2014-09-02 18:07:02 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
require 'mime/types'
|
|
|
|
|
|
|
|
describe API::API, api: true do
|
|
|
|
include ApiHelpers
|
|
|
|
|
|
|
|
let(:user) { create(:user) }
|
|
|
|
let(:user2) { create(:user) }
|
|
|
|
let!(:project) { create(:project, creator_id: user.id) }
|
2016-06-02 11:05:42 +05:30
|
|
|
let!(:master) { create(:project_member, :master, user: user, project: project) }
|
|
|
|
let!(:guest) { create(:project_member, :guest, user: user2, project: project) }
|
2014-09-02 18:07:02 +05:30
|
|
|
let!(:branch_name) { 'feature' }
|
|
|
|
let!(:branch_sha) { '0b4bc9a49b562e85de7cc9e834518ea6828729b9' }
|
|
|
|
|
|
|
|
describe "GET /projects/:id/repository/branches" do
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns an array of project branches" do
|
2015-09-11 14:41:01 +05:30
|
|
|
project.repository.expire_cache
|
|
|
|
|
2014-09-02 18:07:02 +05:30
|
|
|
get api("/projects/#{project.id}/repository/branches", user)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(200)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(json_response).to be_an Array
|
2015-09-11 14:41:01 +05:30
|
|
|
branch_names = json_response.map { |x| x['name'] }
|
|
|
|
expect(branch_names).to match_array(project.repository.branch_names)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "GET /projects/:id/repository/branches/:branch" do
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns the branch information for a single branch" do
|
2014-09-02 18:07:02 +05:30
|
|
|
get api("/projects/#{project.id}/repository/branches/#{branch_name}", user)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(200)
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(json_response['name']).to eq(branch_name)
|
|
|
|
expect(json_response['commit']['id']).to eq(branch_sha)
|
|
|
|
expect(json_response['protected']).to eq(false)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(json_response['developers_can_push']).to eq(false)
|
|
|
|
expect(json_response['developers_can_merge']).to eq(false)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns a 403 error if guest" do
|
2014-09-02 18:07:02 +05:30
|
|
|
get api("/projects/#{project.id}/repository/branches", user2)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(403)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns a 404 error if branch is not available" do
|
2014-09-02 18:07:02 +05:30
|
|
|
get api("/projects/#{project.id}/repository/branches/unknown", user)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(404)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-08-24 12:49:21 +05:30
|
|
|
describe 'PUT /projects/:id/repository/branches/:branch/protect' do
|
2016-11-03 12:29:30 +05:30
|
|
|
context "when a protected branch doesn't already exist" do
|
|
|
|
it 'protects a single branch' do
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/protect", user)
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2016-11-03 12:29:30 +05:30
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
expect(json_response['name']).to eq(branch_name)
|
|
|
|
expect(json_response['commit']['id']).to eq(branch_sha)
|
|
|
|
expect(json_response['protected']).to eq(true)
|
|
|
|
expect(json_response['developers_can_push']).to eq(false)
|
|
|
|
expect(json_response['developers_can_merge']).to eq(false)
|
|
|
|
end
|
2016-08-24 12:49:21 +05:30
|
|
|
|
2016-11-03 12:29:30 +05:30
|
|
|
it 'protects a single branch and developers can push' do
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/protect", user),
|
|
|
|
developers_can_push: true
|
2016-08-24 12:49:21 +05:30
|
|
|
|
2016-11-03 12:29:30 +05:30
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
expect(json_response['name']).to eq(branch_name)
|
|
|
|
expect(json_response['commit']['id']).to eq(branch_sha)
|
|
|
|
expect(json_response['protected']).to eq(true)
|
|
|
|
expect(json_response['developers_can_push']).to eq(true)
|
|
|
|
expect(json_response['developers_can_merge']).to eq(false)
|
|
|
|
end
|
2016-08-24 12:49:21 +05:30
|
|
|
|
2016-11-03 12:29:30 +05:30
|
|
|
it 'protects a single branch and developers can merge' do
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/protect", user),
|
|
|
|
developers_can_merge: true
|
2016-08-24 12:49:21 +05:30
|
|
|
|
2016-11-03 12:29:30 +05:30
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
expect(json_response['name']).to eq(branch_name)
|
|
|
|
expect(json_response['commit']['id']).to eq(branch_sha)
|
|
|
|
expect(json_response['protected']).to eq(true)
|
|
|
|
expect(json_response['developers_can_push']).to eq(false)
|
|
|
|
expect(json_response['developers_can_merge']).to eq(true)
|
|
|
|
end
|
2016-08-24 12:49:21 +05:30
|
|
|
|
2016-11-03 12:29:30 +05:30
|
|
|
it 'protects a single branch and developers can push and merge' do
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/protect", user),
|
|
|
|
developers_can_push: true, developers_can_merge: true
|
2016-08-24 12:49:21 +05:30
|
|
|
|
2016-11-03 12:29:30 +05:30
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
expect(json_response['name']).to eq(branch_name)
|
|
|
|
expect(json_response['commit']['id']).to eq(branch_sha)
|
|
|
|
expect(json_response['protected']).to eq(true)
|
|
|
|
expect(json_response['developers_can_push']).to eq(true)
|
|
|
|
expect(json_response['developers_can_merge']).to eq(true)
|
|
|
|
end
|
2016-08-24 12:49:21 +05:30
|
|
|
|
2016-11-03 12:29:30 +05:30
|
|
|
it 'protects a single branch and developers cannot push and merge' do
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/protect", user),
|
|
|
|
developers_can_push: 'tru', developers_can_merge: 'tr'
|
2016-08-24 12:49:21 +05:30
|
|
|
|
2016-11-03 12:29:30 +05:30
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
expect(json_response['name']).to eq(branch_name)
|
|
|
|
expect(json_response['commit']['id']).to eq(branch_sha)
|
|
|
|
expect(json_response['protected']).to eq(true)
|
|
|
|
expect(json_response['developers_can_push']).to eq(false)
|
|
|
|
expect(json_response['developers_can_merge']).to eq(false)
|
|
|
|
end
|
2016-08-24 12:49:21 +05:30
|
|
|
end
|
|
|
|
|
2016-11-03 12:29:30 +05:30
|
|
|
context 'for an existing protected branch' do
|
2016-08-24 12:49:21 +05:30
|
|
|
before do
|
2016-11-03 12:29:30 +05:30
|
|
|
project.repository.add_branch(user, protected_branch.name, 'master')
|
2016-08-24 12:49:21 +05:30
|
|
|
end
|
|
|
|
|
2016-11-03 12:29:30 +05:30
|
|
|
context "when developers can push and merge" do
|
|
|
|
let(:protected_branch) { create(:protected_branch, :developers_can_push, :developers_can_merge, project: project, name: 'protected_branch') }
|
|
|
|
|
|
|
|
it 'updates that a developer cannot push or merge' do
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{protected_branch.name}/protect", user),
|
|
|
|
developers_can_push: false, developers_can_merge: false
|
|
|
|
|
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
expect(json_response['name']).to eq(protected_branch.name)
|
|
|
|
expect(json_response['protected']).to eq(true)
|
|
|
|
expect(json_response['developers_can_push']).to eq(false)
|
|
|
|
expect(json_response['developers_can_merge']).to eq(false)
|
|
|
|
end
|
|
|
|
|
|
|
|
it "doesn't result in 0 access levels when 'developers_can_push' is switched off" do
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{protected_branch.name}/protect", user),
|
|
|
|
developers_can_push: false
|
|
|
|
|
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
expect(json_response['name']).to eq(protected_branch.name)
|
|
|
|
expect(protected_branch.reload.push_access_levels.first).to be_present
|
|
|
|
expect(protected_branch.reload.push_access_levels.first.access_level).to eq(Gitlab::Access::MASTER)
|
|
|
|
end
|
|
|
|
|
|
|
|
it "doesn't result in 0 access levels when 'developers_can_merge' is switched off" do
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{protected_branch.name}/protect", user),
|
|
|
|
developers_can_merge: false
|
|
|
|
|
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
expect(json_response['name']).to eq(protected_branch.name)
|
|
|
|
expect(protected_branch.reload.merge_access_levels.first).to be_present
|
|
|
|
expect(protected_branch.reload.merge_access_levels.first.access_level).to eq(Gitlab::Access::MASTER)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context "when developers cannot push or merge" do
|
|
|
|
let(:protected_branch) { create(:protected_branch, project: project, name: 'protected_branch') }
|
|
|
|
|
|
|
|
it 'updates that a developer can push and merge' do
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{protected_branch.name}/protect", user),
|
|
|
|
developers_can_push: true, developers_can_merge: true
|
|
|
|
|
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
expect(json_response['name']).to eq(protected_branch.name)
|
|
|
|
expect(json_response['protected']).to eq(true)
|
|
|
|
expect(json_response['developers_can_push']).to eq(true)
|
|
|
|
expect(json_response['developers_can_merge']).to eq(true)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context "multiple API calls" do
|
|
|
|
it "returns success when `protect` is called twice" do
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/protect", user)
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/protect", user)
|
2016-08-24 12:49:21 +05:30
|
|
|
|
|
|
|
expect(response).to have_http_status(200)
|
2016-11-03 12:29:30 +05:30
|
|
|
expect(json_response['name']).to eq(branch_name)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(json_response['protected']).to eq(true)
|
|
|
|
expect(json_response['developers_can_push']).to eq(false)
|
|
|
|
expect(json_response['developers_can_merge']).to eq(false)
|
|
|
|
end
|
|
|
|
|
2016-11-03 12:29:30 +05:30
|
|
|
it "returns success when `protect` is called twice with `developers_can_push` turned on" do
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/protect", user), developers_can_push: true
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/protect", user), developers_can_push: true
|
2016-08-24 12:49:21 +05:30
|
|
|
|
|
|
|
expect(response).to have_http_status(200)
|
2016-11-03 12:29:30 +05:30
|
|
|
expect(json_response['name']).to eq(branch_name)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(json_response['protected']).to eq(true)
|
|
|
|
expect(json_response['developers_can_push']).to eq(true)
|
2016-11-03 12:29:30 +05:30
|
|
|
expect(json_response['developers_can_merge']).to eq(false)
|
|
|
|
end
|
|
|
|
|
|
|
|
it "returns success when `protect` is called twice with `developers_can_merge` turned on" do
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/protect", user), developers_can_merge: true
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/protect", user), developers_can_merge: true
|
|
|
|
|
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
expect(json_response['name']).to eq(branch_name)
|
|
|
|
expect(json_response['protected']).to eq(true)
|
|
|
|
expect(json_response['developers_can_push']).to eq(false)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(json_response['developers_can_merge']).to eq(true)
|
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns a 404 error if branch not found" do
|
2014-09-02 18:07:02 +05:30
|
|
|
put api("/projects/#{project.id}/repository/branches/unknown/protect", user)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(404)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns a 403 error if guest" do
|
2014-09-02 18:07:02 +05:30
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/protect", user2)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(403)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "PUT /projects/:id/repository/branches/:branch/unprotect" do
|
2016-09-13 17:45:13 +05:30
|
|
|
it "unprotects a single branch" do
|
2014-09-02 18:07:02 +05:30
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/unprotect", user)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(200)
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(json_response['name']).to eq(branch_name)
|
|
|
|
expect(json_response['commit']['id']).to eq(branch_sha)
|
|
|
|
expect(json_response['protected']).to eq(false)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns success when unprotect branch" do
|
2014-09-02 18:07:02 +05:30
|
|
|
put api("/projects/#{project.id}/repository/branches/unknown/unprotect", user)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(404)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "returns success when unprotect branch again" do
|
2014-09-02 18:07:02 +05:30
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/unprotect", user)
|
|
|
|
put api("/projects/#{project.id}/repository/branches/#{branch_name}/unprotect", user)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(200)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "POST /projects/:id/repository/branches" do
|
2016-09-13 17:45:13 +05:30
|
|
|
it "creates a new branch" do
|
2014-09-02 18:07:02 +05:30
|
|
|
post api("/projects/#{project.id}/repository/branches", user),
|
2015-04-26 12:48:37 +05:30
|
|
|
branch_name: 'feature1',
|
|
|
|
ref: branch_sha
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(201)
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(json_response['name']).to eq('feature1')
|
|
|
|
expect(json_response['commit']['id']).to eq(branch_sha)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "denies for user without push access" do
|
2014-09-02 18:07:02 +05:30
|
|
|
post api("/projects/#{project.id}/repository/branches", user2),
|
2015-04-26 12:48:37 +05:30
|
|
|
branch_name: branch_name,
|
|
|
|
ref: branch_sha
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(403)
|
2015-04-26 12:48:37 +05:30
|
|
|
end
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it 'returns 400 if branch name is invalid' do
|
2015-04-26 12:48:37 +05:30
|
|
|
post api("/projects/#{project.id}/repository/branches", user),
|
|
|
|
branch_name: 'new design',
|
|
|
|
ref: branch_sha
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(400)
|
2016-01-14 18:37:52 +05:30
|
|
|
expect(json_response['message']).to eq('Branch name is invalid')
|
2015-04-26 12:48:37 +05:30
|
|
|
end
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it 'returns 400 if branch already exists' do
|
2015-04-26 12:48:37 +05:30
|
|
|
post api("/projects/#{project.id}/repository/branches", user),
|
|
|
|
branch_name: 'new_design1',
|
|
|
|
ref: branch_sha
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(201)
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2015-04-26 12:48:37 +05:30
|
|
|
post api("/projects/#{project.id}/repository/branches", user),
|
|
|
|
branch_name: 'new_design1',
|
|
|
|
ref: branch_sha
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(400)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(json_response['message']).to eq('Branch already exists')
|
|
|
|
end
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it 'returns 400 if ref name is invalid' do
|
2015-04-26 12:48:37 +05:30
|
|
|
post api("/projects/#{project.id}/repository/branches", user),
|
|
|
|
branch_name: 'new_design3',
|
|
|
|
ref: 'foo'
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(400)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(json_response['message']).to eq('Invalid reference name')
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "DELETE /projects/:id/repository/branches/:branch" do
|
2015-09-11 14:41:01 +05:30
|
|
|
before do
|
|
|
|
allow_any_instance_of(Repository).to receive(:rm_branch).and_return(true)
|
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "removes branch" do
|
2014-09-02 18:07:02 +05:30
|
|
|
delete api("/projects/#{project.id}/repository/branches/#{branch_name}", user)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(200)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(json_response['branch_name']).to eq(branch_name)
|
|
|
|
end
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it 'returns 404 if branch not exists' do
|
2015-04-26 12:48:37 +05:30
|
|
|
delete api("/projects/#{project.id}/repository/branches/foobar", user)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(404)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "removes protected branch" do
|
|
|
|
create(:protected_branch, project: project, name: branch_name)
|
2014-09-02 18:07:02 +05:30
|
|
|
delete api("/projects/#{project.id}/repository/branches/#{branch_name}", user)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(405)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(json_response['message']).to eq('Protected branch cant be removed')
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2016-09-13 17:45:13 +05:30
|
|
|
it "does not remove HEAD branch" do
|
2014-09-02 18:07:02 +05:30
|
|
|
delete api("/projects/#{project.id}/repository/branches/master", user)
|
2016-08-24 12:49:21 +05:30
|
|
|
expect(response).to have_http_status(405)
|
2015-04-26 12:48:37 +05:30
|
|
|
expect(json_response['message']).to eq('Cannot remove HEAD branch')
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|