Download as
Browse Code »

Commit dc825ae33016b91235e210c2d37323c076fcf572

Authored by Dmitriy Zaporozhets
2 parents 2eb76186 93341579
Exists in master and in 4 other branches 6-8-stable, 7-0-stable, 7-0-stable-spb, spb-stable

Merge branch 'feature/api_remove_group' of /home/git/repositories/gitlab/gitlabhq

Showing 4 changed files with 68 additions and 2 deletions   Show diff stats
CHANGELOG
  Diff comments   View file @dc825ae
... ... @@ -12,6 +12,7 @@ v 6.2.0
12 12 - Update logic for validates_merge_request for tree of MR (Andrew Kumanyaev)
13 13 - Rake tasks for web hooks management (Jonhnny Weslley)
14 14 - Extended User API to expose admin and can_create_group for user creation/updating (Boyan Tabakov)
  15 + - API: Remove group
15 16  
16 17 v 6.1.0
17 18 - Project specific IDs for issues, mr, milestones
... ...
doc/api/groups.md
  Diff comments   View file @dc825ae
... ... @@ -57,6 +57,19 @@ Parameters:
57 57 + `project_id` (required) - The ID of a project
58 58  
59 59  
  60 +## Remove group
  61 +
  62 +Removes group with all projects inside.
  63 +
  64 +```
  65 +DELETE /groups/:id
  66 +```
  67 +
  68 +Parameters:
  69 +
  70 ++ `id` (required) - The ID of a user group
  71 +
  72 +
60 73 ## Group members
61 74  
62 75  
... ...
lib/api/groups.rb
  Diff comments   View file @dc825ae
... ... @@ -7,12 +7,14 @@ module API
7 7 helpers do
8 8 def find_group(id)
9 9 group = Group.find(id)
10   - if current_user.admin or current_user.groups.include? group
  10 +
  11 + if can?(current_user, :read_group, group)
11 12 group
12 13 else
13 14 render_api_error!("403 Forbidden - #{current_user.username} lacks sufficient access to #{group.name}", 403)
14 15 end
15 16 end
  17 +
16 18 def validate_access_level?(level)
17 19 Gitlab::Access.options_with_owner.values.include? level.to_i
18 20 end
... ... @@ -64,6 +66,19 @@ module API
64 66 present group, with: Entities::GroupDetail
65 67 end
66 68  
  69 +
  70 + # Remove group
  71 + #
  72 + # Parameters:
  73 + # id (required) - The ID of a group
  74 + # Example Request:
  75 + # DELETE /groups/:id
  76 + delete ":id" do
  77 + group = find_group(params[:id])
  78 + authorize! :manage_group, group
  79 + group.destroy
  80 + end
  81 +
67 82 # Transfer a project to the Group namespace
68 83 #
69 84 # Parameters:
... ... @@ -132,7 +147,6 @@ module API
132 147 member.destroy
133 148 end
134 149 end
135   -
136 150 end
137 151 end
138 152 end
... ...
spec/requests/api/groups_spec.rb
  Diff comments   View file @dc825ae
... ... @@ -106,6 +106,44 @@ describe API::API do
106 106 end
107 107 end
108 108  
  109 + describe "DELETE /groups/:id" do
  110 + context "when authenticated as user" do
  111 + it "should remove group" do
  112 + delete api("/groups/#{group1.id}", user1)
  113 + response.status.should == 200
  114 + end
  115 +
  116 + it "should not remove a group if not an owner" do
  117 + user3 = create(:user)
  118 + group1.add_user(user3, Gitlab::Access::MASTER)
  119 + delete api("/groups/#{group1.id}", user3)
  120 + response.status.should == 403
  121 + end
  122 +
  123 + it "should not remove a non existing group" do
  124 + delete api("/groups/1328", user1)
  125 + response.status.should == 404
  126 + end
  127 +
  128 + it "should not remove a group not attached to user1" do
  129 + delete api("/groups/#{group2.id}", user1)
  130 + response.status.should == 403
  131 + end
  132 + end
  133 +
  134 + context "when authenticated as admin" do
  135 + it "should remove any existing group" do
  136 + delete api("/groups/#{group2.id}", admin)
  137 + response.status.should == 200
  138 + end
  139 +
  140 + it "should not remove a non existing group" do
  141 + delete api("/groups/1328", admin)
  142 + response.status.should == 404
  143 + end
  144 + end
  145 + end
  146 +
109 147 describe "POST /groups/:id/projects/:project_id" do
110 148 let(:project) { create(:project) }
111 149 before(:each) do
... ...