Merge pull request #5115 from vpereira/source-project-meta

[api] move project meta actions to its own controller and make it REST
openSUSE · Jun 11, 2018 · 9f2f56e · 9f2f56e
2 parents 025a7c6 + a5d483a
commit 9f2f56e
Show file tree

Hide file tree

Showing 9 changed files with 187 additions and 183 deletions.
diff --git a/src/api/app/controllers/source_project_controller.rb b/src/api/app/controllers/source_project_controller.rb
@@ -1,7 +1,4 @@
 class SourceProjectController < SourceController
-  validate_action update_project_meta: { request: :project, response: :status }
-  validate_action show_project_meta: { response: :project }
-
   # GET /source/:project
   def show
     project_name = params[:project]
@@ -116,94 +113,4 @@ def project_command
       raise CmdExecutionNoPermission, "no permission to execute command '#{command}'"
     end
   end
-
-  # GET /source/:project/_meta
-  #---------------------------
-  def show_project_meta
-    if Project.find_remote_project params[:project]
-      # project from remote buildservice, get metadata from backend
-      raise InvalidProjectParameters if params[:view]
-      pass_to_backend
-    else
-      # access check
-      prj = Project.get_by_name params[:project]
-      render xml: prj.to_axml
-    end
-  end
-
-  # PUT /source/:project/_meta
-  def update_project_meta
-    project_name = params[:project]
-    params[:user] = User.current.login
-
-    request_data = Xmlhash.parse(request.raw_post)
-
-    # permission check
-    if request_data['name'] != project_name
-      raise ProjectNameMismatch, "project name in xml data ('#{request_data['name']}) does not match resource path component ('#{project_name}')"
-    end
-
-    begin
-      project = Project.get_by_name(request_data['name'])
-    rescue Project::UnknownObjectError
-      project = nil
-    end
-
-    # Need permission
-    logger.debug 'Checking permission for the put'
-    if project
-      # project exists, change it
-      unless User.current.can_modify_project?(project)
-        if project.is_locked?
-          logger.debug "no permission to modify LOCKED project #{project.name}"
-          raise ChangeProjectNoPermission, "The project #{project.name} is locked"
-        end
-        logger.debug "user #{user.login} has no permission to modify project #{project.name}"
-        raise ChangeProjectNoPermission, 'no permission to change project'
-      end
-    else
-      # project is new
-      unless User.current.can_create_project?(project_name)
-        logger.debug 'Not allowed to create new project'
-        raise CreateProjectNoPermission, "no permission to create project #{project_name}"
-      end
-    end
-
-    # projects using remote resources must be edited by the admin
-    result = Project.validate_remote_permissions(request_data)
-    if result[:error]
-      raise ChangeProjectNoPermission, 'admin rights are required to change projects using remote resources'
-    end
-
-    result = Project.validate_link_xml_attribute(request_data, project_name)
-    raise ProjectReadAccessFailure, result[:error] if result[:error]
-
-    result = Project.validate_maintenance_xml_attribute(request_data)
-    raise ModifyProjectNoPermission, result[:error] if result[:error]
-
-    result = Project.validate_repository_xml_attribute(request_data, project_name)
-    raise RepositoryAccessFailure, result[:error] if result[:error]
-
-    if project
-      remove_repositories = project.get_removed_repositories(request_data)
-      opts = { no_write_to_backend: true,
-               force:               params[:force].present?,
-               recursive_remove:    params[:remove_linking_repositories].present? }
-      check_and_remove_repositories!(remove_repositories, opts)
-    end
-
-    Project.transaction do
-      # exec
-      if project
-        project.update_from_xml!(request_data)
-      else
-        project = Project.new(name: project_name)
-        project.update_from_xml!(request_data)
-        # FIXME3.0: don't modify send data
-        project.relationships.build(user: User.current, role: Role.find_by_title!('maintainer'))
-      end
-      project.store(comment: params[:comment])
-    end
-    render_ok
-  end
 end
diff --git a/src/api/app/controllers/source_project_meta_controller.rb b/src/api/app/controllers/source_project_meta_controller.rb
@@ -0,0 +1,94 @@
+class SourceProjectMetaController < SourceController
+  validate_action update: { request: :project, response: :status }
+  validate_action show: { response: :project }
+
+  # GET /source/:project/_meta
+  #---------------------------
+  def show
+    if Project.find_remote_project params[:project]
+      # project from remote buildservice, get metadata from backend
+      raise InvalidProjectParameters if params[:view]
+      pass_to_backend
+    else
+      # access check
+      prj = Project.get_by_name params[:project]
+      render xml: prj.to_axml
+    end
+  end
+
+  # PUT /source/:project/_meta
+  def update
+    project_name = params[:project]
+    params[:user] = User.current.login
+
+    request_data = Xmlhash.parse(request.raw_post)
+
+    # permission check
+    if request_data['name'] != project_name
+      raise ProjectNameMismatch, "project name in xml data ('#{request_data['name']}) does not match resource path component ('#{project_name}')"
+    end
+
+    begin
+      project = Project.get_by_name(request_data['name'])
+    rescue Project::UnknownObjectError
+      project = nil
+    end
+
+    # Need permission
+    logger.debug 'Checking permission for the put'
+    if project
+      # project exists, change it
+      unless User.current.can_modify_project?(project)
+        if project.is_locked?
+          logger.debug "no permission to modify LOCKED project #{project.name}"
+          raise ChangeProjectNoPermission, "The project #{project.name} is locked"
+        end
+        logger.debug "user #{user.login} has no permission to modify project #{project.name}"
+        raise ChangeProjectNoPermission, 'no permission to change project'
+      end
+    else
+      # project is new
+      unless User.current.can_create_project?(project_name)
+        logger.debug 'Not allowed to create new project'
+        raise CreateProjectNoPermission, "no permission to create project #{project_name}"
+      end
+    end
+
+    # projects using remote resources must be edited by the admin
+    result = Project.validate_remote_permissions(request_data)
+    if result[:error]
+      raise ChangeProjectNoPermission, 'admin rights are required to change projects using remote resources'
+    end
+
+    result = Project.validate_link_xml_attribute(request_data, project_name)
+    raise ProjectReadAccessFailure, result[:error] if result[:error]
+
+    result = Project.validate_maintenance_xml_attribute(request_data)
+    raise ModifyProjectNoPermission, result[:error] if result[:error]
+
+    result = Project.validate_repository_xml_attribute(request_data, project_name)
+    raise RepositoryAccessFailure, result[:error] if result[:error]
+
+    if project
+      remove_repositories = project.get_removed_repositories(request_data)
+      opts = { no_write_to_backend: true,
+               force:               params[:force].present?,
+               recursive_remove:    params[:remove_linking_repositories].present? }
+      check_and_remove_repositories!(remove_repositories, opts)
+    end
+
+    Project.transaction do
+      # exec
+      if project
+        project.update_from_xml!(request_data)
+      else
+        project = Project.new(name: project_name)
+        project.update_from_xml!(request_data)
+        # FIXME3.0: don't modify send data
+        project.relationships.build(user: User.current, role: Role.find_by_title!('maintainer'))
+      end
+      project.store(comment: params[:comment])
+    end
+    render_ok
+  end
+end
diff --git a/src/api/config/routes.rb b/src/api/config/routes.rb
@@ -730,12 +730,15 @@ def self.public_or_about_path?(request)
   end
 
   # project level
+  controller :source_project_meta do
+    get 'source/:project/_meta' => :show, constraints: cons
+    put 'source/:project/_meta' => :update, constraints: cons
+  end
+
   controller :source_project do
     get 'source/:project' => :show, constraints: cons
     delete 'source/:project' => :delete, constraints: cons
     post 'source/:project' => :project_command, constraints: cons
-    get 'source/:project/_meta' => :show_project_meta, constraints: cons
-    put 'source/:project/_meta' => :update_project_meta, constraints: cons
   end
 
   controller :source do

diff --git a/...ontroller/GET_show_project_meta/1_4_1.yml → ...eProjectMetaController/GET_show/1_1_1.yml b/...ontroller/GET_show_project_meta/1_4_1.yml → ...eProjectMetaController/GET_show/1_1_1.yml
diff --git a/...ontroller/GET_show_project_meta/1_4_2.yml → ...eProjectMetaController/GET_show/1_1_2.yml b/...ontroller/GET_show_project_meta/1_4_2.yml → ...eProjectMetaController/GET_show/1_1_2.yml
diff --git a/...rollers/source_project_controller_spec.rb → ...rs/source_project_meta_controller_spec.rb b/...rollers/source_project_controller_spec.rb → ...rs/source_project_meta_controller_spec.rb
@@ -1,13 +1,13 @@
 require 'rails_helper'
 
-RSpec.describe SourceProjectController, vcr: true do
+RSpec.describe SourceProjectMetaController, vcr: true do
   let(:user) { create(:confirmed_user, login: 'tom') }
   let(:project) { user.home_project }
 
-  describe 'GET #show_project_meta' do
+  describe 'GET #show' do
     before do
       login user
-      get :show_project_meta, params: { project: project }
+      get :show, params: { project: project }
     end
 
     it { expect(response).to be_success }