BigW Consortium Gitlab

triggers_spec.rb 10.3 KB
Newer Older
1 2
require 'spec_helper'

3
describe API::Triggers do
4 5
  let(:user) { create(:user) }
  let(:user2) { create(:user) }
6 7
  let!(:trigger_token) { 'secure_token' }
  let!(:trigger_token_2) { 'secure_token_2' }
8
  let!(:project) { create(:project, :repository, creator: user) }
9 10
  let!(:master) { create(:project_member, :master, user: user, project: project) }
  let!(:developer) { create(:project_member, :developer, user: user2, project: project) }
11 12 13 14
  let!(:trigger) { create(:ci_trigger, project: project, token: trigger_token) }
  let!(:trigger2) { create(:ci_trigger, project: project, token: trigger_token_2) }
  let!(:trigger_request) { create(:ci_trigger_request, trigger: trigger, created_at: '2015-01-01 12:13:14') }

15
  describe 'POST /projects/:project_id/trigger/pipeline' do
16
    let!(:project2) { create(:project) }
17 18 19 20 21 22 23
    let(:options) do
      {
        token: trigger_token
      }
    end

    before do
24
      stub_ci_pipeline_to_return_yaml_file
25 26 27
    end

    context 'Handles errors' do
28
      it 'returns bad request if token is missing' do
29 30
        post api("/projects/#{project.id}/trigger/pipeline"), ref: 'master'

31
        expect(response).to have_http_status(400)
32 33
      end

34
      it 'returns not found if project is not found' do
35 36
        post api('/projects/0/trigger/pipeline'), options.merge(ref: 'master')

37
        expect(response).to have_http_status(404)
38 39
      end

40
      it 'returns unauthorized if token is for different project' do
41 42
        post api("/projects/#{project2.id}/trigger/pipeline"), options.merge(ref: 'master')

43
        expect(response).to have_http_status(401)
44 45 46 47
      end
    end

    context 'Have a commit' do
48
      let(:pipeline) { project.pipelines.last }
49

50 51 52
      it 'creates pipeline' do
        post api("/projects/#{project.id}/trigger/pipeline"), options.merge(ref: 'master')

53
        expect(response).to have_http_status(201)
54
        expect(json_response).to include('id' => pipeline.id)
55
        pipeline.builds.reload
56 57
        expect(pipeline.builds.pending.size).to eq(2)
        expect(pipeline.builds.size).to eq(5)
58 59
      end

60 61 62
      it 'returns bad request with no pipeline created if there\'s no commit for that ref' do
        post api("/projects/#{project.id}/trigger/pipeline"), options.merge(ref: 'other-branch')

63
        expect(response).to have_http_status(400)
64
        expect(json_response['message']).to eq('No pipeline created')
65 66 67 68 69 70 71
      end

      context 'Validates variables' do
        let(:variables) do
          { 'TRIGGER_KEY' => 'TRIGGER_VALUE' }
        end

72
        it 'validates variables to be a hash' do
73 74
          post api("/projects/#{project.id}/trigger/pipeline"), options.merge(variables: 'value', ref: 'master')

75
          expect(response).to have_http_status(400)
Robert Schilling committed
76
          expect(json_response['error']).to eq('variables is invalid')
77 78
        end

79
        it 'validates variables needs to be a map of key-valued strings' do
80 81
          post api("/projects/#{project.id}/trigger/pipeline"), options.merge(variables: { key: %w(1 2) }, ref: 'master')

82
          expect(response).to have_http_status(400)
83 84 85
          expect(json_response['message']).to eq('variables needs to be a map of key-valued strings')
        end

86
        it 'creates trigger request with variables' do
87 88
          post api("/projects/#{project.id}/trigger/pipeline"), options.merge(variables: variables, ref: 'master')

89
          expect(response).to have_http_status(201)
90
          expect(pipeline.builds.reload.first.trigger_request.variables).to eq(variables)
91 92 93
        end
      end
    end
94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115

    context 'when triggering a pipeline from a trigger token' do
      it 'creates builds from the ref given in the URL, not in the body' do
        expect do
          post api("/projects/#{project.id}/ref/master/trigger/pipeline?token=#{trigger_token}"), { ref: 'refs/heads/other-branch' }
        end.to change(project.builds, :count).by(5)

        expect(response).to have_http_status(201)
      end

      context 'when ref contains a dot' do
        it 'creates builds from the ref given in the URL, not in the body' do
          project.repository.create_file(user, '.gitlab/gitlabhq/new_feature.md', 'something valid', message: 'new_feature', branch_name: 'v.1-branch')

          expect do
            post api("/projects/#{project.id}/ref/v.1-branch/trigger/pipeline?token=#{trigger_token}"), { ref: 'refs/heads/other-branch' }
          end.to change(project.builds, :count).by(4)

          expect(response).to have_http_status(201)
        end
      end
    end
116
  end
117

118
  describe 'GET /projects/:id/triggers' do
119
    context 'authenticated user with valid permissions' do
120
      it 'returns list of triggers' do
121 122
        get api("/projects/#{project.id}/triggers", user)

123
        expect(response).to have_http_status(200)
124
        expect(response).to include_pagination_headers
125
        expect(json_response).to be_a(Array)
126
        expect(json_response[0]).to have_key('token')
127 128 129 130
      end
    end

    context 'authenticated user with invalid permissions' do
131
      it 'does not return triggers list' do
132 133
        get api("/projects/#{project.id}/triggers", user2)

134
        expect(response).to have_http_status(403)
135 136 137
      end
    end

138
    context 'unauthenticated user' do
139
      it 'does not return triggers list' do
140 141
        get api("/projects/#{project.id}/triggers")

142
        expect(response).to have_http_status(401)
143 144 145
      end
    end
  end
146

147
  describe 'GET /projects/:id/triggers/:trigger_id' do
148
    context 'authenticated user with valid permissions' do
149
      it 'returns trigger details' do
150
        get api("/projects/#{project.id}/triggers/#{trigger.id}", user)
151

152
        expect(response).to have_http_status(200)
153
        expect(json_response).to be_a(Hash)
154 155
      end

156
      it 'responds with 404 Not Found if requesting non-existing trigger' do
157
        get api("/projects/#{project.id}/triggers/-5", user)
158

159
        expect(response).to have_http_status(404)
160 161 162 163
      end
    end

    context 'authenticated user with invalid permissions' do
164
      it 'does not return triggers list' do
165
        get api("/projects/#{project.id}/triggers/#{trigger.id}", user2)
166

167
        expect(response).to have_http_status(403)
168 169 170
      end
    end

171
    context 'unauthenticated user' do
172
      it 'does not return triggers list' do
173
        get api("/projects/#{project.id}/triggers/#{trigger.id}")
174

175
        expect(response).to have_http_status(401)
176 177 178 179 180
      end
    end
  end

  describe 'POST /projects/:id/triggers' do
181
    context 'authenticated user with valid permissions' do
182 183 184 185 186 187 188 189 190 191 192 193 194
      context 'with required parameters' do
        it 'creates trigger' do
          expect do
            post api("/projects/#{project.id}/triggers", user),
              description: 'trigger'
          end.to change{project.triggers.count}.by(1)

          expect(response).to have_http_status(201)
          expect(json_response).to include('description' => 'trigger')
        end
      end

      context 'without required parameters' do
Kamil Trzcinski committed
195
        it 'does not create trigger' do
196 197
          post api("/projects/#{project.id}/triggers", user)

198 199
          expect(response).to have_http_status(:bad_request)
        end
200 201 202 203
      end
    end

    context 'authenticated user with invalid permissions' do
204
      it 'does not create trigger' do
205 206
        post api("/projects/#{project.id}/triggers", user2),
          description: 'trigger'
207

208
        expect(response).to have_http_status(403)
209 210 211
      end
    end

212
    context 'unauthenticated user' do
213
      it 'does not create trigger' do
214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252
        post api("/projects/#{project.id}/triggers"),
          description: 'trigger'

        expect(response).to have_http_status(401)
      end
    end
  end

  describe 'PUT /projects/:id/triggers/:trigger_id' do
    context 'authenticated user with valid permissions' do
      let(:new_description) { 'new description' }

      it 'updates description' do
        put api("/projects/#{project.id}/triggers/#{trigger.id}", user),
          description: new_description

        expect(response).to have_http_status(200)
        expect(json_response).to include('description' => new_description)
        expect(trigger.reload.description).to eq(new_description)
      end
    end

    context 'authenticated user with invalid permissions' do
      it 'does not update trigger' do
        put api("/projects/#{project.id}/triggers/#{trigger.id}", user2)

        expect(response).to have_http_status(403)
      end
    end

    context 'unauthenticated user' do
      it 'does not update trigger' do
        put api("/projects/#{project.id}/triggers/#{trigger.id}")

        expect(response).to have_http_status(401)
      end
    end
  end

253
  describe 'POST /projects/:id/triggers/:trigger_id/take_ownership' do
254 255 256 257
    context 'authenticated user with valid permissions' do
      it 'updates owner' do
        expect(trigger.owner).to be_nil

258
        post api("/projects/#{project.id}/triggers/#{trigger.id}/take_ownership", user)
259 260 261 262 263 264 265 266 267

        expect(response).to have_http_status(200)
        expect(json_response).to include('owner')
        expect(trigger.reload.owner).to eq(user)
      end
    end

    context 'authenticated user with invalid permissions' do
      it 'does not update owner' do
268
        post api("/projects/#{project.id}/triggers/#{trigger.id}/take_ownership", user2)
269 270 271 272 273 274 275

        expect(response).to have_http_status(403)
      end
    end

    context 'unauthenticated user' do
      it 'does not update owner' do
276
        post api("/projects/#{project.id}/triggers/#{trigger.id}/take_ownership")
277

278
        expect(response).to have_http_status(401)
279 280 281 282
      end
    end
  end

283
  describe 'DELETE /projects/:id/triggers/:trigger_id' do
284
    context 'authenticated user with valid permissions' do
285
      it 'deletes trigger' do
286
        expect do
287
          delete api("/projects/#{project.id}/triggers/#{trigger.id}", user)
288 289

          expect(response).to have_http_status(204)
290 291 292
        end.to change{project.triggers.count}.by(-1)
      end

293
      it 'responds with 404 Not Found if requesting non-existing trigger' do
294
        delete api("/projects/#{project.id}/triggers/-5", user)
295

296
        expect(response).to have_http_status(404)
297 298 299 300
      end
    end

    context 'authenticated user with invalid permissions' do
301
      it 'does not delete trigger' do
302
        delete api("/projects/#{project.id}/triggers/#{trigger.id}", user2)
303

304
        expect(response).to have_http_status(403)
305 306 307
      end
    end

308
    context 'unauthenticated user' do
309
      it 'does not delete trigger' do
310
        delete api("/projects/#{project.id}/triggers/#{trigger.id}")
311

312
        expect(response).to have_http_status(401)
313 314 315
      end
    end
  end
316
end