Merge pull request #104 from abf/rosa-build:42-issue_api

[#42] tracker api
2013-04-18 18:35:11 +04:00 · 2013-04-18 18:35:11 +04:00 · 9cf0168824
parent 079d7110e0 d917d13880
commit 9cf0168824
13 changed files with 382 additions and 4 deletions
--- a/app/controllers/api/v1/issues_controller.rb
+++ b/app/controllers/api/v1/issues_controller.rb
@ -0,0 +1,108 @@
+# -*- encoding : utf-8 -*-
+class Api::V1::IssuesController < Api::V1::BaseController
+  respond_to :json
+
+  before_filter :authenticate_user!
+  skip_before_filter :authenticate_user!, :only => [:show] if APP_CONFIG['anonymous_access']
+
+  load_and_authorize_resource :group, :only => :group_index
+  load_resource :project
+  load_and_authorize_resource :issue, :through => :project, :find_by => :serial_id, :only => [:show, :update, :destroy, :create, :index]
+
+  def index
+    @issues = @project.issues
+    render_issues_list
+  end
+
+  def all_index
+    project_ids = get_all_project_ids Project.accessible_by(current_ability, :membered).uniq.pluck(:id)
+    @issues = Issue.where('issues.project_id IN (?)', project_ids)
+    render_issues_list
+  end
+
+  def user_index
+    project_ids = get_all_project_ids current_user.projects.select('distinct projects.id').pluck(:id)
+    @issues = Issue.where('issues.project_id IN (?)', project_ids)
+    render_issues_list
+  end
+
+  def group_index
+    project_ids = @group.projects.select('distinct projects.id').pluck(:id)
+    @issues = Issue.where(:project_id => project_ids)
+    render_issues_list
+  end
+
+  def show
+    respond_with @issue
+  end
+
+  def create
+    @issue.user = current_user
+    create_subject @issue
+  end
+
+  def update
+    update_subject @issue
+  end
+
+  def destroy
+    destroy_subject @issue
+  end
+
+  private
+
+  def render_issues_list
+    @issues = @issues.includes(:user, :assignee, :labels).without_pull_requests
+    if params[:status] == 'closed'
+      @issues = @issues.closed
+    else
+      @issues = @issues.opened
+    end
+
+    if action_name == 'index' && params[:assignee].present?
+      case params[:assignee]
+      when 'none'
+        @issues = @issues.where(:assigned_id => nil)
+      when '*'
+        @issues = @issues.where('assigned_id IS NOT NULL')
+      else
+        @issues = @issues.where('assignees_issues.uname = ?', params[:assignee])
+      end
+    end
+
+    if %w[all_index user_index group_index].include?(action_name)
+      case params[:filter]
+      when 'created'
+        @issues = @issues.where(:user_id => current_user)
+      when 'all'
+      else
+        @issues = @issues.where(:assignee_id => current_user)
+      end
+    else
+      @issues.where('users.uname = ?', params[:creator]) if params[:creator].present?
+    end
+
+    if params[:labels].present?
+      labels = params[:labels].split(',').map {|e| e.strip}.select {|e| e.present?}
+      @issues = @issues.where('labels.name IN (?)', labels)
+    end
+
+    sort = params[:sort] == 'updated' ? 'issues.updated_at' : 'issues.created_at'
+    direction = params[:direction] == 'asc' ? 'ASC' : 'DESC'
+    @issues = @issues.order("#{sort} #{direction}")
+
+    @issues = @issues.where('created_at >= to_timestamp(?)', params[:since]) if params[:since] =~ /\A\d+\z/
+    @issues.paginate(paginate_params)
+    respond_with @issues
+  end
+
+  def get_all_project_ids default_project_ids
+    project_ids = []
+    if ['created', 'all'].include? params[:filter]
+      # add own issues
+      project_ids = Project.accessible_by(current_ability, :show).joins(:issues).
+                            where(:issues => {:user_id => current_user.id}).uniq.pluck('projects.id')
+    end
+    project_ids |= default_project_ids
+  end
+end
--- a/app/models/collaborator.rb
+++ b/app/models/collaborator.rb
@ -110,6 +110,7 @@ class Collaborator

  def destroy
    relation.try(:destroy)
+    @actor.check_assigned_issues @project
  end

  def attributes
--- a/app/models/relation.rb
+++ b/app/models/relation.rb
@ -34,7 +34,11 @@ class Relation < ActiveRecord::Base

  def self.remove_member(member, target)
    return false if target.respond_to?(:owner) && target.owner == member
-    Relation.by_actor(member).by_target(target).each{|r| r.destroy}
+    res = Relation.by_actor(member).by_target(target).each{|r| r.destroy}
+    if member.is_a?(User) && ['Project', 'Group'].include?(target.class.name)
+      member.check_assigned_issues target
+    end
+    res
  end

  protected
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -28,6 +28,7 @@ class User < Avatar
  has_many :own_projects, :as => :owner, :class_name => 'Project', :dependent => :destroy
  has_many :own_groups,   :foreign_key => :owner_id, :class_name => 'Group', :dependent => :destroy
  has_many :own_platforms, :as => :owner, :class_name => 'Platform', :dependent => :destroy
+  has_many :assigned_issues, :foreign_key => :assignee_id, :class_name => 'Issue', :dependent => :nullify

  has_many :key_pairs
  has_many :ssh_keys, :dependent => :destroy
@ -141,6 +142,19 @@ class User < Avatar
    raise "unknown user #{self.uname} roles #{roles}"
  end

+  def check_assigned_issues target
+    if target.is_a? Project
+      assigned_issues.where(:project_id => target.id).update_all(:assignee_id => nil)
+    else
+      ability = Ability.new self
+      project_ids = Project.accessible_by(ability, :membered).uniq.pluck(:id)
+
+      issues = assigned_issues
+      issues = issues.where('project_id not in (?)', project_ids) if project_ids.present?
+      issues.update_all(:assignee_id => nil)
+    end
+  end
+
  protected

  def target_roles target
--- a/app/views/api/v1/issues/_issue.json.jbuilder
+++ b/app/views/api/v1/issues/_issue.json.jbuilder
@ -0,0 +1,11 @@
+json.number issue.serial_id
+json.(issue, :title, :status)
+json.labels issue.labels do |json_labels, label|
+  json.partial! 'label', :label => label, :json => json_labels
+end
+json.assignee do |json_assignee|
+  json.partial! 'api/v1/shared/member', :member => issue.assignee, :tag => json_assignee
+end if issue.assignee
+
+json.url api_v1_project_issue_path(issue.project.id, issue.serial_id, :format => :json)
+
--- a/app/views/api/v1/issues/_label.json.jbuilder
+++ b/app/views/api/v1/issues/_label.json.jbuilder
@ -0,0 +1 @@
+json.(label, :name, :color)
--- a/app/views/api/v1/issues/index.json.jbuilder
+++ b/app/views/api/v1/issues/index.json.jbuilder
@ -0,0 +1,11 @@
+json.issues @issues do |json, issue|
+  json.partial! 'issue', :issue => issue, :json => json
+  json.issue issue.body
+  json.partial! 'api/v1/shared/owner', :owner => issue.user
+  json.closed_at issue.closed_at.to_i
+  json.closed_by do |json_user|
+    json.partial! 'api/v1/shared/member', :member => issue.closer, :tag => json_user
+  end if issue.closer
+  json.created_at issue.created_at.to_i
+  json.updated_at issue.updated_at.to_i
+end
--- a/app/views/api/v1/issues/show.json.jbuilder
+++ b/app/views/api/v1/issues/show.json.jbuilder
@ -0,0 +1,11 @@
+json.issue do |json|
+  json.partial! 'issue', :issue => @issue, :json => json
+  json.issue @issue.body
+  json.partial! 'api/v1/shared/owner', :owner => @issue.user
+  json.closed_at @issue.closed_at.to_i
+  json.closed_by do |json_user|
+    json.partial! 'api/v1/shared/member', :member => @issue.closer, :tag => json_user
+  end if @issue.closer
+  json.created_at @issue.created_at.to_i
+  json.updated_at @issue.updated_at.to_i
+end
--- a/config/routes.rb
+++ b/config/routes.rb
@ -58,6 +58,7 @@ Rosa::Application.routes.draw do
          put :update_member
        }
        resources :build_lists, :only => :index
+        resources :issues, :only => [:index, :create, :show, :update]
      end
      resources :users, :only => [:show]
      get 'user' => 'users#show_current_user'
@ -65,6 +66,7 @@ Rosa::Application.routes.draw do
        member {
          get :notifiers
          put :notifiers
+          get '/issues' => 'issues#user_index'
        }
      end
      resources :groups, :only => [:index, :show, :update, :create, :destroy] do
@ -73,6 +75,7 @@ Rosa::Application.routes.draw do
          put :add_member
          delete :remove_member
          put :update_member
+          get '/issues' => 'issues#group_index'
        }
      end
      resources :products, :only => [:show, :update, :create, :destroy] do
@ -82,6 +85,7 @@ Rosa::Application.routes.draw do
        put :cancel, :on => :member
      end
      #resources :ssh_keys, :only => [:index, :create, :destroy]
+      get 'issues' => 'issues#all_index'
    end
  end

--- a/db/migrate/20130417162427_add_user_index_to_issue.rb
+++ b/db/migrate/20130417162427_add_user_index_to_issue.rb
@ -0,0 +1,5 @@
+class AddUserIndexToIssue < ActiveRecord::Migration
+  def change
+    add_index :issues, :user_id
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.

-ActiveRecord::Schema.define(:version => 20130328112110) do
+ActiveRecord::Schema.define(:version => 20130417162427) do

  create_table "activity_feeds", :force => true do |t|
    t.integer  "user_id",    :null => false
@ -219,6 +219,7 @@ ActiveRecord::Schema.define(:version => 20130328112110) do
  end

  add_index "issues", ["project_id", "serial_id"], :name => "index_issues_on_project_id_and_serial_id", :unique => true
+  add_index "issues", ["user_id"], :name => "index_issues_on_user_id"

  create_table "key_pairs", :force => true do |t|
    t.text     "public",           :null => false
--- a/spec/controllers/api/v1/issues_controller_spec.rb
+++ b/spec/controllers/api/v1/issues_controller_spec.rb
@ -0,0 +1,181 @@
+# -*- encoding : utf-8 -*-
+require 'spec_helper'
+
+describe Api::V1::IssuesController do
+  before(:all) do
+    stub_symlink_methods
+    stub_redis
+    any_instance_of(Project, :versions => ['v1.0', 'v2.0'])
+
+    @issue = FactoryGirl.create(:issue)
+    @project = @issue.project
+
+    @membered_issue = FactoryGirl.create(:issue)
+    @membered_project = @membered_issue.project
+    @membered_project.relations.create(:role => 'reader', :actor => @issue.user)
+
+    @open_issue = FactoryGirl.create(:issue)
+    @open_project = @open_issue.project
+
+    @own_hidden_project = FactoryGirl.create(:project, :owner => @issue.user)
+    @own_hidden_project.update_column :visibility, 'hidden'
+    @own_hidden_issue = FactoryGirl.create(:issue, :project => @own_hidden_project, :assignee => @issue.user)
+
+    @hidden_issue = FactoryGirl.create(:issue)
+    @hidden_project = @hidden_issue.project
+    @hidden_project.update_column :visibility, 'hidden'
+
+    @create_params = {:issue => {:title => 'title', :body => 'body'}, :project_id => @project.id, :format => :json}
+    @update_params = {:issue => {:title => 'new title'}, :project_id => @project.id, :id => @issue.serial_id, :format => :json}
+  end
+
+  context 'read and accessible abilities' do
+    context 'for user' do
+      before(:each) do
+        http_login(@issue.user)
+      end
+
+      it 'can show issue in own project' do
+        get :show, :project_id => @project.id, :id => @issue.serial_id, :format => :json
+        response.should be_success
+      end
+
+      it 'can show issue in open project' do
+        get :show, :project_id => @open_project.id, :id => @open_issue.serial_id, :format => :json
+        response.should be_success
+      end
+
+      it 'can show issue in own hidden project' do
+        get :show, :project_id => @own_hidden_project.id, :id => @own_hidden_issue.serial_id, :format => :json
+        response.should be_success
+      end
+
+      it 'cant show issue in hidden project' do
+        get :show, :project_id => @hidden_project.id, :id => @hidden_issue.serial_id, :format => :json
+        response.status.should == 403
+      end
+
+      it 'should return three issues' do
+        get :all_index, :filter => 'all', :format => :json
+        assigns[:issues].should include(@issue)
+        assigns[:issues].should include(@own_hidden_issue)
+        assigns[:issues].should include(@membered_issue)
+      end
+
+      it 'should return only assigned issue' do
+        http_login(@issue.user)
+        get :user_index, :format => :json
+        assigns[:issues].should include(@own_hidden_issue)
+        assigns[:issues].count.should == 1
+      end
+    end
+
+    context 'for anonymous user' do
+      it 'can show issue in open project', :anonymous_access => true do
+        get :show, :project_id => @project.id, :id => @issue.serial_id, :format => :json
+        response.should be_success
+      end
+
+      it 'cant show issue in hidden project', :anonymous_access => true do
+        get :show, :project_id => @hidden_project.id, :id => @hidden_issue.serial_id, :format => :json
+        response.status.should == 403
+      end
+
+      it 'should not return any issues' do
+        get :all_index, :filter => 'all', :format => :json
+        response.status.should == 401
+      end
+    end
+  end
+
+  context 'create accessibility' do
+    context 'for user' do
+      before(:each) do
+        http_login(@issue.user)
+        @count = Issue.count
+      end
+
+      it 'can create issue in own project' do
+        post :create, @create_params
+        Issue.count.should == @count+1
+      end
+
+      it 'can create issue in own hidden project' do
+        post :create, @create_params.merge(:project_id => @own_hidden_project.id)
+        Issue.count.should == @count+1
+      end
+
+      it 'can create issue in open project' do
+        post :create, @create_params.merge(:project_id => @open_project.id)
+        Issue.count.should == @count+1
+      end
+
+      it 'cant create issue in hidden project' do
+        post :create, @create_params.merge(:project_id => @hidden_project.id)
+        Issue.count.should == @count
+      end
+    end
+
+    context 'for anonymous user' do
+      before(:each) do
+        @count = Issue.count
+      end
+      it 'cant create issue in project', :anonymous_access => true do
+        post :create, @create_params
+        Issue.count.should == @count
+      end
+
+      it 'cant create issue in hidden project', :anonymous_access => true do
+        post :create, @create_params.merge(:project_id => @hidden_project.id)
+        Issue.count.should == @count
+      end
+    end
+  end
+
+  context 'update accessibility' do
+    context 'for user' do
+      before(:each) do
+        http_login(@issue.user)
+      end
+
+      it 'can update issue in own project' do
+        put :update, @update_params
+        @issue.reload.title.should == 'new title'
+      end
+
+      it 'can update issue in own hidden project' do
+        put :update, @update_params.merge(:project_id => @own_hidden_project.id, :id => @own_hidden_issue.serial_id)
+        @own_hidden_issue.reload.title.should == 'new title'
+      end
+
+      it 'cant update issue in open project' do
+        put :update, @update_params.merge(:project_id => @open_project.id, :id => @open_issue.serial_id)
+        @open_issue.reload.title.should_not == 'new title'
+      end
+
+      it 'cant update issue in hidden project' do
+        put :update, @update_params.merge(:project_id => @hidden_project.id, :id => @hidden_issue.serial_id)
+        @hidden_issue.reload.title.should_not == 'title'
+      end
+    end
+
+    context 'for anonymous user' do
+      before(:each) do
+        @count = Issue.count
+      end
+      it 'cant update issue in project', :anonymous_access => true do
+        put :update, @update_params
+        response.status.should == 401
+      end
+
+      it 'cant update issue in hidden project', :anonymous_access => true do
+        put :update, @update_params.merge(:project_id => @hidden_project.id, :id => @hidden_issue.serial_id)
+        response.status.should == 401
+      end
+    end
+  end
+  after(:all) do
+    User.destroy_all
+    Platform.destroy_all
+  end
+end
--- a/spec/models/issue_spec.rb
+++ b/spec/models/issue_spec.rb
@ -41,8 +41,8 @@ describe Issue do
      @project = FactoryGirl.create(:project, :owner => @user)

      @group = FactoryGirl.create(:group)
-      reader = FactoryGirl.create :user
-      @group.actors.create(:actor_type => 'User', :actor_id => reader.id, :role => 'reader')
+      @reader = FactoryGirl.create :user
+      @group.actors.create(:actor_type => 'User', :actor_id => @reader.id, :role => 'reader')
    end

    it 'should send an e-mail to all members of the admin group' do
@ -65,6 +65,32 @@ describe Issue do
      create_issue(@stranger)
      ActionMailer::Base.deliveries.count.should == 1 # 1 project owner
    end
+
+    it 'should reset issue assignee after remove him from group' do
+      @project.relations.create!(:actor_type => 'Group', :actor_id => @group.id, :role => 'reader')
+      create_issue(@group.owner)
+      @issue.update_column :assignee_id, @reader.id
+      @group.remove_member @reader
+      @issue.reload.assignee_id.should == nil
+    end
+
+    it 'should not reset issue assignee' do
+      @project.relations.create!(:actor_type => 'Group', :actor_id => @group.id, :role => 'reader')
+      @project.relations.create!(:actor_type => 'User', :actor_id => @reader.id, :role => 'reader')
+      create_issue(@group.owner)
+      @issue.update_column :assignee_id, @reader.id
+      @group.remove_member @reader
+      @issue.reload.assignee_id.should == @reader.id
+    end
+
+    it 'should reset issue assignee after remove him from project' do
+      @project.relations.create!(:actor_type => 'User', :actor_id => @reader.id, :role => 'reader')
+      create_issue(@reader)
+      @issue.update_column :assignee_id, @reader.id
+      @project.remove_member @reader # via api
+      @issue.reload.assignee_id.should == nil
+    end
+
  end

  context 'Group project' do