debian-mirror-gitlab/spec/support/shared_examples/requests/api/discussions.rb

269 lines
10 KiB
Ruby
Raw Normal View History

2019-10-12 21:52:04 +05:30
# frozen_string_literal: true
2019-12-04 20:38:33 +05:30
shared_examples 'with cross-reference system notes' do
let(:merge_request) { create(:merge_request) }
let(:project) { merge_request.project }
let(:new_merge_request) { create(:merge_request) }
let(:commit) { new_merge_request.project.commit }
let!(:note) { create(:system_note, noteable: merge_request, project: project, note: cross_reference) }
let!(:note_metadata) { create(:system_note_metadata, note: note, action: 'cross_reference') }
let(:cross_reference) { "test commit #{commit.to_reference(project)}" }
let(:pat) { create(:personal_access_token, user: user) }
before do
project.add_developer(user)
new_merge_request.project.add_developer(user)
hidden_merge_request = create(:merge_request)
new_cross_reference = "test commit #{hidden_merge_request.project.commit}"
new_note = create(:system_note, noteable: merge_request, project: project, note: new_cross_reference)
create(:system_note_metadata, note: new_note, action: 'cross_reference')
end
it 'returns only the note that the user should see' do
get api(url, user, personal_access_token: pat)
expect(response).to have_gitlab_http_status(200)
expect(json_response.count).to eq(1)
expect(notes_in_response.count).to eq(1)
parsed_note = notes_in_response.first
expect(parsed_note['id']).to eq(note.id)
expect(parsed_note['body']).to eq(cross_reference)
expect(parsed_note['system']).to be true
end
it 'avoids Git calls and N+1 SQL queries', :request_store do
expect_any_instance_of(Repository).not_to receive(:find_commit).with(commit.id)
control = ActiveRecord::QueryRecorder.new do
get api(url, user, personal_access_token: pat)
end
expect(response).to have_gitlab_http_status(200)
RequestStore.clear!
new_note = create(:system_note, noteable: merge_request, project: project, note: cross_reference)
create(:system_note_metadata, note: new_note, action: 'cross_reference')
RequestStore.clear!
expect { get api(url, user, personal_access_token: pat) }.not_to exceed_query_limit(control)
expect(response).to have_gitlab_http_status(200)
end
end
2019-09-04 21:01:54 +05:30
shared_examples 'discussions API' do |parent_type, noteable_type, id_name, can_reply_to_individual_notes: false|
2018-03-27 19:54:05 +05:30
describe "GET /#{parent_type}/:id/#{noteable_type}/:noteable_id/discussions" do
it "returns an array of discussions" do
get api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/discussions", user)
expect(response).to have_gitlab_http_status(200)
expect(response).to include_pagination_headers
expect(json_response).to be_an Array
expect(json_response.first['id']).to eq(note.discussion_id)
end
it "returns a 404 error when noteable id not found" do
get api("/#{parent_type}/#{parent.id}/#{noteable_type}/12345/discussions", user)
expect(response).to have_gitlab_http_status(404)
end
it "returns 404 when not authorized" do
parent.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
get api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/discussions", private_user)
expect(response).to have_gitlab_http_status(404)
end
end
describe "GET /#{parent_type}/:id/#{noteable_type}/:noteable_id/discussions/:discussion_id" do
it "returns a discussion by id" do
get api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/discussions/#{note.discussion_id}", user)
expect(response).to have_gitlab_http_status(200)
expect(json_response['id']).to eq(note.discussion_id)
expect(json_response['notes'].first['body']).to eq(note.note)
end
it "returns a 404 error if discussion not found" do
get api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/discussions/12345", user)
expect(response).to have_gitlab_http_status(404)
end
end
describe "POST /#{parent_type}/:id/#{noteable_type}/:noteable_id/discussions" do
it "creates a new note" do
2019-02-15 15:39:39 +05:30
post api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/discussions", user), params: { body: 'hi!' }
2018-03-27 19:54:05 +05:30
expect(response).to have_gitlab_http_status(201)
expect(json_response['notes'].first['body']).to eq('hi!')
expect(json_response['notes'].first['author']['username']).to eq(user.username)
end
it "returns a 400 bad request error if body not given" do
post api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/discussions", user)
expect(response).to have_gitlab_http_status(400)
end
it "returns a 401 unauthorized error if user not authenticated" do
2019-02-15 15:39:39 +05:30
post api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/discussions"), params: { body: 'hi!' }
2018-03-27 19:54:05 +05:30
expect(response).to have_gitlab_http_status(401)
end
context 'when an admin or owner makes the request' do
it 'accepts the creation date to be set' do
creation_time = 2.weeks.ago
post api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/discussions", user),
2019-02-15 15:39:39 +05:30
params: { body: 'hi!', created_at: creation_time }
2018-03-27 19:54:05 +05:30
expect(response).to have_gitlab_http_status(201)
expect(json_response['notes'].first['body']).to eq('hi!')
expect(json_response['notes'].first['author']['username']).to eq(user.username)
expect(Time.parse(json_response['notes'].first['created_at'])).to be_like_time(creation_time)
end
end
context 'when user does not have access to read the discussion' do
before do
parent.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
end
it 'responds with 404' do
post api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/discussions", private_user),
2019-02-15 15:39:39 +05:30
params: { body: 'Foo' }
2018-03-27 19:54:05 +05:30
expect(response).to have_gitlab_http_status(404)
end
end
2019-03-13 22:55:13 +05:30
context 'when a project is public with private repo access' do
let!(:parent) { create(:project, :public, :repository, :repository_private, :snippets_private) }
let!(:user_without_access) { create(:user) }
context 'when user is not a team member of private repo' do
before do
project.team.truncate
end
context "creating a new note" do
before do
post api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/discussions", user_without_access), params: { body: 'hi!' }
end
it 'raises 404 error' do
expect(response).to have_gitlab_http_status(404)
end
end
context "fetching a discussion" do
before do
get api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/discussions/#{note.discussion_id}", user_without_access)
end
it 'raises 404 error' do
expect(response).to have_gitlab_http_status(404)
end
end
end
end
2018-03-27 19:54:05 +05:30
end
describe "POST /#{parent_type}/:id/#{noteable_type}/:noteable_id/discussions/:discussion_id/notes" do
it 'adds a new note to the discussion' do
post api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\
2019-02-15 15:39:39 +05:30
"discussions/#{note.discussion_id}/notes", user), params: { body: 'Hello!' }
2018-03-27 19:54:05 +05:30
expect(response).to have_gitlab_http_status(201)
expect(json_response['body']).to eq('Hello!')
expect(json_response['type']).to eq('DiscussionNote')
end
it 'returns a 400 bad request error if body not given' do
post api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\
"discussions/#{note.discussion_id}/notes", user)
expect(response).to have_gitlab_http_status(400)
end
2019-07-31 22:56:46 +05:30
context 'when the discussion is an individual note' do
before do
note.update!(type: nil)
2018-03-27 19:54:05 +05:30
2019-07-31 22:56:46 +05:30
post api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\
"discussions/#{note.discussion_id}/notes", user), params: { body: 'hi!' }
end
2018-03-27 19:54:05 +05:30
2019-09-04 21:01:54 +05:30
if can_reply_to_individual_notes
2019-07-31 22:56:46 +05:30
it 'creates a new discussion' do
expect(response).to have_gitlab_http_status(201)
expect(json_response['body']).to eq('hi!')
expect(json_response['type']).to eq('DiscussionNote')
end
else
it 'returns 400 bad request' do
expect(response).to have_gitlab_http_status(400)
end
end
2018-03-27 19:54:05 +05:30
end
end
describe "PUT /#{parent_type}/:id/#{noteable_type}/:noteable_id/discussions/:discussion_id/notes/:note_id" do
it 'returns modified note' do
put api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\
2019-02-15 15:39:39 +05:30
"discussions/#{note.discussion_id}/notes/#{note.id}", user), params: { body: 'Hello!' }
2018-03-27 19:54:05 +05:30
expect(response).to have_gitlab_http_status(200)
expect(json_response['body']).to eq('Hello!')
end
it 'returns a 404 error when note id not found' do
put api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\
"discussions/#{note.discussion_id}/notes/12345", user),
2019-02-15 15:39:39 +05:30
params: { body: 'Hello!' }
2018-03-27 19:54:05 +05:30
expect(response).to have_gitlab_http_status(404)
end
it 'returns a 400 bad request error if body not given' do
put api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\
"discussions/#{note.discussion_id}/notes/#{note.id}", user)
expect(response).to have_gitlab_http_status(400)
end
end
describe "DELETE /#{parent_type}/:id/#{noteable_type}/:noteable_id/discussions/:discussion_id/notes/:note_id" do
it 'deletes a note' do
delete api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\
"discussions/#{note.discussion_id}/notes/#{note.id}", user)
expect(response).to have_gitlab_http_status(204)
# Check if note is really deleted
delete api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\
"discussions/#{note.discussion_id}/notes/#{note.id}", user)
expect(response).to have_gitlab_http_status(404)
end
it 'returns a 404 error when note id not found' do
delete api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\
"discussions/#{note.discussion_id}/notes/12345", user)
expect(response).to have_gitlab_http_status(404)
end
it_behaves_like '412 response' do
let(:request) do
api("/#{parent_type}/#{parent.id}/#{noteable_type}/#{noteable[id_name]}/"\
"discussions/#{note.discussion_id}/notes/#{note.id}", user)
end
end
end
end