debian-mirror-gitlab/spec/requests/api/ci/pipeline_schedules_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

734 lines
26 KiB
Ruby
Raw Normal View History

2019-12-26 22:10:19 +05:30
# frozen_string_literal: true
2017-09-10 17:25:29 +05:30
require 'spec_helper'
2020-07-28 23:09:34 +05:30
RSpec.describe API::Ci::PipelineSchedules do
2020-03-13 15:44:24 +05:30
let_it_be(:developer) { create(:user) }
let_it_be(:user) { create(:user) }
let_it_be(:project) { create(:project, :repository, public_builds: false) }
2017-09-10 17:25:29 +05:30
before do
project.add_developer(developer)
end
describe 'GET /projects/:id/pipeline_schedules' do
context 'authenticated user with valid permissions' do
let(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project, owner: developer) }
before do
pipeline_schedule.pipelines << build(:ci_pipeline, project: project)
end
2018-05-09 12:01:36 +05:30
def create_pipeline_schedules(count)
create_list(:ci_pipeline_schedule, count, project: project)
.each do |pipeline_schedule|
create(:user).tap do |user|
project.add_developer(user)
2020-07-28 23:09:34 +05:30
pipeline_schedule.update!(owner: user)
2018-05-09 12:01:36 +05:30
end
pipeline_schedule.pipelines << build(:ci_pipeline, project: project)
end
end
2017-09-10 17:25:29 +05:30
it 'returns list of pipeline_schedules' do
get api("/projects/#{project.id}/pipeline_schedules", developer)
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:ok)
2017-09-10 17:25:29 +05:30
expect(response).to include_pagination_headers
expect(response).to match_response_schema('pipeline_schedules')
end
it 'avoids N + 1 queries' do
2018-05-09 12:01:36 +05:30
# We need at least two users to trigger a preload for that relation.
create_pipeline_schedules(1)
2017-09-10 17:25:29 +05:30
control_count = ActiveRecord::QueryRecorder.new do
get api("/projects/#{project.id}/pipeline_schedules", developer)
end.count
2020-04-22 19:07:51 +05:30
create_pipeline_schedules(5)
2017-09-10 17:25:29 +05:30
expect do
get api("/projects/#{project.id}/pipeline_schedules", developer)
end.not_to exceed_query_limit(control_count)
end
%w[active inactive].each do |target|
context "when scope is #{target}" do
before do
create(:ci_pipeline_schedule, project: project, active: active?(target))
end
it 'returns matched pipeline schedules' do
2019-02-15 15:39:39 +05:30
get api("/projects/#{project.id}/pipeline_schedules", developer), params: { scope: target }
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
expect(json_response.map { |r| r['active'] }).to all(eq(active?(target)))
2017-09-10 17:25:29 +05:30
end
end
def active?(str)
2020-05-24 23:13:21 +05:30
str == 'active'
2017-09-10 17:25:29 +05:30
end
end
end
context 'authenticated user with invalid permissions' do
it 'does not return pipeline_schedules list' do
get api("/projects/#{project.id}/pipeline_schedules", user)
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2017-09-10 17:25:29 +05:30
end
end
context 'unauthenticated user' do
it 'does not return pipeline_schedules list' do
get api("/projects/#{project.id}/pipeline_schedules")
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:unauthorized)
2017-09-10 17:25:29 +05:30
end
end
end
describe 'GET /projects/:id/pipeline_schedules/:pipeline_schedule_id' do
let(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project, owner: developer) }
before do
2019-07-31 22:56:46 +05:30
pipeline_schedule.variables << build(:ci_pipeline_schedule_variable)
2017-09-10 17:25:29 +05:30
pipeline_schedule.pipelines << build(:ci_pipeline, project: project)
end
2020-11-05 12:06:23 +05:30
matcher :return_pipeline_schedule_sucessfully do
2022-08-27 11:52:29 +05:30
match_unless_raises do |response|
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:ok)
2017-09-10 17:25:29 +05:30
expect(response).to match_response_schema('pipeline_schedule')
end
2020-11-05 12:06:23 +05:30
end
2017-09-10 17:25:29 +05:30
2020-11-05 12:06:23 +05:30
shared_context 'request with project permissions' do
context 'authenticated user with project permisions' do
before do
project.add_maintainer(user)
end
2017-09-10 17:25:29 +05:30
2020-11-05 12:06:23 +05:30
it 'returns pipeline_schedule details' do
get api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", user)
expect(response).to return_pipeline_schedule_sucessfully
expect(json_response).to have_key('variables')
end
2017-09-10 17:25:29 +05:30
end
end
2020-11-05 12:06:23 +05:30
shared_examples 'request with schedule ownership' do
context 'authenticated user with pipeline schedule ownership' do
it 'returns pipeline_schedule details' do
get api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", developer)
2017-09-10 17:25:29 +05:30
2020-11-05 12:06:23 +05:30
expect(response).to return_pipeline_schedule_sucessfully
expect(json_response).to have_key('variables')
end
2018-03-17 18:26:18 +05:30
end
end
2020-11-05 12:06:23 +05:30
shared_examples 'request with unauthenticated user' do
context 'with unauthenticated user' do
it 'does not return pipeline_schedule' do
get api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}")
expect(response).to have_gitlab_http_status(:unauthorized)
end
2018-03-17 18:26:18 +05:30
end
2020-11-05 12:06:23 +05:30
end
2018-03-17 18:26:18 +05:30
2020-11-05 12:06:23 +05:30
shared_examples 'request with non-existing pipeline_schedule' do
it 'responds with 404 Not Found if requesting non-existing pipeline_schedule' do
get api("/projects/#{project.id}/pipeline_schedules/-5", developer)
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2017-09-10 17:25:29 +05:30
end
end
2020-11-05 12:06:23 +05:30
context 'with private project' do
it_behaves_like 'request with schedule ownership'
it_behaves_like 'request with project permissions'
it_behaves_like 'request with unauthenticated user'
it_behaves_like 'request with non-existing pipeline_schedule'
2017-09-10 17:25:29 +05:30
2020-11-05 12:06:23 +05:30
context 'authenticated user with no project permissions' do
it 'does not return pipeline_schedule' do
get api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", user)
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'authenticated user with insufficient project permissions' do
before do
project.add_guest(user)
end
it 'does not return pipeline_schedule' do
get api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", user)
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
context 'with public project' do
let_it_be(:project) { create(:project, :repository, :public, public_builds: false) }
it_behaves_like 'request with schedule ownership'
it_behaves_like 'request with project permissions'
it_behaves_like 'request with unauthenticated user'
it_behaves_like 'request with non-existing pipeline_schedule'
context 'authenticated user with no project permissions' do
it 'returns pipeline_schedule with no variables' do
get api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", user)
expect(response).to return_pipeline_schedule_sucessfully
expect(json_response).not_to have_key('variables')
end
end
context 'authenticated user with insufficient project permissions' do
before do
project.add_guest(user)
end
it 'returns pipeline_schedule with no variables' do
get api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", user)
expect(response).to return_pipeline_schedule_sucessfully
expect(json_response).not_to have_key('variables')
end
2017-09-10 17:25:29 +05:30
end
end
end
2022-08-27 11:52:29 +05:30
describe 'GET /projects/:id/pipeline_schedules/:pipeline_schedule_id/pipelines' do
let(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project, owner: developer) }
before do
create_list(:ci_pipeline, 2, project: project, pipeline_schedule: pipeline_schedule, source: :schedule)
end
let(:url) { "/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/pipelines" }
matcher :return_pipeline_schedule_pipelines_successfully do
match_unless_raises do |reponse|
expect(response).to have_gitlab_http_status(:ok)
expect(response).to include_pagination_headers
expect(response).to match_response_schema('public_api/v4/pipelines')
end
end
shared_examples 'request with project permissions' do
context 'authenticated user with project permissions' do
before do
project.add_maintainer(user)
end
it 'returns the details of pipelines triggered from the pipeline schedule' do
get api(url, user)
expect(response).to return_pipeline_schedule_pipelines_successfully
end
end
end
shared_examples 'request with schedule ownership' do
context 'authenticated user with pipeline schedule ownership' do
it 'returns the details of pipelines triggered from the pipeline schedule' do
get api(url, developer)
expect(response).to return_pipeline_schedule_pipelines_successfully
end
end
end
shared_examples 'request with unauthenticated user' do
context 'with unauthenticated user' do
it 'does not return the details of pipelines triggered from the pipeline schedule' do
get api(url)
expect(response).to have_gitlab_http_status(:unauthorized)
end
end
end
shared_examples 'request with non-existing pipeline_schedule' do
it "responds with 404 Not Found if requesting for a non-existing pipeline schedule's pipelines" do
get api("/projects/#{project.id}/pipeline_schedules/#{non_existing_record_id}/pipelines", developer)
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'with private project' do
it_behaves_like 'request with schedule ownership'
it_behaves_like 'request with project permissions'
it_behaves_like 'request with unauthenticated user'
it_behaves_like 'request with non-existing pipeline_schedule'
context 'authenticated user with no project permissions' do
it 'does not return the details of pipelines triggered from the pipeline schedule' do
get api(url, user)
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'authenticated user with insufficient project permissions' do
before do
project.add_guest(user)
end
it 'does not return the details of pipelines triggered from the pipeline schedule' do
get api(url, user)
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
context 'with public project' do
let_it_be(:project) { create(:project, :repository, :public, public_builds: false) }
it_behaves_like 'request with schedule ownership'
it_behaves_like 'request with project permissions'
it_behaves_like 'request with unauthenticated user'
it_behaves_like 'request with non-existing pipeline_schedule'
context 'authenticated user with no project permissions' do
it 'returns the details of pipelines triggered from the pipeline schedule' do
get api(url, user)
expect(response).to return_pipeline_schedule_pipelines_successfully
end
end
end
end
2017-09-10 17:25:29 +05:30
describe 'POST /projects/:id/pipeline_schedules' do
let(:params) { attributes_for(:ci_pipeline_schedule) }
context 'authenticated user with valid permissions' do
context 'with required parameters' do
it 'creates pipeline_schedule' do
expect do
post api("/projects/#{project.id}/pipeline_schedules", developer),
2019-02-15 15:39:39 +05:30
params: params
2017-09-10 17:25:29 +05:30
end.to change { project.pipeline_schedules.count }.by(1)
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:created)
2017-09-10 17:25:29 +05:30
expect(response).to match_response_schema('pipeline_schedule')
expect(json_response['description']).to eq(params[:description])
expect(json_response['ref']).to eq(params[:ref])
expect(json_response['cron']).to eq(params[:cron])
expect(json_response['cron_timezone']).to eq(params[:cron_timezone])
expect(json_response['owner']['id']).to eq(developer.id)
end
end
context 'without required parameters' do
it 'does not create pipeline_schedule' do
post api("/projects/#{project.id}/pipeline_schedules", developer)
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:bad_request)
2017-09-10 17:25:29 +05:30
end
end
context 'when cron has validation error' do
it 'does not create pipeline_schedule' do
post api("/projects/#{project.id}/pipeline_schedules", developer),
2019-02-15 15:39:39 +05:30
params: params.merge('cron' => 'invalid-cron')
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:bad_request)
2017-09-10 17:25:29 +05:30
expect(json_response['message']).to have_key('cron')
end
end
end
context 'authenticated user with invalid permissions' do
it 'does not create pipeline_schedule' do
2019-02-15 15:39:39 +05:30
post api("/projects/#{project.id}/pipeline_schedules", user), params: params
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2017-09-10 17:25:29 +05:30
end
end
context 'unauthenticated user' do
it 'does not create pipeline_schedule' do
2019-02-15 15:39:39 +05:30
post api("/projects/#{project.id}/pipeline_schedules"), params: params
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:unauthorized)
2017-09-10 17:25:29 +05:30
end
end
end
describe 'PUT /projects/:id/pipeline_schedules/:pipeline_schedule_id' do
let(:pipeline_schedule) do
create(:ci_pipeline_schedule, project: project, owner: developer)
end
context 'authenticated user with valid permissions' do
it 'updates cron' do
put api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", developer),
2019-02-15 15:39:39 +05:30
params: { cron: '1 2 3 4 *' }
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:ok)
2017-09-10 17:25:29 +05:30
expect(response).to match_response_schema('pipeline_schedule')
expect(json_response['cron']).to eq('1 2 3 4 *')
end
context 'when cron has validation error' do
it 'does not update pipeline_schedule' do
put api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", developer),
2019-02-15 15:39:39 +05:30
params: { cron: 'invalid-cron' }
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:bad_request)
2017-09-10 17:25:29 +05:30
expect(json_response['message']).to have_key('cron')
end
end
end
context 'authenticated user with invalid permissions' do
2022-05-03 16:02:30 +05:30
context 'as a project maintainer' do
before do
project.add_maintainer(user)
end
2017-09-10 17:25:29 +05:30
2022-05-03 16:02:30 +05:30
it 'does not update pipeline_schedule' do
put api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", user)
expect(response).to have_gitlab_http_status(:forbidden)
end
end
context 'as a project owner' do
2022-05-07 20:08:51 +05:30
before do
project.add_owner(user)
end
2022-05-03 16:02:30 +05:30
it 'does not update pipeline_schedule' do
2022-05-07 20:08:51 +05:30
put api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", user)
2022-05-03 16:02:30 +05:30
expect(response).to have_gitlab_http_status(:forbidden)
end
end
context 'with no special role' do
it 'does not update pipeline_schedule' do
put api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", user)
expect(response).to have_gitlab_http_status(:not_found)
end
2017-09-10 17:25:29 +05:30
end
end
context 'unauthenticated user' do
it 'does not update pipeline_schedule' do
put api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}")
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:unauthorized)
2017-09-10 17:25:29 +05:30
end
end
end
describe 'POST /projects/:id/pipeline_schedules/:pipeline_schedule_id/take_ownership' do
let(:pipeline_schedule) do
create(:ci_pipeline_schedule, project: project, owner: developer)
end
2022-05-03 16:02:30 +05:30
let(:project_maintainer) do
create(:user).tap { |u| project.add_maintainer(u) }
end
context 'as an authenticated user with valid permissions' do
2017-09-10 17:25:29 +05:30
it 'updates owner' do
2022-05-03 16:02:30 +05:30
expect { post api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/take_ownership", project_maintainer) }
.to change { pipeline_schedule.reload.owner }.from(developer).to(project_maintainer)
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:created)
2017-09-10 17:25:29 +05:30
expect(response).to match_response_schema('pipeline_schedule')
end
end
2022-05-03 16:02:30 +05:30
context 'as an authenticated user with invalid permissions' do
2017-09-10 17:25:29 +05:30
it 'does not update owner' do
post api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/take_ownership", user)
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:not_found)
2017-09-10 17:25:29 +05:30
end
end
2022-05-03 16:02:30 +05:30
context 'as an unauthenticated user' do
2017-09-10 17:25:29 +05:30
it 'does not update owner' do
post api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/take_ownership")
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:unauthorized)
2017-09-10 17:25:29 +05:30
end
end
2022-05-03 16:02:30 +05:30
context 'as the existing owner of the schedule' do
it 'rejects the request and leaves the schedule unchanged' do
expect do
post api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/take_ownership", developer)
end.not_to change { pipeline_schedule.reload.owner }
expect(response).to have_gitlab_http_status(:forbidden)
end
end
2017-09-10 17:25:29 +05:30
end
describe 'DELETE /projects/:id/pipeline_schedules/:pipeline_schedule_id' do
2018-11-18 11:00:15 +05:30
let(:maintainer) { create(:user) }
2017-09-10 17:25:29 +05:30
let!(:pipeline_schedule) do
create(:ci_pipeline_schedule, project: project, owner: developer)
end
before do
2018-11-18 11:00:15 +05:30
project.add_maintainer(maintainer)
2017-09-10 17:25:29 +05:30
end
context 'authenticated user with valid permissions' do
it 'deletes pipeline_schedule' do
expect do
2018-11-18 11:00:15 +05:30
delete api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", maintainer)
2017-09-10 17:25:29 +05:30
end.to change { project.pipeline_schedules.count }.by(-1)
2020-04-08 14:13:33 +05:30
expect(response).to have_gitlab_http_status(:no_content)
2017-09-10 17:25:29 +05:30
end
it 'responds with 404 Not Found if requesting non-existing pipeline_schedule' do
2018-11-18 11:00:15 +05:30
delete api("/projects/#{project.id}/pipeline_schedules/-5", maintainer)
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:not_found)
end
it_behaves_like '412 response' do
2018-11-18 11:00:15 +05:30
let(:request) { api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", maintainer) }
2017-09-10 17:25:29 +05:30
end
end
context 'authenticated user with invalid permissions' do
2018-11-18 11:00:15 +05:30
let!(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project, owner: maintainer) }
2017-09-10 17:25:29 +05:30
it 'does not delete pipeline_schedule' do
delete api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", developer)
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:forbidden)
2017-09-10 17:25:29 +05:30
end
end
context 'unauthenticated user' do
it 'does not delete pipeline_schedule' do
delete api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}")
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:unauthorized)
end
end
end
2020-03-13 15:44:24 +05:30
describe 'POST /projects/:id/pipeline_schedules/:pipeline_schedule_id/play' do
let_it_be(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project) }
let(:route) { ->(id) { "/projects/#{project.id}/pipeline_schedules/#{id}/play" } }
context 'authenticated user with `:play_pipeline_schedule` permission' do
it 'schedules a pipeline worker' do
project.add_developer(developer)
expect(RunPipelineScheduleWorker)
.to receive(:perform_async)
.with(pipeline_schedule.id, developer.id)
.and_call_original
post api(route[pipeline_schedule.id], developer)
expect(response).to have_gitlab_http_status(:created)
end
it 'renders an error if scheduling failed' do
project.add_developer(developer)
expect(RunPipelineScheduleWorker)
.to receive(:perform_async)
.with(pipeline_schedule.id, developer.id)
.and_return(nil)
post api(route[pipeline_schedule.id], developer)
expect(response).to have_gitlab_http_status(:internal_server_error)
end
end
context 'authenticated user with insufficient access' do
it 'responds with not found' do
project.add_guest(user)
post api(route[pipeline_schedule.id], user)
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'unauthenticated user' do
it 'responds with unauthorized' do
post api(route[pipeline_schedule.id])
expect(response).to have_gitlab_http_status(:unauthorized)
end
end
end
2018-03-17 18:26:18 +05:30
describe 'POST /projects/:id/pipeline_schedules/:pipeline_schedule_id/variables' do
let(:params) { attributes_for(:ci_pipeline_schedule_variable) }
2020-03-13 15:44:24 +05:30
let_it_be(:pipeline_schedule) do
2018-03-17 18:26:18 +05:30
create(:ci_pipeline_schedule, project: project, owner: developer)
end
context 'authenticated user with valid permissions' do
context 'with required parameters' do
it 'creates pipeline_schedule_variable' do
expect do
post api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/variables", developer),
2019-07-31 22:56:46 +05:30
params: params.merge(variable_type: 'file')
2018-03-17 18:26:18 +05:30
end.to change { pipeline_schedule.variables.count }.by(1)
expect(response).to have_gitlab_http_status(:created)
expect(response).to match_response_schema('pipeline_schedule_variable')
expect(json_response['key']).to eq(params[:key])
expect(json_response['value']).to eq(params[:value])
2019-07-31 22:56:46 +05:30
expect(json_response['variable_type']).to eq('file')
2018-03-17 18:26:18 +05:30
end
end
context 'without required parameters' do
it 'does not create pipeline_schedule_variable' do
post api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/variables", developer)
expect(response).to have_gitlab_http_status(:bad_request)
end
end
context 'when key has validation error' do
it 'does not create pipeline_schedule_variable' do
post api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/variables", developer),
2019-02-15 15:39:39 +05:30
params: params.merge('key' => '!?!?')
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:bad_request)
expect(json_response['message']).to have_key('key')
end
end
end
context 'authenticated user with invalid permissions' do
it 'does not create pipeline_schedule_variable' do
2019-02-15 15:39:39 +05:30
post api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/variables", user), params: params
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'unauthenticated user' do
it 'does not create pipeline_schedule_variable' do
2019-02-15 15:39:39 +05:30
post api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/variables"), params: params
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:unauthorized)
end
end
end
describe 'PUT /projects/:id/pipeline_schedules/:pipeline_schedule_id/variables/:key' do
2020-03-13 15:44:24 +05:30
let_it_be(:pipeline_schedule) do
2018-03-17 18:26:18 +05:30
create(:ci_pipeline_schedule, project: project, owner: developer)
end
let(:pipeline_schedule_variable) do
create(:ci_pipeline_schedule_variable, pipeline_schedule: pipeline_schedule)
end
context 'authenticated user with valid permissions' do
it 'updates pipeline_schedule_variable' do
put api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/variables/#{pipeline_schedule_variable.key}", developer),
2019-07-31 22:56:46 +05:30
params: { value: 'updated_value', variable_type: 'file' }
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:ok)
expect(response).to match_response_schema('pipeline_schedule_variable')
expect(json_response['value']).to eq('updated_value')
2019-07-31 22:56:46 +05:30
expect(json_response['variable_type']).to eq('file')
2018-03-17 18:26:18 +05:30
end
end
context 'authenticated user with invalid permissions' do
it 'does not update pipeline_schedule_variable' do
put api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/variables/#{pipeline_schedule_variable.key}", user)
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'unauthenticated user' do
it 'does not update pipeline_schedule_variable' do
put api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/variables/#{pipeline_schedule_variable.key}")
expect(response).to have_gitlab_http_status(:unauthorized)
end
end
end
describe 'DELETE /projects/:id/pipeline_schedules/:pipeline_schedule_id/variables/:key' do
2018-11-18 11:00:15 +05:30
let(:maintainer) { create(:user) }
2018-03-17 18:26:18 +05:30
2020-03-13 15:44:24 +05:30
let_it_be(:pipeline_schedule) do
2018-03-17 18:26:18 +05:30
create(:ci_pipeline_schedule, project: project, owner: developer)
end
let!(:pipeline_schedule_variable) do
create(:ci_pipeline_schedule_variable, pipeline_schedule: pipeline_schedule)
end
before do
2018-11-18 11:00:15 +05:30
project.add_maintainer(maintainer)
2018-03-17 18:26:18 +05:30
end
context 'authenticated user with valid permissions' do
it 'deletes pipeline_schedule_variable' do
expect do
2018-11-18 11:00:15 +05:30
delete api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/variables/#{pipeline_schedule_variable.key}", maintainer)
2018-03-17 18:26:18 +05:30
end.to change { Ci::PipelineScheduleVariable.count }.by(-1)
expect(response).to have_gitlab_http_status(:accepted)
expect(response).to match_response_schema('pipeline_schedule_variable')
end
it 'responds with 404 Not Found if requesting non-existing pipeline_schedule_variable' do
2018-11-18 11:00:15 +05:30
delete api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/variables/____", maintainer)
2018-03-17 18:26:18 +05:30
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'authenticated user with invalid permissions' do
2018-11-18 11:00:15 +05:30
let!(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project, owner: maintainer) }
2018-03-17 18:26:18 +05:30
it 'does not delete pipeline_schedule_variable' do
delete api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/variables/#{pipeline_schedule_variable.key}", developer)
expect(response).to have_gitlab_http_status(:forbidden)
end
end
context 'unauthenticated user' do
it 'does not delete pipeline_schedule_variable' do
delete api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}/variables/#{pipeline_schedule_variable.key}")
expect(response).to have_gitlab_http_status(:unauthorized)
2017-09-10 17:25:29 +05:30
end
end
end
end