From 301a30e0ea573c83c28358b2c856396fda878089 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Sun, 13 Dec 2015 11:43:17 -0800
Subject: [PATCH] Add project permissions to all project API endpoints
This standardizes all the project API formats. Also needed to support Huboard.
---
CHANGELOG | 1 +
doc/api/projects.md | 10 ++++++++++
lib/api/projects.rb | 6 +++---
spec/requests/api/projects_spec.rb | 13 +++++++++++++
4 files changed, 27 insertions(+), 3 deletions(-)
diff --git a/CHANGELOG b/CHANGELOG
index 851a8ed0145..8099951b095 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -2,6 +2,7 @@ Please view this file on the master branch, on stable branches it's out of date.
v 8.4.0 (unreleased)
- Implement new UI for group page
+ - Add project permissions to all project API endpoints (Stan Hu)
v 8.3.0
- Add CAS support (tduehr)
diff --git a/doc/api/projects.md b/doc/api/projects.md
index 658e65c6f01..0ca81ffd49e 100644
--- a/doc/api/projects.md
+++ b/doc/api/projects.md
@@ -118,6 +118,16 @@ Parameters:
"path": "brightbox",
"updated_at": "2013-09-30T13:46:02Z"
},
+ "permissions": {
+ "project_access": {
+ "access_level": 10,
+ "notification_level": 3
+ },
+ "group_access": {
+ "access_level": 50,
+ "notification_level": 3
+ }
+ },
"archived": false,
"avatar_url": null
}
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index 5e75cd35c56..a9e0960872a 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -25,7 +25,7 @@ module API
@projects = current_user.authorized_projects
@projects = filter_projects(@projects)
@projects = paginate @projects
- present @projects, with: Entities::Project
+ present @projects, with: Entities::ProjectWithAccess, user: current_user
end
# Get an owned projects list for authenticated user
@@ -36,7 +36,7 @@ module API
@projects = current_user.owned_projects
@projects = filter_projects(@projects)
@projects = paginate @projects
- present @projects, with: Entities::Project
+ present @projects, with: Entities::ProjectWithAccess, user: current_user
end
# Gets starred project for the authenticated user
@@ -59,7 +59,7 @@ module API
@projects = Project.all
@projects = filter_projects(@projects)
@projects = paginate @projects
- present @projects, with: Entities::Project
+ present @projects, with: Entities::ProjectWithAccess, user: current_user
end
# Get a single project
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index 01d2ec79482..7f0f9454b10 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -131,6 +131,7 @@ describe API::API, api: true do
expect(json_response).to satisfy do |response|
response.one? do |entry|
+ entry.has_key?('permissions') &&
entry['name'] == project.name &&
entry['owner']['username'] == user.username
end
@@ -382,6 +383,18 @@ describe API::API, api: true do
end
describe 'permissions' do
+ context 'all projects' do
+ it 'Contains permission information' do
+ project.team << [user, :master]
+ get api("/projects", user)
+
+ expect(response.status).to eq(200)
+ expect(json_response.first['permissions']['project_access']['access_level']).
+ to eq(Gitlab::Access::MASTER)
+ expect(json_response.first['permissions']['group_access']).to be_nil
+ end
+ end
+
context 'personal project' do
it 'Sets project access and returns 200' do
project.team << [user, :master]
--
GitLab