fix specs. Stage 2

910bf96e · Valery Sizov · a399fe32 · 910bf96e · 910bf96e · 910bf96e
5 changed file
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -148,15 +148,14 @@ module API
      end
    end

-    def attributes_for_keys(keys)
+    def attributes_for_keys(keys, custom_params = nil)
+      params_hash = custom_params || params
      attrs = {}
-
      keys.each do |key|
        if params[key].present? or (params.has_key?(key) and params[key] == false)
          attrs[key] = params[key]
        end
      end
-
      ActionController::Parameters.new(attrs).permit!
    end


--- a/lib/ci/api/api.rb
+++ b/lib/ci/api/api.rb
@@ -3,6 +3,7 @@ Dir["#{Rails.root}/lib/ci/api/*.rb"].each {|file| require file}
 module Ci
  module API
    class API < Grape::API
+      include APIGuard
      version 'v1', using: :path

      rescue_from ActiveRecord::RecordNotFound do
@@ -25,6 +26,7 @@ module Ci
      format :json

      helpers Helpers
+      helpers ::API::APIHelpers

      mount Builds
      mount Commits

--- a/lib/ci/api/helpers.rb
+++ b/lib/ci/api/helpers.rb
 module Ci
  module API
    module Helpers
-      PRIVATE_TOKEN_PARAM = :private_token
-      PRIVATE_TOKEN_HEADER = "HTTP_PRIVATE_TOKEN"
-      ACCESS_TOKEN_PARAM = :access_token
-      ACCESS_TOKEN_HEADER = "HTTP_ACCESS_TOKEN"
-      UPDATE_RUNNER_EVERY = 60
-
-      def current_user
-        @current_user ||= begin
-          options = {
-            access_token: (params[ACCESS_TOKEN_PARAM] || env[ACCESS_TOKEN_HEADER]),
-            private_token: (params[PRIVATE_TOKEN_PARAM] || env[PRIVATE_TOKEN_HEADER]),
-          }
-          Ci::UserSession.new.authenticate(options.compact)
-        end
-      end
-
-      def current_runner
-        @runner ||= Ci::Runner.find_by_token(params[:token].to_s)
-      end
-
-      def authenticate!
-        forbidden! unless current_user
-      end
-
      def authenticate_runners!
        forbidden! unless params[:token] == GitlabCi::REGISTRATION_TOKEN
      end
@@ -43,72 +19,15 @@ module Ci
        end
      end

+      def current_runner
+        @runner ||= Runner.find_by_token(params[:token].to_s)
+      end
+
      def update_runner_info
        return unless params["info"].present?
        info = attributes_for_keys(["name", "version", "revision", "platform", "architecture"], params["info"])
        current_runner.update(info)
      end
-
-      # Checks the occurrences of required attributes, each attribute must be present in the params hash
-      # or a Bad Request error is invoked.
-      #
-      # Parameters:
-      #   keys (required) - A hash consisting of keys that must be present
-      def required_attributes!(keys)
-        keys.each do |key|
-          bad_request!(key) unless params[key].present?
-        end
-      end
-
-      def attributes_for_keys(keys, custom_params = nil)
-        params_hash = custom_params || params
-        attrs = {}
-        keys.each do |key|
-          attrs[key] = params_hash[key] if params_hash[key].present?
-        end
-        attrs
-      end
-
-      # error helpers
-
-      def forbidden!
-        render_api_error!('403 Forbidden', 403)
-      end
-
-      def bad_request!(attribute)
-        message = ["400 (Bad request)"]
-        message << "\"" + attribute.to_s + "\" not given"
-        render_api_error!(message.join(' '), 400)
-      end
-
-      def not_found!(resource = nil)
-        message = ["404"]
-        message << resource if resource
-        message << "Not Found"
-        render_api_error!(message.join(' '), 404)
-      end
-
-      def unauthorized!
-        render_api_error!('401 Unauthorized', 401)
-      end
-
-      def not_allowed!
-        render_api_error!('Method Not Allowed', 405)
-      end
-
-      def render_api_error!(message, status)
-        error!({ 'message' => message }, status)
-      end
-
-      private
-
-      def abilities
-        @abilities ||= begin
-                         abilities = Six.new
-                         abilities << Ability
-                         abilities
-                       end
-      end
    end
  end
 end
--- a/spec/requests/ci/api/runners_spec.rb
+++ b/spec/requests/ci/api/runners_spec.rb
@@ -9,8 +9,8 @@ describe Ci::API::API do
  end

  describe "GET /runners" do
-    let(:gitlab_url) { GitlabCi.config.gitlab_server.url }
-    let(:private_token) { Network.new.authenticate(access_token: "some_token")["private_token"] }
+    let(:gitlab_url) { GitlabCi.config.gitlab_ci.url }
+    let(:private_token) { create(:user).private_token }
    let(:options) do
      {
        private_token: private_token,
@@ -23,7 +23,7 @@ describe Ci::API::API do
    end

    it "should retrieve a list of all runners" do
-      get api("/runners"), options
+      get ci_api("/runners", nil), options
      expect(response.status).to eq(200)
      expect(json_response.count).to eq(5)
      expect(json_response.last).to have_key("id")
@@ -33,41 +33,41 @@ describe Ci::API::API do

  describe "POST /runners/register" do
    describe "should create a runner if token provided" do
-      before { post api("/runners/register"), token: GitlabCi::REGISTRATION_TOKEN }
+      before { post ci_api("/runners/register"), token: GitlabCi::REGISTRATION_TOKEN }

      it { expect(response.status).to eq(201) }
    end

    describe "should create a runner with description" do
-      before { post api("/runners/register"), token: GitlabCi::REGISTRATION_TOKEN, description: "server.hostname" }
+      before { post ci_api("/runners/register"), token: GitlabCi::REGISTRATION_TOKEN, description: "server.hostname" }

      it { expect(response.status).to eq(201) }
-      it { expect(Runner.first.description).to eq("server.hostname") }
+      it { expect(Ci::Runner.first.description).to eq("server.hostname") }
    end

    describe "should create a runner with tags" do
-      before { post api("/runners/register"), token: GitlabCi::REGISTRATION_TOKEN, tag_list: "tag1, tag2" }
+      before { post ci_api("/runners/register"), token: GitlabCi::REGISTRATION_TOKEN, tag_list: "tag1, tag2" }

      it { expect(response.status).to eq(201) }
-      it { expect(Runner.first.tag_list.sort).to eq(["tag1", "tag2"]) }
+      it { expect(Ci::Runner.first.tag_list.sort).to eq(["tag1", "tag2"]) }
    end

    describe "should create a runner if project token provided" do
      let(:project) { FactoryGirl.create(:ci_project) }
-      before { post api("/runners/register"), token: project.token }
+      before { post ci_api("/runners/register"), token: project.token }

      it { expect(response.status).to eq(201) }
      it { expect(project.runners.size).to eq(1) }
    end

    it "should return 403 error if token is invalid" do
-      post api("/runners/register"), token: 'invalid'
+      post ci_api("/runners/register"), token: 'invalid'

      expect(response.status).to eq(403)
    end

    it "should return 400 error if no token" do
-      post api("/runners/register")
+      post ci_api("/runners/register")

      expect(response.status).to eq(400)
    end
@@ -75,9 +75,9 @@ describe Ci::API::API do

  describe "DELETE /runners/delete" do
    let!(:runner) { FactoryGirl.create(:ci_runner) }
-    before { delete api("/runners/delete"), token: runner.token }
+    before { delete ci_api("/runners/delete"), token: runner.token }

    it { expect(response.status).to eq(200) }
-    it { expect(Runner.count).to eq(0) }
+    it { expect(Ci::Runner.count).to eq(0) }
  end
 end
--- a/spec/support/api_helpers.rb
+++ b/spec/support/api_helpers.rb
@@ -28,6 +28,17 @@ module ApiHelpers
        "&private_token=#{user.private_token}" : "")
  end

+  def ci_api(path, user = nil)
+    "/ci/api/v1/#{path}" +
+
+      # Normalize query string
+      (path.index('?') ? '' : '?') +
+
+      # Append private_token if given a User object
+      (user.respond_to?(:private_token) ?
+        "&private_token=#{user.private_token}" : "")
+  end
+
  def json_response
    @_json_response ||= JSON.parse(response.body)
  end