summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/api/README.md1
-rw-r--r--doc/api/groups.md45
-rw-r--r--lib/api.rb3
-rw-r--r--lib/api/entities.rb9
-rw-r--r--lib/api/groups.rb56
-rw-r--r--spec/requests/api/groups_spec.rb93
6 files changed, 206 insertions, 1 deletions
diff --git a/doc/api/README.md b/doc/api/README.md
index 65eec6bec3c..0618db7e369 100644
--- a/doc/api/README.md
+++ b/doc/api/README.md
@@ -32,6 +32,7 @@ When listing resources you can pass the following parameters:
+ [Users](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/users.md)
+ [Session](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/session.md)
+ [Projects](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/projects.md)
++ [Groups](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/groups.md)
+ [Snippets](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/snippets.md)
+ [Repositories](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/repositories.md)
+ [Issues](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/issues.md)
diff --git a/doc/api/groups.md b/doc/api/groups.md
new file mode 100644
index 00000000000..00a7387c76f
--- /dev/null
+++ b/doc/api/groups.md
@@ -0,0 +1,45 @@
+## List project groups
+
+Get a list of groups. (As user: my groups, as admin: all groups)
+
+```
+GET /groups
+```
+
+```json
+[
+ {
+ "id": 1,
+ "name": "Foobar Group",
+ "path": "foo-bar",
+ "owner_id": 18
+ }
+]
+```
+
+## Details of group
+
+Get all details of a group.
+
+```
+GET /groups/:id
+```
+
+Parameters:
+
++ `id` (required) - The ID of a group
+
+## New group
+
+Create a new project group. Available only for admin
+
+```
+POST /groups
+```
+
+Parameters:
++ `name` (required) - Email
++ `path` - Password
+
+Will return created group with status `201 Created` on success, or `404 Not found` on fail.
+
diff --git a/lib/api.rb b/lib/api.rb
index f58b82ff98e..81a5919f1d3 100644
--- a/lib/api.rb
+++ b/lib/api.rb
@@ -11,7 +11,8 @@ module Gitlab
format :json
error_format :json
helpers APIHelpers
-
+
+ mount Groups
mount Users
mount Projects
mount Issues
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 5cbb1118a89..c1873d87b55 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -32,6 +32,15 @@ module Gitlab
end
end
+ class Group < Grape::Entity
+ expose :id, :name, :path, :owner_id
+ end
+
+ class GroupDetail < Group
+ expose :projects, using: Entities::Project
+ end
+
+
class RepoObject < Grape::Entity
expose :name, :commit
expose :protected do |repo, options|
diff --git a/lib/api/groups.rb b/lib/api/groups.rb
new file mode 100644
index 00000000000..a67caef0bc5
--- /dev/null
+++ b/lib/api/groups.rb
@@ -0,0 +1,56 @@
+module Gitlab
+ # groups API
+ class Groups < Grape::API
+ before { authenticate! }
+
+ resource :groups do
+ # Get a groups list
+ #
+ # Example Request:
+ # GET /groups
+ get do
+ if current_user.admin
+ @groups = paginate Group
+ else
+ @groups = paginate current_user.groups
+ end
+ present @groups, with: Entities::Group
+ end
+
+ # Create group. Available only for admin
+ #
+ # Parameters:
+ # name (required) - Name
+ # path (required) - Path
+ # Example Request:
+ # POST /groups
+ post do
+ authenticated_as_admin!
+ attrs = attributes_for_keys [:name, :path]
+ @group = Group.new(attrs)
+ @group.owner = current_user
+
+ if @group.save
+ present @group, with: Entities::Group
+ else
+ not_found!
+ end
+ end
+
+ # Get a single group, with containing projects
+ #
+ # Parameters:
+ # id (required) - The ID of a group
+ # Example Request:
+ # GET /groups/:id
+ get ":id" do
+ @group = Group.find(params[:id])
+ if current_user.admin or current_user.groups.include? @group
+ present @group, with: Entities::GroupDetail
+ else
+ not_found!
+ end
+ end
+ end
+ end
+end
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
new file mode 100644
index 00000000000..c39a4228408
--- /dev/null
+++ b/spec/requests/api/groups_spec.rb
@@ -0,0 +1,93 @@
+require 'spec_helper'
+
+describe Gitlab::API do
+ include ApiHelpers
+
+ let(:user1) { create(:user) }
+ let(:user2) { create(:user) }
+ let(:admin) { create(:admin) }
+ let!(:group1) { create(:group, owner: user1) }
+ let!(:group2) { create(:group, owner: user2) }
+
+ describe "GET /groups" do
+ context "when unauthenticated" do
+ it "should return authentication error" do
+ get api("/groups")
+ response.status.should == 401
+ end
+ end
+
+ context "when authenticated as user" do
+ it "normal user: should return an array of groups of user1" do
+ get api("/groups", user1)
+ response.status.should == 200
+ json_response.should be_an Array
+ json_response.length.should == 1
+ json_response.first['name'].should == group1.name
+ end
+ end
+
+ context "when authenticated as admin" do
+ it "admin: should return an array of all groups" do
+ get api("/groups", admin)
+ response.status.should == 200
+ json_response.should be_an Array
+ json_response.length.should == 2
+ end
+ end
+ end
+
+ describe "GET /groups/:id" do
+ context "when authenticated as user" do
+ it "should return one of user1's groups" do
+ get api("/groups/#{group1.id}", user1)
+ response.status.should == 200
+ json_response['name'] == group1.name
+ end
+
+ it "should not return a non existing group" do
+ get api("/groups/1328", user1)
+ response.status.should == 404
+ end
+
+ it "should not return a group not attached to user1" do
+ get api("/groups/#{group2.id}", user1)
+ response.status.should == 404
+ end
+ end
+
+ context "when authenticated as admin" do
+ it "should return any existing group" do
+ get api("/groups/#{group2.id}", admin)
+ response.status.should == 200
+ json_response['name'] == group2.name
+ end
+
+ it "should not return a non existing group" do
+ get api("/groups/1328", admin)
+ response.status.should == 404
+ end
+ end
+ end
+
+ describe "POST /groups" do
+ context "when authenticated as user" do
+ it "should not create group" do
+ post api("/groups", user1), attributes_for(:group)
+ response.status.should == 403
+ end
+ end
+
+ context "when authenticated as admin" do
+ it "should create group" do
+ post api("/groups", admin), attributes_for(:group)
+ response.status.should == 201
+ end
+
+ it "should not create group, duplicate" do
+ post api("/groups", admin), {:name => "Duplicate Test", :path => group2.path}
+ response.status.should == 404
+ end
+ end
+ end
+end