/spec/requests/api/events_spec.rb

https://gitlab.com/Stretch96/gitlab-ce · Ruby · 167 lines · 147 code · 20 blank · 0 comment · 1 complexity · 6aa076639998e7cfe94bb623367cd610 MD5 · raw file

  1. require 'spec_helper'
  2. describe API::Events do
  3. include ApiHelpers
  4. let(:user) { create(:user) }
  5. let(:non_member) { create(:user) }
  6. let(:private_project) { create(:project, :private, creator_id: user.id, namespace: user.namespace) }
  7. let(:closed_issue) { create(:closed_issue, project: private_project, author: user) }
  8. let!(:closed_issue_event) { create(:event, project: private_project, author: user, target: closed_issue, action: Event::CLOSED, created_at: Date.new(2016, 12, 30)) }
  9. describe 'GET /events' do
  10. context 'when unauthenticated' do
  11. it 'returns authentication error' do
  12. get api('/events')
  13. expect(response).to have_gitlab_http_status(401)
  14. end
  15. end
  16. context 'when authenticated' do
  17. it 'returns users events' do
  18. get api('/events?action=closed&target_type=issue&after=2016-12-1&before=2016-12-31', user)
  19. expect(response).to have_gitlab_http_status(200)
  20. expect(response).to include_pagination_headers
  21. expect(json_response).to be_an Array
  22. expect(json_response.size).to eq(1)
  23. end
  24. end
  25. context 'when the requesting token has "read_user" scope' do
  26. let(:token) { create(:personal_access_token, scopes: ['read_user'], user: user) }
  27. it 'returns users events' do
  28. get api('/events?action=closed&target_type=issue&after=2016-12-1&before=2016-12-31', personal_access_token: token)
  29. expect(response).to have_gitlab_http_status(200)
  30. expect(response).to include_pagination_headers
  31. expect(json_response).to be_an Array
  32. expect(json_response.size).to eq(1)
  33. end
  34. end
  35. context 'when the requesting token does not have "read_user" or "api" scope' do
  36. let(:token_without_scopes) { create(:personal_access_token, scopes: ['read_repository'], user: user) }
  37. it 'returns a "403" response' do
  38. get api('/events', personal_access_token: token_without_scopes)
  39. expect(response).to have_gitlab_http_status(403)
  40. end
  41. end
  42. end
  43. describe 'GET /users/:id/events' do
  44. context "as a user that cannot see another user" do
  45. it 'returns a "404" response' do
  46. allow(Ability).to receive(:allowed?).and_call_original
  47. allow(Ability).to receive(:allowed?).with(non_member, :read_user, user).and_return(false)
  48. get api("/users/#{user.id}/events", non_member)
  49. expect(response).to have_gitlab_http_status(200)
  50. expect(json_response).to be_empty
  51. end
  52. end
  53. context "as a user token that cannot see another user" do
  54. let(:non_member_token) { create(:personal_access_token, scopes: ['read_user'], user: non_member) }
  55. it 'returns a "404" response' do
  56. allow(Ability).to receive(:allowed?).and_call_original
  57. allow(Ability).to receive(:allowed?).with(non_member, :read_user, user).and_return(false)
  58. get api("/users/#{user.id}/events", personal_access_token: non_member_token)
  59. expect(response).to have_gitlab_http_status(200)
  60. expect(json_response).to be_empty
  61. end
  62. end
  63. context "as a user that can see the event's project" do
  64. it 'accepts a username' do
  65. get api("/users/#{user.username}/events", user)
  66. expect(response).to have_gitlab_http_status(200)
  67. expect(response).to include_pagination_headers
  68. expect(json_response).to be_an Array
  69. expect(json_response.size).to eq(1)
  70. end
  71. it 'returns the events' do
  72. get api("/users/#{user.id}/events", user)
  73. expect(response).to have_gitlab_http_status(200)
  74. expect(response).to include_pagination_headers
  75. expect(json_response).to be_an Array
  76. expect(json_response.size).to eq(1)
  77. end
  78. context 'when the list of events includes push events' do
  79. let(:event) do
  80. create(:push_event, author: user, project: private_project)
  81. end
  82. let!(:payload) { create(:push_event_payload, event: event) }
  83. let(:payload_hash) { json_response[0]['push_data'] }
  84. before do
  85. get api("/users/#{user.id}/events?action=pushed", user)
  86. end
  87. it 'responds with HTTP 200 OK' do
  88. expect(response).to have_gitlab_http_status(200)
  89. end
  90. it 'includes the push payload as a Hash' do
  91. expect(payload_hash).to be_an_instance_of(Hash)
  92. end
  93. it 'includes the push payload details' do
  94. expect(payload_hash['commit_count']).to eq(payload.commit_count)
  95. expect(payload_hash['action']).to eq(payload.action)
  96. expect(payload_hash['ref_type']).to eq(payload.ref_type)
  97. expect(payload_hash['commit_to']).to eq(payload.commit_to)
  98. end
  99. end
  100. context 'when there are multiple events from different projects' do
  101. let(:second_note) { create(:note_on_issue, project: create(:project)) }
  102. before do
  103. second_note.project.add_user(user, :developer)
  104. [second_note].each do |note|
  105. EventCreateService.new.leave_note(note, user)
  106. end
  107. end
  108. it 'returns events in the correct order (from newest to oldest)' do
  109. get api("/users/#{user.id}/events", user)
  110. comment_events = json_response.select { |e| e['action_name'] == 'commented on' }
  111. close_events = json_response.select { |e| e['action_name'] == 'closed' }
  112. expect(comment_events[0]['target_id']).to eq(second_note.id)
  113. expect(close_events[0]['target_id']).to eq(closed_issue.id)
  114. end
  115. it 'accepts filter parameters' do
  116. get api("/users/#{user.id}/events?action=closed&target_type=issue&after=2016-12-1&before=2016-12-31", user)
  117. expect(json_response.size).to eq(1)
  118. expect(json_response[0]['target_id']).to eq(closed_issue.id)
  119. end
  120. end
  121. end
  122. it 'returns a 404 error if not found' do
  123. get api('/users/42/events', user)
  124. expect(response).to have_gitlab_http_status(404)
  125. expect(json_response['message']).to eq('404 User Not Found')
  126. end
  127. end
  128. end