Merge branch 'ben.boeckel/gitlab-ce-api-visible-projects' into 'master'

Add visible projects API ## What does this MR do? Add a new `/projects/visible` API endpoint. Originally created by @ben.boeckel in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5970. ## Are there points in the code the reviewer needs to double check? Does the API make sense? ## Why was this MR needed? The `/projects` endpoint only returned projects the user was explicitly a member of. Closes #19361, #3119. See merge request !6681

Merge branch 'ben.boeckel/gitlab-ce-api-visible-projects' into 'master'
1be15162 · Rémy Coutable · b58ea12a · 7623ab0c · 1be15162 · 1be15162
Commit 1be15162 authored Oct 07, 2016 by Rémy Coutable
Showing with 62 additions and 20 deletions

CHANGELOG CHANGELOG +1 -0

projects.md doc/api/projects.md +0 -0

projects.rb lib/api/projects.rb +31 -20

projects_spec.rb spec/requests/api/projects_spec.rb +30 -0

No files found.
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -5,6 +5,7 @@ v 8.13.0 (unreleased)
  - Add link from system note to compare with previous version
  - Improve issue load time performance by avoiding ORDER BY in find_by call
  - Use gitlab-shell v3.6.2 (GIT TRACE logging)
+  - Add `/projects/visible` API endpoint (Ben Boeckel)
  - Fix centering of custom header logos (Ashley Dumaine)
  - AbstractReferenceFilter caches project_refs on RequestStore when active
  - Replaced the check sign to arrow in the show build view. !6501

--- a/doc/api/projects.md
+++ b/doc/api/projects.md
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -22,14 +22,25 @@ module API
      # Example Request:
      #   GET /projects
      get do
-        @projects = current_user.authorized_projects
-        @projects = filter_projects(@projects)
-        @projects = paginate @projects
-        if params[:simple]
-          present @projects, with: Entities::BasicProjectDetails, user: current_user
-        else
-          present @projects, with: Entities::ProjectWithAccess, user: current_user
-        end
+        projects = current_user.authorized_projects
+        projects = filter_projects(projects)
+        projects = paginate projects
+        entity = params[:simple] ? Entities::BasicProjectDetails : Entities::ProjectWithAccess
+
+        present projects, with: entity, user: current_user
+      end
+
+      # Get a list of visible projects for authenticated user
+      #
+      # Example Request:
+      #   GET /projects/visible
+      get '/visible' do
+        projects = ProjectsFinder.new.execute(current_user)
+        projects = filter_projects(projects)
+        projects = paginate projects
+        entity = params[:simple] ? Entities::BasicProjectDetails : Entities::ProjectWithAccess
+
+        present projects, with: entity, user: current_user
      end

      # Get an owned projects list for authenticated user
@@ -37,10 +48,10 @@ module API
      # Example Request:
      #   GET /projects/owned
      get '/owned' do
-        @projects = current_user.owned_projects
-        @projects = filter_projects(@projects)
-        @projects = paginate @projects
-        present @projects, with: Entities::ProjectWithAccess, user: current_user
+        projects = current_user.owned_projects
+        projects = filter_projects(projects)
+        projects = paginate projects
+        present projects, with: Entities::ProjectWithAccess, user: current_user
      end

      # Gets starred project for the authenticated user
@@ -48,10 +59,10 @@ module API
      # Example Request:
      #   GET /projects/starred
      get '/starred' do
-        @projects = current_user.viewable_starred_projects
-        @projects = filter_projects(@projects)
-        @projects = paginate @projects
-        present @projects, with: Entities::Project, user: current_user
+        projects = current_user.viewable_starred_projects
+        projects = filter_projects(projects)
+        projects = paginate projects
+        present projects, with: Entities::Project, user: current_user
      end

      # Get all projects for admin user
@@ -60,10 +71,10 @@ module API
      #   GET /projects/all
      get '/all' do
        authenticated_as_admin!
-        @projects = Project.all
-        @projects = filter_projects(@projects)
-        @projects = paginate @projects
-        present @projects, with: Entities::ProjectWithAccess, user: current_user
+        projects = Project.all
+        projects = filter_projects(projects)
+        projects = paginate projects
+        present projects, with: Entities::ProjectWithAccess, user: current_user
      end

      # Get a single project

--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -175,6 +175,36 @@ describe API::API, api: true  do
    end
  end

+  describe 'GET /projects/visible' do
+    let(:public_project) { create(:project, :public) }
+
+    before do
+      public_project
+      project
+      project2
+      project3
+      project4
+    end
+
+    it 'returns the projects viewable by the user' do
+      get api('/projects/visible', user)
+
+      expect(response).to have_http_status(200)
+      expect(json_response).to be_an Array
+      expect(json_response.map { |project| project['id'] }).
+        to contain_exactly(public_project.id, project.id, project2.id, project3.id)
+    end
+
+    it 'shows only public projects when the user only has access to those' do
+      get api('/projects/visible', user2)
+
+      expect(response).to have_http_status(200)
+      expect(json_response).to be_an Array
+      expect(json_response.map { |project| project['id'] }).
+        to contain_exactly(public_project.id)
+    end
+  end
+
  describe 'GET /projects/starred' do
    let(:public_project) { create(:project, :public) }