# add own issues
project_ids = Project.accessible_by(current_ability, :show).joins(:issues).
where(:issues => {:user_id => current_user.id}).uniq.pluck('projects.id')
where(:issues => {:user_id => current_user.id}).pluck('projects.id')
end
project_ids |= default_project_ids
end

View File

@ -0,0 +1,168 @@
# -*- encoding : utf-8 -*-
class Api::V1::PullRequestsController < Api::V1::BaseController
respond_to :json
before_filter :authenticate_user!
skip_before_filter :authenticate_user!, :only => [:show, :index, :group_index, :commits, :files] if APP_CONFIG['anonymous_access']
load_resource :group, :only => :group_index, :find_by => :id, :parent => false
load_resource :project
load_resource :issue, :through => :project, :find_by => :serial_id, :parent => false, :only => [:show, :index, :commits, :files, :merge, :update]
load_and_authorize_resource :instance_name => :pull, :through => :issue, :singleton => true, :only => [:show, :index, :commits, :files, :merge, :update]
def index
@pulls = @project.pull_requests
@pulls_url = api_v1_project_pull_requests_path(@project, :format => :json)
render_pulls_list
end
def all_index
project_ids = get_all_project_ids Project.accessible_by(current_ability, :membered).pluck(:id)
@pulls = PullRequest.where('pull_requests.to_project_id IN (?)', project_ids)
@pulls_url = api_v1_pull_requests_path :format => :json
render_pulls_list
end
def user_index
project_ids = get_all_project_ids current_user.projects.pluck(:id)
@pulls = PullRequest.where('pull_requests.to_project_id IN (?)', project_ids)
@pulls_url = pull_requests_api_v1_user_path :format => :json
render_pulls_list
end
def group_index
project_ids = @group.projects.pluck(:id)
project_ids = Project.accessible_by(current_ability, :membered).where(:id => project_ids).pluck(:id)
@pulls = PullRequest.where(:to_project_id => project_ids)
@pulls_url = pull_requests_api_v1_group_path
render_pulls_list
end
def show
end
def create
from_project = Project.find(pull_params[:from_project]) if pull_params.try('[]', :from_project).present?
from_project ||= @project
authorize! :read, from_project
@pull = @project.pull_requests.new
@pull.build_issue :title => pull_params[:title], :body => pull_params[:body]
@pull.from_project = @project
@pull.to_ref, @pull.from_ref = pull_params[:to_ref], pull_params[:from_ref]
@pull.issue.assignee_id = pull_params[:assignee_id] if can?(:write, @project)
@pull.issue.user, @pull.issue.project = current_user, @project
render_validation_error(@pull, "#{@pull.class.name} has not been created") && return unless @pull.valid?
@pull.save # set pull id
@pull.check(false) # don't make event transaction
if @pull.already?
@pull.destroy
error_message = I18n.t('projects.pull_requests.up_to_date', :to_ref => @pull.to_ref, :from_ref => @pull.from_ref)
render_json_response(@pull, error_message, 422)
else
@pull.send(@pull.status == 'blocked' ? 'block' : @pull.status)
render_json_response @pull, "#{@pull.class.name} has been created successfully"
end
end
def update
@pull = @project.pull_requests.includes(:issue).where(:issues => {:serial_id => params[:id]}).first
authorize! :update, @pull
if pull_params.present?
attrs = pull_params.slice(:title, :body)
attrs.merge(:assignee_id => pull_params[:assignee_id]) if can?(:write, @project)
if (action = pull_params[:status]) && %w(close reopen).include?(pull_params[:status])
if @pull.send("can_#{action}?")
@pull.set_user_and_time current_user
need_check = true if action == 'reopen'
end
end
end
class_name = @pull.class.name
if @pull.issue.update_attributes(attrs)
@pull.send(action) if action.present?
@pull.check if need_check
render_json_response @pull, "#{class_name} has been updated successfully"
else
render_validation_error @pull, "#{class_name} has not been updated"
end
end
def commits
@commits = @pull.repo.commits_between(@pull.to_commit, @pull.from_commit).paginate(paginate_params)
end
def files
@stats = @pull.diff_stats.zip(@pull.diff).paginate(paginate_params)
end
def merge
class_name = @pull.class.name
if @pull.merge!(current_user)
render_json_response @pull, "#{class_name} has been merged successfully"
else
render_validation_error @pull, "#{class_name} has not been merged"
end
end
private
def render_pulls_list
@pulls = @pulls.includes(:issue => [:user, :assignee])
if params[:status] == 'closed'
@pulls = @pulls.closed_or_merged
else
@pulls = @pulls.not_closed_or_merged
end
if action_name == 'index' && params[:assignee].present?
case params[:assignee]
when 'none'
@pulls = @pulls.where('issues.assigned_id IS NULL')
when '*'
@pulls = @pulls.where('issues.assigned_id IS NOT NULL')
else
@pulls = @pulls.where('assignees_issues.uname = ?', params[:assignee])
end
end
if %w[all_index user_index group_index].include?(action_name)
case params[:filter]
when 'created'
@pulls = @pulls.where('issues.user_id = ?', current_user.id)
when 'all'
else
@pulls = @pulls.where('issues.assignee_id = ?', current_user.id)
end
else
@pulls.where('users.uname = ?', params[:creator]) if params[:creator].present?
end
sort = params[:sort] == 'updated' ? 'issues.updated_at' : 'issues.created_at'
direction = params[:direction] == 'asc' ? 'ASC' : 'DESC'
@pulls = @pulls.order("#{sort} #{direction}")
@pulls = @pulls.where('issues.created_at >= to_timestamp(?)', params[:since]) if params[:since] =~ /\A\d+\z/
@pulls = @pulls.paginate(paginate_params)
render :index
end
def get_all_project_ids default_project_ids
project_ids = []
if ['created', 'all'].include? params[:filter]
# add own pulls
project_ids = Project.accessible_by(current_ability, :show).joins(:issues).
where(:issues => {:user_id => current_user.id}).pluck('projects.id')
end
project_ids |= default_project_ids
end
def pull_params
@pull_params ||= params[:pull_request] || {}
end
end

View File

@ -78,7 +78,6 @@ class Projects::PullRequestsController < Projects::BaseController
end
def merge
@pull.check
unless @pull.merge!(current_user)
flash.now[:error] = t('flash.pull_request.save_error')
flash.now[:warning] = @pull.errors.full_messages.join('. ')

View File

@ -17,7 +17,7 @@ class Ability
can :get_id, Project, :visibility => 'open' # api
can :archive, Project, :visibility => 'open'
can :read, Issue, :project => {:visibility => 'open'}
can :read, PullRequest, :to_project => {:visibility => 'open'}
can [:read, :commits, :files], PullRequest, :to_project => {:visibility => 'open'}
can :search, BuildList
can [:read, :log, :everything], BuildList, :project => {:visibility => 'open'}
can [:read, :log], ProductBuildList#, :product => {:platform => {:visibility => 'open'}} # double nested hash don't work
@ -140,11 +140,12 @@ class Ability
can(:update, Issue) {|issue| issue.user_id == user.id or local_admin?(issue.project)}
cannot :manage, Issue, :project => {:has_issues => false} # switch off issues
can :read, PullRequest, :to_project => {:owner_type => 'User', :owner_id => user.id}
can :read, PullRequest, :to_project => {:owner_type => 'Group', :owner_id => user.group_ids}
can(:read, PullRequest, read_relations_for('pull_requests', 'to_projects')) {|pull| can? :read, pull.to_project rescue nil}
can [:read, :commits, :files], PullRequest, :to_project => {:owner_type => 'User', :owner_id => user.id}
can [:read, :commits, :files], PullRequest, :to_project => {:owner_type => 'Group', :owner_id => user.group_ids}
can([:read, :commits, :files], PullRequest, read_relations_for('pull_requests', 'to_projects')) {|pull| can? :read, pull.to_project}
can :create, PullRequest
can([:update, :merge], PullRequest) {|pull| pull.user_id == user.id or local_admin?(pull.to_project)}
can(:update, PullRequest) {|pull| pull.user_id == user.id or local_admin?(pull.to_project)}
can(:merge, PullRequest) {|pull| local_admin?(pull.to_project)}
can([:create, :new_line], Comment) {|comment| can? :read, comment.project}
can([:update, :destroy], Comment) {|comment| comment.user == user or comment.project.owner == user or local_admin?(comment.project)}

View File

@ -20,6 +20,8 @@ class PullRequest < ActiveRecord::Base
attr_accessible :issue_attributes, :to_ref, :from_ref
scope :needed_checking, includes(:issue).where(:issues => {:status => ['open', 'blocked', 'ready']})
scope :not_closed_or_merged, needed_checking
scope :closed_or_merged, where(:issues => {:status => ['closed', 'merged']})
state_machine :status, :initial => :open do
event :ready do

View File

@ -0,0 +1,24 @@
json.number pull.serial_id
json.(pull, :title, :status)
json.to_ref do |json_ref|
json_ref.ref pull.to_ref
json_ref.sha pull.to_commit.id
json_ref.project do |json_project|
json_project.partial! 'api/v1/projects/project', :project => pull.to_project, :json => json
end
end
json.from_ref do |json_ref|
json_ref.ref pull.from_ref
json_ref.sha pull.from_commit.id
json_ref.project do |json_project|
json_project.partial! 'api/v1/projects/project', :project => pull.from_project, :json => json
end
end
json.partial! 'api/v1/shared/owner', :owner => pull.user
json.assignee do |json_assignee|
json.partial! 'api/v1/shared/member', :member => pull.issue.assignee, :tag => json_assignee
end if pull.issue.assignee
json.mergeable pull.can_merging?
json.merged_at pull.issue.closed_at.to_i if pull.merged?
json.url api_v1_project_pull_request_path(pull.to_project.id, pull.id, :format => :json)

View File

@ -0,0 +1,25 @@
json.commits @commits do |json_commit, commit|
json_commit.sha commit.id
json_commit.https_url commit_path(@project, commit.id)
json.author do |json_author|
json_author.name commit.author.name
json_author.email commit.author.email
json_author.date commit.authored_date.to_i
end
json.committer do |json_committer|
json_committer.name commit.committer.name
json_committer.email commit.committer.email
json_committer.date commit.committed_date.to_i
end
json.message commit.message
json.tree do |json_tree|
json_tree.sha commit.id
json_tree.https_url commit_path(@project, commit.id)
end
json.parents commit.parents do |json, parent|
json.sha parent.id
json.https_url commit_path(@project, parent.id)
end
end
json.url commits_api_v1_project_pull_request_path(:format => :json)

View File

@ -0,0 +1,24 @@
json.files @stats do |json_stat, stat|
fstat, diff = stat
commit_id = diff.deleted_file ? @pull.to_commit.id : @pull.from_commit.id
json_stat.sha commit_id
json_stat.filename diff.b_path
status = case
when diff.new_file
'added'
when diff.deleted_file
'deleted'
when diff.renamed_file
'renamed'
else
'modified'
end
json_stat.status status
json_stat.additions fstat.additions
json_stat.deletions fstat.deletions
json_stat.changes fstat.additions + fstat.deletions
json_stat.blob_https_url blob_path(@project, commit_id, diff.b_path)
json_stat.raw_https_url raw_path(@project, commit_id, diff.b_path)
end
json.url files_api_v1_project_pull_request_path(:format => :json)

View File

@ -0,0 +1,5 @@
json.pull_requests @pulls do |json, pull|
json.partial! 'pull', :pull => pull, :json => json
end
json.url @pulls_url

View File

@ -0,0 +1,13 @@
json.issue do |json|
json.partial! 'pull', :pull => @pull, :json => json
json.body @pull.body
json.closed_at pull.issue.closed_at.to_i if @pull.merged? || @pull.closed?
json.closed_by do |json_user|
json.partial! 'api/v1/shared/member', :member => @pull.issue.closer, :tag => json_user
end if @pull.issue.closer
json.merged_by do |json_user|
json.partial! 'api/v1/shared/member', :member => @pull.issue.closer, :tag => json_user
end if @pull.merged?
json.created_at @pull.issue.created_at.to_i
json.updated_at @pull.issue.updated_at.to_i
end

View File

@ -2,8 +2,7 @@
.file
%a{:name => "diff-#{pull_diff_counter}"}
.top
.l= h(pull_diff.renamed_file ? "#{pull_diff.a_path.rtruncate 60} -> #{pull_diff.b_path.rtruncate 60}" : pull_diff.a_path.rtruncate(120))
- if pull_diff.b_path.present?
.l= h(pull_diff.renamed_file ? "#{pull_diff.a_path.rtruncate 60}=>#{pull_diff.b_path.rtruncate 60}" : pull_diff.b_path.rtruncate(120))
.r= link_to "view file @ #{short_hash_id(commit_id)}", blob_path(@project, commit_id, pull_diff.b_path)
.clear
-if pull_diff.diff.present? && !(@pull.repo.tree(commit_id) / pull_diff.b_path).binary?

View File

@ -2,3 +2,5 @@
APP_CONFIG = YAML.load_file("#{Rails.root}/config/application.yml")[Rails.env]
# Remove '/' from the end of url
APP_CONFIG.keys.select {|key| key =~ /_url\Z/}.each {|key| APP_CONFIG[key] = APP_CONFIG[key].chomp('/') if APP_CONFIG[key].respond_to?(:chomp)}
# Paginates a static array
require 'will_paginate/array'

View File

@ -59,6 +59,13 @@ Rosa::Application.routes.draw do
}
resources :build_lists, :only => :index
resources :issues, :only => [:index, :create, :show, :update]
resources :pull_requests, :only => [:index, :create, :show, :update] do
member {
get :commits
get :files
put :merge
}
end
end
resources :users, :only => [:show]
get 'user' => 'users#show_current_user'
@ -67,6 +74,7 @@ Rosa::Application.routes.draw do
get :notifiers
put :notifiers
get '/issues' => 'issues#user_index'
get '/pull_requests' => 'pull_requests#user_index'
}
end
resources :groups, :only => [:index, :show, :update, :create, :destroy] do
@ -76,6 +84,7 @@ Rosa::Application.routes.draw do
delete :remove_member
put :update_member
get '/issues' => 'issues#group_index'
get '/pull_requests' => 'pull_requests#group_index'
}
end
resources :products, :only => [:show, :update, :create, :destroy] do
@ -86,6 +95,7 @@ Rosa::Application.routes.draw do
end
#resources :ssh_keys, :only => [:index, :create, :destroy]
get 'issues' => 'issues#all_index'
get 'pull_requests' => 'pull_requests#all_index'
end
end
@ -271,7 +281,7 @@ Rosa::Application.routes.draw do
match 'compare/:versions' => 'wiki#compare', :versions => /([a-f0-9\^]{6,40})(\.\.\.[a-f0-9\^]{6,40})/, :as => :compare_versions, :via => :get
end
end
resources :issues, :except => :edit do
resources :issues, :except => [:destroy, :edit] do
resources :comments, :only => [:edit, :create, :update, :destroy]
resources :subscribes, :only => [:create, :destroy]
collection do

View File

@ -73,10 +73,9 @@ describe Api::V1::IssuesController do
end
it 'should return only assigned issue' do
http_login(@issue.user)
get :user_index, :format => :json
assigns[:issues].should include(@own_hidden_issue)
assigns[:issues].count.should == 1
assigns[:issues].should have(1).item
end
it 'should render right template for user index action' do
@ -107,42 +106,32 @@ describe Api::V1::IssuesController do
context 'for user' do
before(:each) do
http_login(@issue.user)
@count = Issue.count
end
it 'can create issue in own project' do
post :create, @create_params
Issue.count.should == @count+1
lambda { post :create, @create_params}.should change{ Issue.count }.by(1)
end
it 'can create issue in own hidden project' do
post :create, @create_params.merge(:project_id => @own_hidden_project.id)
Issue.count.should == @count+1
lambda { post :create, @create_params.merge(:project_id => @own_hidden_project.id)}.should change{ Issue.count }.by(1)
end
it 'can create issue in open project' do
post :create, @create_params.merge(:project_id => @open_project.id)
Issue.count.should == @count+1
lambda { post :create, @create_params.merge(:project_id => @open_project.id)}.should change{ Issue.count }.by(1)
end
it 'cant create issue in hidden project' do
post :create, @create_params.merge(:project_id => @hidden_project.id)
Issue.count.should == @count
lambda { post :create, @create_params.merge(:project_id => @hidden_project.id)}.should change{ Issue.count }.by(0)
end
end
context 'for anonymous user' do
before(:each) do
@count = Issue.count
end
it 'cant create issue in project', :anonymous_access => true do
post :create, @create_params
Issue.count.should == @count
lambda { post :create, @create_params}.should change{ Issue.count }.by(0)
end
it 'cant create issue in hidden project', :anonymous_access => true do
post :create, @create_params.merge(:project_id => @hidden_project.id)
Issue.count.should == @count
lambda { post :create, @create_params.merge(:project_id => @hidden_project.id)}.should change{ Issue.count }.by(0)
end
end
end
@ -189,6 +178,7 @@ describe Api::V1::IssuesController do
end
end
end
after(:all) do
User.destroy_all
Platform.destroy_all

View File

@ -0,0 +1,269 @@
# -*- encoding : utf-8 -*-
require 'spec_helper'
def create_pull to_ref, from_ref, owner, project = @project
pull = project.pull_requests.new :issue_attributes => {:title => 'test', :body => 'testing'}
pull.issue.user, pull.issue.project = owner, pull.to_project
pull.to_ref, pull.from_ref, pull.from_project = to_ref, from_ref, project
pull.save; pull.check
pull
end
describe Api::V1::PullRequestsController do
before(:all) do
stub_symlink_methods
stub_redis
@project = FactoryGirl.create(:project_with_commit)
@pull = create_pull 'master', 'non_conflicts', @project.owner
@another_project = FactoryGirl.create(:project_with_commit)
@another_pull = create_pull 'master', 'non_conflicts', @another_project.owner, @another_project
@hidden_project = FactoryGirl.create(:project_with_commit)
@hidden_project.update_column :visibility, 'hidden'
@hidden_pull = create_pull 'master', 'non_conflicts', @hidden_project.owner, @hidden_project
@own_hidden_project = FactoryGirl.create(:project_with_commit, :owner => @project.owner)
@own_hidden_project.update_column :visibility, 'hidden'
@own_hidden_pull = create_pull 'master', 'non_conflicts', @own_hidden_project.owner, @own_hidden_project
@own_hidden_pull.issue.update_column :assignee_id, @project.owner.id
@membered_project = FactoryGirl.create(:project_with_commit)
@membered_pull = create_pull 'master', 'non_conflicts', @membered_project.owner, @membered_project
@membered_project.relations.create(:role => 'reader', :actor => @pull.user)
@create_params = {:pull_request => {:title => 'title', :body => 'body',
:from_ref => 'conflicts', :to_ref => 'master'},
:project_id => @project.id, :format => :json}
@update_params = {:pull_request => {:title => 'new title'},
:project_id => @project.id, :id => @pull.serial_id, :format => :json}
end
context 'read and accessible abilities' do
context 'for user' do
before(:each) do
http_login(@project.owner)
end
it 'can show pull request in own project' do
get :show, :project_id => @project.id, :id => @pull.serial_id, :format => :json
response.should be_success
end
it 'should render right template for show action' do
get :show, :project_id => @project.id, :id => @pull.serial_id, :format => :json
response.should render_template('api/v1/pull_requests/show')
end
it 'can show pull request in open project' do
get :show, :project_id => @another_project.id, :id => @another_pull.serial_id, :format => :json
response.should be_success
end
it 'can show pull request in own hidden project' do
get :show, :project_id => @own_hidden_project.id, :id => @own_hidden_pull.serial_id, :format => :json
response.should be_success
end
it 'cant show pull request in hidden project' do
get :show, :project_id => @hidden_project.id, :id => @hidden_pull.serial_id, :format => :json
response.status.should == 403
end
it 'should return three pull requests' do
get :all_index, :filter => 'all', :format => :json
assigns[:pulls].should include(@pull)
assigns[:pulls].should include(@own_hidden_pull)
assigns[:pulls].should include(@membered_pull)
end
it 'should render right template for all index action' do
get :all_index, :format => :json
response.should render_template('api/v1/pull_requests/index')
end
it 'should return only assigned pull request' do
get :user_index, :format => :json
assigns[:pulls].should include(@own_hidden_pull)
assigns[:pulls].should have(1).item
end
it 'should render right template for user index action' do
get :user_index, :format => :json
response.should render_template('api/v1/pull_requests/index')
end
%w(commits files).each do |action|
it "can show pull request #{action} in own project" do
get action, :project_id => @project.id, :id => @pull.serial_id, :format => :json
response.should be_success
end
it "should render right template for commits action" do
get action, :project_id => @project.id, :id => @pull.serial_id, :format => :json
response.should render_template("api/v1/pull_requests/#{action}")
end
it "can't show pull request #{action} in hidden project" do
get action, :project_id => @hidden_project.id, :id => @hidden_pull.serial_id, :format => :json
response.should_not be_success
end
end
end
context 'for anonymous user' do
it 'can show pull request in open project', :anonymous_access => true do
get :show, :project_id => @project.id, :id => @pull.serial_id, :format => :json
response.should be_success
end
it 'cant show pull request in hidden project', :anonymous_access => true do
@project.update_column :visibility, 'hidden'
get :show, :project_id => @project.id, :id => @pull.serial_id, :format => :json
response.status.should == 403
end
it 'should not return any pull requests' do
get :all_index, :filter => 'all', :format => :json
response.status.should == 401
end
%w(commits files).each do |action|
it "can show pull request #{action} in project" do
get action, :project_id => @project.id, :id => @pull.serial_id, :format => :json
response.should be_success
end
it "should render right template for commits action" do
get action, :project_id => @project.id, :id => @pull.serial_id, :format => :json
response.should render_template("api/v1/pull_requests/#{action}")
end
it "can't show pull request #{action} in hidden project" do
get action, :project_id => @hidden_project.id, :id => @hidden_pull.serial_id, :format => :json
response.should_not be_success
end
end
end
end
context 'create accessibility' do
context 'for user' do
before(:each) do
http_login(@pull.user)
end
it 'can create pull request in own project' do
lambda { post :create, @create_params }.should change{ PullRequest.count }.by(1)
end
it 'can create pull request in own hidden project' do
lambda { post :create, @create_params.merge(:project_id => @own_hidden_project.id) }.should
change{ PullRequest.count }.by(1)
end
it 'can create pull request in open project' do
lambda { post :create, @create_params.merge(:project_id => @another_project.id) }.should
change{ PullRequest.count }.by(1)
end
it 'cant create pull request in hidden project' do
lambda { post :create, @create_params.merge(:project_id => @hidden_project.id) }.should
change{ PullRequest.count }.by(0)
end
end
context 'for anonymous user' do
it 'cant create pull request in project', :anonymous_access => true do
lambda { post :create, @create_params }.should change{ PullRequest.count }.by(0)
end
it 'cant create pull request in hidden project', :anonymous_access => true do
lambda { post :create, @create_params.merge(:project_id => @hidden_project.id) }.should
change{ PullRequest.count }.by(0)
end
end
end
context 'update accessibility' do
context 'for user' do
before(:each) do
http_login(@project.owner)
end
it 'can update pull request in own project' do
put :update, @update_params
@pull.reload.title.should == 'new title'
end
it 'can update pull request in own hidden project' do
put :update, @update_params.merge(:project_id => @own_hidden_project.id, :id => @own_hidden_pull.serial_id)
@own_hidden_pull.reload.title.should == 'new title'
end
it 'cant update pull request in open project' do
put :update, @update_params.merge(:project_id => @another_project.id, :id => @another_pull.serial_id)
@another_pull.reload.title.should_not == 'new title'
end
it 'cant update pull request in hidden project' do
put :update, @update_params.merge(:project_id => @hidden_project.id, :id => @hidden_pull.serial_id)
@hidden_pull.reload.title.should_not == 'title'
end
it 'can merge pull request in own project' do
put :merge, :project_id => @project.id, :id => @pull.serial_id, :format => :json
@pull.reload.status.should == 'merged'
response.should be_success
end
it 'can merge pull request in own hidden project' do
put :merge, :project_id => @own_hidden_project.id, :id => @own_hidden_pull.serial_id, :format => :json
@own_hidden_pull.reload.status.should == 'merged'
response.should be_success
end
it 'cant merge pull request in open project' do
put :merge, :project_id => @another_project.id, :id => @another_pull.serial_id, :format => :json
@another_pull.reload.status.should == 'ready'
response.status.should == 403
end
it 'cant merge pull request in hidden project' do
put :merge, :project_id => @hidden_project.id, :id => @hidden_pull.serial_id, :format => :json
@hidden_pull.reload.status.should == 'ready'
response.status.should == 403
end
end
context 'for anonymous user' do
it 'cant update pull request in project', :anonymous_access => true do
put :update, @update_params
response.status.should == 401
end
it 'cant update pull request in hidden project', :anonymous_access => true do
put :update, @update_params.merge(:project_id => @hidden_project.id, :id => @hidden_pull.serial_id)
response.status.should == 401
end
it 'cant merge pull request in open project' do
put :merge, :project_id => @another_project.id, :id => @another_pull.serial_id, :format => :json
@another_pull.reload.status.should == 'ready'
response.status.should == 401
end
it 'cant merge pull request in hidden project' do
put :merge, :project_id => @hidden_project.id, :id => @hidden_pull.serial_id, :format => :json
@hidden_pull.reload.status.should == 'ready'
response.status.should == 401
end
end
end
after(:all) do
User.destroy_all
Platform.destroy_all
end
end