From 8248e1f2b83895f394a3fecd25dcea4a8b40303b Mon Sep 17 00:00:00 2001
From: Izaak Alpert <ialpert@blackberry.com>
Date: Wed, 4 Sep 2013 11:19:03 -0400
Subject: Add group membership api

Change-Id: I5b174bba02856ede788dcb51ec9b0d598ea7d0df
---
 lib/api/entities.rb |  6 +++++
 lib/api/groups.rb   | 73 ++++++++++++++++++++++++++++++++++++++++++++++++-----
 2 files changed, 73 insertions(+), 6 deletions(-)

(limited to 'lib/api')

diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index f15ca35e954..1f35e9ec5fc 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -67,6 +67,12 @@ module API
       expose :projects, using: Entities::Project
     end
 
+    class GroupMember < UserBasic
+      expose :group_access, as: :access_level do |user, options|
+        options[:group].users_groups.find_by_user_id(user.id).group_access
+      end
+    end
+
     class RepoObject < Grape::Entity
       expose :name, :commit
       expose :protected do |repo, options|
diff --git a/lib/api/groups.rb b/lib/api/groups.rb
index 701f6777b77..54393740867 100644
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -4,6 +4,19 @@ module API
     before { authenticate! }
 
     resource :groups do
+      helpers do
+        def find_group(id)
+          group = Group.find(id)
+          if current_user.admin or current_user.groups.include? group
+            group
+          else
+            render_api_error!("403 Forbidden - #{current_user.username} lacks sufficient access to #{group.name}", 403)
+          end
+        end
+        def validate_access_level?(level)
+          [UsersGroup::GUEST, UsersGroup::REPORTER, UsersGroup::DEVELOPER, UsersGroup::MASTER].include? level.to_i
+        end
+      end
       # Get a groups list
       #
       # Example Request:
@@ -46,12 +59,8 @@ module API
       # Example Request:
       #   GET /groups/:id
       get ":id" do
-        @group = Group.find(params[:id])
-        if current_user.admin or current_user.groups.include? @group
-          present @group, with: Entities::GroupDetail
-        else
-          not_found!
-        end
+        group = find_group(params[:id])
+        present group, with: Entities::GroupDetail
       end
 
       # Transfer a project to the Group namespace
@@ -71,6 +80,58 @@ module API
           not_found!
         end
       end
+
+      # Get a list of group members viewable by the authenticated user.
+      #
+      # Example Request:
+      #  GET /groups/:id/members
+      get ":id/members" do
+        group = find_group(params[:id])
+        members = group.users_groups
+        users = (paginate members).collect { | member| member.user}
+        present users, with: Entities::GroupMember, group: group
+      end
+
+      # Add a user to the list of group members
+      #
+      # Parameters:
+      #   id (required) - group id
+      #   user_id (required) - the users id
+      #   access_level (required) - Project access level
+      # Example Request:
+      #  POST /groups/:id/members
+      post ":id/members" do
+        required_attributes! [:user_id, :access_level]
+        if not validate_access_level?(params[:access_level])
+          render_api_error!("Wrong access level", 422)
+        end
+        group = find_group(params[:id])
+        if group.users_groups.find_by_user_id(params[:user_id])
+          render_api_error!("Already exists", 409)
+        end
+        group.add_users([params[:user_id]], params[:access_level])
+        member = group.users_groups.find_by_user_id(params[:user_id])
+        present member.user, with: Entities::GroupMember, group: group
+      end
+
+      # Remove member.
+      #
+      # Parameters:
+      #   id (required) - group id
+      #   user_id (required) - the users id
+      #
+      # Example Request:
+      #   DELETE /groups/:id/members/:user_id
+      delete ":id/members/:user_id" do
+        group = find_group(params[:id])
+        member =  group.users_groups.find_by_user_id(params[:user_id])
+        if member.nil?
+          render_api_error!("404 Not Found - user_id:#{params[:user_id]} not a member of group #{group.name}",404)
+        else
+          member.destroy
+        end
+      end
+
     end
   end
 end
-- 
cgit v1.2.1


From fadcc251899095e37b97091a03b2025b1f39c7a6 Mon Sep 17 00:00:00 2001
From: Izaak Alpert <ialpert@blackberry.com>
Date: Thu, 5 Sep 2013 10:17:40 -0400
Subject: Fixes for @randx

Change-Id: I3b15ae34c0957a0f4026e1886c92a9770e9d170e
---
 lib/api/groups.rb | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'lib/api')

diff --git a/lib/api/groups.rb b/lib/api/groups.rb
index 54393740867..396554404af 100644
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -14,9 +14,10 @@ module API
           end
         end
         def validate_access_level?(level)
-          [UsersGroup::GUEST, UsersGroup::REPORTER, UsersGroup::DEVELOPER, UsersGroup::MASTER].include? level.to_i
+          Gitlab::Access.options_with_owner.values.include? level.to_i
         end
       end
+
       # Get a groups list
       #
       # Example Request:
@@ -88,7 +89,7 @@ module API
       get ":id/members" do
         group = find_group(params[:id])
         members = group.users_groups
-        users = (paginate members).collect { | member| member.user}
+        users = (paginate members).collect(&:user)
         present users, with: Entities::GroupMember, group: group
       end
 
@@ -102,7 +103,7 @@ module API
       #  POST /groups/:id/members
       post ":id/members" do
         required_attributes! [:user_id, :access_level]
-        if not validate_access_level?(params[:access_level])
+        unless validate_access_level?(params[:access_level])
           render_api_error!("Wrong access level", 422)
         end
         group = find_group(params[:id])
-- 
cgit v1.2.1