Merge branch 'project-permissions' into 'master'

API: Project permissions
author: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-03-17 13:30:28 +0000
committer: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-03-17 13:30:28 +0000
commit: 0f204c3222e741e1dbd732f30a676c81a45abaa4 (patch)
tree: ca4b16aac3a74a9dc2a1c41f2416cf4bda80acf3
parent: 63a8af677af4eba9099cb0cd901549d669d570e2 (diff)
parent: c02e3d441b6ef35bdbb4a45829f47369aa911690 (diff)
download: gitlab-ce-0f204c3222e741e1dbd732f30a676c81a45abaa4.tar.gz
6 files changed, 72 insertions, 20 deletions
diff --git a/Gemfile b/Gemfile
index dc7b60dd380..e3acf4a153d 100644
--- a/Gemfile
+++ b/Gemfile
@@ -48,7 +48,8 @@ gem "gitlab-linguist", "~> 3.0.0", require: "linguist"
 
 # API
 gem "grape", "~> 0.6.1"
-gem "grape-entity", "~> 0.3.0"
+# Replace with rubygems when nesteted entities get released
+gem "grape-entity", "~> 0.4.1", ref: 'd904381c951e86250c3f44213b349a3dd8e83fb1', git: 'https://github.com/intridea/grape-entity.git' 
 gem 'rack-cors', require: 'rack/cors'
 
 # Email validation
diff --git a/Gemfile.lock b/Gemfile.lock
index 615ad62112a..52d6ac31463 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -5,6 +5,15 @@ GIT
   specs:
     github-markup (0.7.6)
 
+GIT
+  remote: https://github.com/intridea/grape-entity.git
+  revision: d904381c951e86250c3f44213b349a3dd8e83fb1
+  ref: d904381c951e86250c3f44213b349a3dd8e83fb1
+  specs:
+    grape-entity (0.4.1)
+      activesupport
+      multi_json (>= 1.3.2)
+
 GEM
   remote: https://rubygems.org/
   specs:
@@ -206,9 +215,6 @@ GEM
       rack-accept
       rack-mount
       virtus (>= 1.0.0)
-    grape-entity (0.3.0)
-      activesupport
-      multi_json (>= 1.3.2)
     growl (1.0.3)
     guard (2.2.4)
       formatador (>= 0.2.4)
@@ -596,7 +602,7 @@ DEPENDENCIES
   gitlab_omniauth-ldap (= 1.0.4)
   gon (~> 5.0.0)
   grape (~> 0.6.1)
-  grape-entity (~> 0.3.0)
+  grape-entity (~> 0.4.1)!
   growl
   guard-rspec
   guard-spinach
diff --git a/doc/api/projects.md b/doc/api/projects.md
index e795298c672..6e82ddd9903 100644
--- a/doc/api/projects.md
+++ b/doc/api/projects.md
@@ -148,6 +148,16 @@ Parameters:
     "path": "diaspora",
     "updated_at": "2013-09-30T13: 46: 02Z"
   }
+  "permissions": {
+    "project_access": {
+      "access_level": 10,
+      "notification_level": 3
+    },
+    "group_access": {
+      "access_level": 50,
+      "notification_level": 3
+    }
+  }
 }
 ```
 
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 9c9c7fcd6ea..8b4519af2d1 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -44,7 +44,7 @@ module API
       expose :id, :description, :default_branch
       expose :public?, as: :public
       expose :visibility_level, :ssh_url_to_repo, :http_url_to_repo, :web_url
-      expose :owner, using: Entities::UserBasic
+      expose :owner, using: Entities::UserBasic, unless: ->(project, options) { project.group }
       expose :name, :name_with_namespace
       expose :path, :path_with_namespace
       expose :issues_enabled, :merge_requests_enabled, :wall_enabled, :wiki_enabled, :snippets_enabled, :created_at, :last_activity_at
@@ -58,18 +58,6 @@ module API
       end
     end
 
-    class TeamMember < UserBasic
-      expose :permission, as: :access_level do |user, options|
-        options[:user_team].user_team_user_relationships.find_by(user_id: user.id).permission
-      end
-    end
-
-    class TeamProject < Project
-      expose :greatest_access, as: :greatest_access_level do |project, options|
-        options[:user_team].user_team_project_relationships.find_by(project_id: project.id).greatest_access
-      end
-    end
-
     class Group < Grape::Entity
       expose :id, :name, :path, :owner_id
     end
@@ -144,7 +132,7 @@ module API
     end
 
     class MergeRequest < ProjectEntity
-      expose :target_branch, :source_branch, :title, :state, :upvotes, :downvotes
+      expose :target_branch, :source_branch, :title, :state, :upvotes, :downvotes, :description
       expose :author, :assignee, using: Entities::UserBasic
       expose :source_project_id, :target_project_id
     end
@@ -175,5 +163,29 @@ module API
     class Namespace < Grape::Entity
       expose :id, :path, :kind
     end
+
+    class ProjectAccess < Grape::Entity
+      expose :project_access, as: :access_level
+      expose :notification_level
+    end
+
+    class GroupAccess < Grape::Entity
+      expose :group_access, as: :access_level
+      expose :notification_level
+    end
+
+    class ProjectWithAccess < Project
+      expose :permissions do
+        expose :project_access, using: Entities::ProjectAccess do |project, options|
+          project.users_projects.find_by(user_id: options[:user].id)
+        end
+
+        expose :group_access, using: Entities::GroupAccess do |project, options|
+          if project.group
+            project.group.users_groups.find_by(user_id: options[:user].id)
+          end
+        end
+      end
+    end
   end
 end
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index 618a582a451..4d48d2194f8 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -48,7 +48,7 @@ module API
       # Example Request:
       #   GET /projects/:id
       get ":id" do
-        present user_project, with: Entities::Project
+        present user_project, with: Entities::ProjectWithAccess, user: current_user
       end
 
       # Get a single project events
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index b4b5f606eee..cb30c98b4d2 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -259,6 +259,7 @@ describe API::API do
 
   describe "GET /projects/:id" do
     before { project }
+    before { users_project }
 
     it "should return a project by id" do
       get api("/projects/#{project.id}", user)
@@ -284,6 +285,28 @@ describe API::API do
       get api("/projects/#{project.id}", other_user)
       response.status.should == 404
     end
+
+    describe 'permissions' do
+      context 'personal project' do
+        before { get api("/projects/#{project.id}", user) }
+
+        it { response.status.should == 200 }
+        it { json_response['permissions']["project_access"]["access_level"].should == Gitlab::Access::MASTER }
+        it { json_response['permissions']["group_access"].should be_nil }
+      end
+
+      context 'group project' do
+        before do
+          project2 = create(:project, group: create(:group))
+          project2.group.add_owner(user)
+          get api("/projects/#{project2.id}", user)
+        end
+
+        it { response.status.should == 200 }
+        it { json_response['permissions']["project_access"].should be_nil }
+        it { json_response['permissions']["group_access"]["access_level"].should == Gitlab::Access::OWNER }
+      end
+    end
   end
 
   describe "GET /projects/:id/events" do
author	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-03-17 13:30:28 +0000
committer	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2014-03-17 13:30:28 +0000
commit	0f204c3222e741e1dbd732f30a676c81a45abaa4 (patch)
tree	ca4b16aac3a74a9dc2a1c41f2416cf4bda80acf3
parent	63a8af677af4eba9099cb0cd901549d669d570e2 (diff)
parent	c02e3d441b6ef35bdbb4a45829f47369aa911690 (diff)
download	gitlab-ce-0f204c3222e741e1dbd732f30a676c81a45abaa4.tar.gz