Add basic controller for TeamRepositories

2025-09-11 07:34:41 +08:00 · 2019-07-15 17:00:55 +02:00 · 2019-07-15 17:00:55 +02:00 · 5456c1e38a
commit 5456c1e38a
parent 077369d960
3 changed files with 131 additions and 0 deletions
--- a/app/controllers/team_repositories_controller.rb
+++ b/app/controllers/team_repositories_controller.rb
@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+class TeamRepositoriesController < ApplicationController
+  before_action :load_vars
+  before_action :check_sharing_permissions, only: %i(create destroy)
+
+  # POST :team_id/repositories/:repository_id/team_repositories
+  def create
+    team_repository = TeamRepository.new(repository: @repository,
+                                         team_id: create_params[:target_team_id],
+                                         permission_level: create_params[:permission_level])
+
+    if team_repository.save
+      render json: { team_repository: team_repository }, status: :ok
+    else
+      render json: { team_repository: { message: 'not saved!', errors: team_repository.errors } },
+             status: :unprocessable_entity
+    end
+  end
+
+  # DELETE :team_id/repositories/:repository_id/team_repositories/:id
+  def destroy
+    team_repository = @repository.team_repositories.find(destory_params[:id])
+    team_repository.destroy
+    render json: { message: 'destroyed!' }, status: :no_content
+  end
+
+  private
+
+  def load_vars
+    @repository = Repository.find_by_id(params[:repository_id])
+
+    render_404 unless @repository
+  end
+
+  def create_params
+    params.permit(:team_id, :repository_id, :target_team_id, :permission_level)
+  end
+
+  def destory_params
+    params.permit(:team_id, :id)
+  end
+
+  def check_sharing_permissions
+    render_403 unless can_manage_repository?(@repository)
+  end
+end
--- a/config/routes.rb
+++ b/config/routes.rb
@ -177,6 +177,8 @@ Rails.application.routes.draw do
            defaults: { format: 'json' }
        post 'copy', to: 'repositories#copy',
             defaults: { format: 'json' }
+
+        resources :team_repositories, only: %i(create destroy)
      end
      # resources :samples, only: [:new, :create]
      # resources :sample_types, except: [:show, :new] do
--- a/spec/controllers/team_repositories_controller_spec.rb
+++ b/spec/controllers/team_repositories_controller_spec.rb
@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe TeamRepositoriesController, type: :controller do
+  login_user
+
+  let(:user) { controller.current_user }
+  let(:team) { create :team, created_by: user }
+  let!(:user_team) { create :user_team, :admin, user: user, team: team }
+  let(:repository) { create :repository, team: team }
+  let(:target_team) { create :team }
+
+  describe 'POST create' do
+    context 'when resource can be saved' do
+      it 'renders 200' do
+        post :create,
+             params: { team_id: team.id,
+                       repository_id: repository.id,
+                       target_team_id: target_team.id,
+                       permission_level: 'read' },
+             format: :json
+
+        expect(response).to have_http_status(200)
+      end
+    end
+
+    context 'when resource cannot be saved' do
+      it 'renders 304' do
+        post :create,
+             params: { team_id: team.id, repository_id: repository.id, target_team_id: -1 },
+             format: :json
+
+        expect(response).to have_http_status(422)
+      end
+    end
+
+    context 'when user do not have permissions' do
+      let(:new_repository) { create :repository }
+
+      it 'renders 403' do
+        post :create,
+             params: { team_id: team.id, repository_id: new_repository.id },
+             format: :json
+
+        expect(response).to have_http_status(403)
+      end
+    end
+
+    context 'when repository is not found' do
+      it 'renders 404' do
+        post :create,
+             params: { team_id: team.id, repository_id: -1, target_team_id: 'id' },
+             format: :json
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+
+  describe 'DELETE destroy' do
+    let(:team_repository) { create :team_repository, :read, team: team, repository: repository }
+
+    context 'when resource can be deleted' do
+      it 'renders 204' do
+        delete :destroy, params: { repository_id: repository.id, team_id: team.id, id: team_repository.id }
+
+        expect(response).to have_http_status(204)
+      end
+    end
+
+    context 'when user do not have permissions' do
+      let(:new_repository) { create :repository }
+
+      it 'renders 403' do
+        delete :destroy, params: { repository_id: new_repository.id, team_id: team.id, id: team_repository.id }
+
+        expect(response).to have_http_status(403)
+      end
+    end
+  end
+end