Download as
Browse Code »

Commit fadcc251899095e37b97091a03b2025b1f39c7a6

Authored by Izaak Alpert
1 parent 8248e1f2
Exists in master and in 4 other branches 6-8-stable, 7-0-stable, 7-0-stable-spb, spb-stable

Fixes for @randx 

Change-Id: I3b15ae34c0957a0f4026e1886c92a9770e9d170e
Showing 2 changed files with 10 additions and 5 deletions   Show diff stats
lib/api/groups.rb
  Diff comments   View file @fadcc25
... ... @@ -14,9 +14,10 @@ module API
14 14 end
15 15 end
16 16 def validate_access_level?(level)
17   - [UsersGroup::GUEST, UsersGroup::REPORTER, UsersGroup::DEVELOPER, UsersGroup::MASTER].include? level.to_i
  17 + Gitlab::Access.options_with_owner.values.include? level.to_i
18 18 end
19 19 end
  20 +
20 21 # Get a groups list
21 22 #
22 23 # Example Request:
... ... @@ -88,7 +89,7 @@ module API
88 89 get ":id/members" do
89 90 group = find_group(params[:id])
90 91 members = group.users_groups
91   - users = (paginate members).collect { | member| member.user}
  92 + users = (paginate members).collect(&:user)
92 93 present users, with: Entities::GroupMember, group: group
93 94 end
94 95  
... ... @@ -102,7 +103,7 @@ module API
102 103 # POST /groups/:id/members
103 104 post ":id/members" do
104 105 required_attributes! [:user_id, :access_level]
105   - if not validate_access_level?(params[:access_level])
  106 + unless validate_access_level?(params[:access_level])
106 107 render_api_error!("Wrong access level", 422)
107 108 end
108 109 group = find_group(params[:id])
... ...
spec/requests/api/groups_spec.rb
  Diff comments   View file @fadcc25
... ... @@ -108,7 +108,6 @@ describe API::API do
108 108 Project.stub(:find).and_return(project)
109 109 end
110 110  
111   -
112 111 context "when authenticated as user" do
113 112 it "should not transfer project to group" do
114 113 post api("/groups/#{group1.id}/projects/#{project.id}", user2)
... ... @@ -139,6 +138,7 @@ describe API::API do
139 138 group
140 139 end
141 140 let!(:group_no_members) { create(:group, owner: owner) }
  141 +
142 142 describe "GET /groups/:id/members" do
143 143 context "when authenticated as user that is part or the group" do
144 144 it "each user: should return an array of members groups of group3" do
... ... @@ -154,6 +154,7 @@ describe API::API do
154 154 json_response.find { |e| e['id']==guest.id }['access_level'].should == UsersGroup::GUEST
155 155 end
156 156 end
  157 +
157 158 it "users not part of the group should get access error" do
158 159 get api("/groups/#{group_with_members.id}/members", user1)
159 160 response.status.should == 403
... ... @@ -179,14 +180,17 @@ describe API::API do
179 180 json_response['access_level'].should == UsersGroup::MASTER
180 181 group_no_members.users_groups.count.should == count_before + 1
181 182 end
  183 +
182 184 it "should return error if member already exists" do
183 185 post api("/groups/#{group_with_members.id}/members", owner), user_id: master.id, access_level: UsersGroup::MASTER
184 186 response.status.should == 409
185 187 end
  188 +
186 189 it "should return a 400 error when user id is not given" do
187 190 post api("/groups/#{group_no_members.id}/members", owner), access_level: UsersGroup::MASTER
188 191 response.status.should == 400
189 192 end
  193 +
190 194 it "should return a 400 error when access level is not given" do
191 195 post api("/groups/#{group_no_members.id}/members", owner), user_id: master.id
192 196 response.status.should == 400
... ... @@ -196,7 +200,6 @@ describe API::API do
196 200 post api("/groups/#{group_no_members.id}/members", owner), user_id: master.id, access_level: 1234
197 201 response.status.should == 422
198 202 end
199   -
200 203 end
201 204 end
202 205  
... ... @@ -216,6 +219,7 @@ describe API::API do
216 219 response.status.should == 200
217 220 group_with_members.users_groups.count.should == count_before - 1
218 221 end
  222 +
219 223 it "should return a 404 error when user id is not known" do
220 224 delete api("/groups/#{group_with_members.id}/members/1328", owner)
221 225 response.status.should == 404
... ...