diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index f8c9701ecaf714103118b4e75bca7779ca1fa78d..02f10b60cb745cf403e61cb064c1ac8e35374b45 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -368,6 +368,10 @@ module Gitlab
post ":id/snippets" do
authorize! :write_snippet, user_project
+ error!("Title not given", 400) if !params[:title].present?
+ error!("Filename not given", 400) if !params[:file_name].present?
+ error!("Code not given", 400) if !params[:code].present?
+
attrs = attributes_for_keys [:title, :file_name]
attrs[:expires_at] = params[:lifetime] if params[:lifetime].present?
attrs[:content] = params[:code] if params[:code].present?
@@ -415,10 +419,12 @@ module Gitlab
# Example Request:
# DELETE /projects/:id/snippets/:snippet_id
delete ":id/snippets/:snippet_id" do
- @snippet = user_project.snippets.find(params[:snippet_id])
- authorize! :modify_snippet, @snippet
-
- @snippet.destroy
+ begin
+ @snippet = user_project.snippets.find(params[:snippet_id])
+ authorize! :modify_snippet, user_project
+ @snippet.destroy
+ rescue
+ end
end
# Get a raw project snippet
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index 7a3677d157d1d87b76235dfe146245e639192602..a04c2318a797c604927b242466d6593c5c6fb820 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -411,6 +411,18 @@ describe Gitlab::API do
file_name: 'sample.rb', code: 'test'
response.status.should == 400
end
+
+ it "should return a 400 error if file_name not given" do
+ post api("/projects/#{project.id}/snippets", user),
+ title: 'api test', code: 'test'
+ response.status.should == 400
+ end
+
+ it "should return a 400 error if code not given" do
+ post api("/projects/#{project.id}/snippets", user),
+ title: 'api test', file_name: 'sample.rb'
+ response.status.should == 400
+ end
end
describe "PUT /projects/:id/snippets/:shippet_id" do
@@ -421,6 +433,13 @@ describe Gitlab::API do
json_response['title'].should == 'example'
snippet.reload.content.should == 'updated code'
end
+
+ it "should update an existing project snippet with new title" do
+ put api("/projects/#{project.id}/snippets/#{snippet.id}", user),
+ title: 'other api test'
+ response.status.should == 200
+ json_response['title'].should == 'other api test'
+ end
end
describe "DELETE /projects/:id/snippets/:snippet_id" do
@@ -428,6 +447,12 @@ describe Gitlab::API do
expect {
delete api("/projects/#{project.id}/snippets/#{snippet.id}", user)
}.to change { Snippet.count }.by(-1)
+ response.status.should == 200
+ end
+
+ it "should return success when deleting unknown snippet id" do
+ delete api("/projects/#{project.id}/snippets/1234", user)
+ response.status.should == 200
end
end
@@ -436,6 +461,11 @@ describe Gitlab::API do
get api("/projects/#{project.id}/snippets/#{snippet.id}/raw", user)
response.status.should == 200
end
+
+ it "should return a 404 error if raw project snippet not found" do
+ get api("/projects/#{project.id}/snippets/5555/raw", user)
+ response.status.should == 404
+ end
end
describe "GET /projects/:id/:sha/blob" do