v3 add job cancellation endpoint ans spec

2015-09-30 17:03:00 +02:00 · 2015-09-30 17:03:00 +02:00 · b6ffb8bdf8
commit b6ffb8bdf8
parent d8e24bf52f
6 changed files with 200 additions and 1 deletions
--- a/lib/travis/api/v3/access_control/generic.rb
+++ b/lib/travis/api/v3/access_control/generic.rb
@ -63,6 +63,10 @@ module Travis::API::V3
      visible? job.repository
    end

+    def job_writable?(job)
+      writable? job.repository
+    end
+
    def organization_visible?(organization)
      full_access? or public_api?
    end
--- a/lib/travis/api/v3/queries/job.rb
+++ b/lib/travis/api/v3/queries/job.rb
@ -4,7 +4,19 @@ module Travis::API::V3

    def find
      return Models::Job.find_by_id(id) if id
-      raise WrongParams, 'missing build.id'.freeze
+      raise WrongParams, 'missing job.id'.freeze
+    end
+
+    def cancel(user)
+      payload = { id: id, user_id: user.id, source: 'api' }
+      perform_async(:job_cancellation, payload)
+      payload
+    end
+
+    def restart(user)
+      payload = { id: id, user_id: user.id, source: 'api' }
+      perform_async(:job_restart, payload)
+      payload
    end
  end
 end
--- a/lib/travis/api/v3/routes.rb
+++ b/lib/travis/api/v3/routes.rb
@ -26,6 +26,9 @@ module Travis::API::V3
      capture id: :digit
      route '/job/{job.id}'
      get :find
+
+      post :cancel, '/cancel'
+      post :restart, '/restart'
    end

    resource :organization do
--- a/lib/travis/api/v3/services/job/cancel.rb
+++ b/lib/travis/api/v3/services/job/cancel.rb
@ -0,0 +1,13 @@
+module Travis::API::V3
+  class Services::Job::Cancel < Service
+
+    def run
+      raise LoginRequired unless access_control.logged_in? or access_control.full_access?
+      raise NotFound      unless job = find(:job)
+      access_control.permissions(job).cancel!
+
+      query.cancel(access_control.user)
+      accepted(job: job, state_change: :cancel)
+    end
+  end
+end
--- a/lib/travis/api/v3/services/job/restart.rb
+++ b/lib/travis/api/v3/services/job/restart.rb
@ -0,0 +1,13 @@
+module Travis::API::V3
+  class Services::Job::Restart < Service
+
+    def run
+      raise LoginRequired unless access_control.logged_in? or access_control.full_access?
+      raise NotFound      unless job = find(:job)
+      access_control.permissions(job).restart!
+
+      query.restart(access_control.user)
+      accepted(job: job, state_change: :restart)
+    end
+  end
+end
--- a/spec/v3/services/job/cancel_spec.rb
+++ b/spec/v3/services/job/cancel_spec.rb
@ -0,0 +1,154 @@
+require 'spec_helper'
+
+describe Travis::API::V3::Services::Job::Cancel do
+  let(:repo)  { Travis::API::V3::Models::Repository.where(owner_name: 'svenfuchs', name: 'minimal').first }
+  let(:build) { repo.builds.first }
+  let(:job)   { build.jobs.first}
+  let(:sidekiq_payload) { JSON.load(Sidekiq::Client.last['args'].last.to_json) }
+  let(:sidekiq_params)  { Sidekiq::Client.last['args'].last.deep_symbolize_keys }
+
+  before do
+    Travis::Features.stubs(:owner_active?).returns(true)
+    @original_sidekiq = Sidekiq::Client
+    Sidekiq.send(:remove_const, :Client) # to avoid a warning
+    Sidekiq::Client = []
+  end
+
+  after do
+    Sidekiq.send(:remove_const, :Client) # to avoid a warning
+    Sidekiq::Client = @original_sidekiq
+  end
+
+  describe "not authenticated" do
+    before  { post("/v3/job/#{job.id}/cancel")      }
+    example { expect(last_response.status).to be == 403 }
+    example { expect(JSON.load(body)).to      be ==     {
+      "@type"         => "error",
+      "error_type"    => "login_required",
+      "error_message" => "login required"
+    }}
+  end
+
+  describe "missing build, authenticated" do
+    let(:token)   { Travis::Api::App::AccessToken.create(user: repo.owner, app_id: 1) }
+    let(:headers) {{ 'HTTP_AUTHORIZATION' => "token #{token}"                        }}
+    before        { post("/v3/job/9999999999/cancel", {}, headers)                 }
+
+    example { expect(last_response.status).to be == 404 }
+    example { expect(JSON.load(body)).to      be ==     {
+      "@type"         => "error",
+      "error_type"    => "not_found",
+      "error_message" => "job not found (or insufficient access)",
+      "resource_type" => "job"
+    }}
+  end
+
+  describe "existing repository, no push access" do
+    let(:token)   { Travis::Api::App::AccessToken.create(user: repo.owner, app_id: 1) }
+    let(:headers) {{ 'HTTP_AUTHORIZATION' => "token #{token}"                        }}
+    before        { post("/v3/job/#{job.id}/cancel", {}, headers)                 }
+
+    example { expect(last_response.status).to be == 403 }
+    example { expect(JSON.load(body).to_s).to include(
+      "@type",
+      "error_type",
+      "insufficient_access",
+      "error_message",
+      "operation requires cancel access to job",
+      "resource_type",
+      "job",
+      "permission",
+      "cancel")
+    }
+  end
+
+  describe "private repository, no access" do
+    let(:token)   { Travis::Api::App::AccessToken.create(user: repo.owner, app_id: 1) }
+    let(:headers) {{ 'HTTP_AUTHORIZATION' => "token #{token}"                        }}
+    before        { repo.update_attribute(:private, true)                             }
+    before        { post("/v3/job/#{job.id}/cancel", {}, headers)                 }
+    after         { repo.update_attribute(:private, false)                            }
+
+    example { expect(last_response.status).to be == 404 }
+    example { expect(JSON.load(body)).to      be ==     {
+      "@type"         => "error",
+      "error_type"    => "not_found",
+      "error_message" => "job not found (or insufficient access)",
+      "resource_type" => "job"
+    }}
+  end
+
+  describe "existing repository, push access" do
+    let(:params)  {{}}
+    let(:token)   { Travis::Api::App::AccessToken.create(user: repo.owner, app_id: 1)                          }
+    let(:headers) {{ 'HTTP_AUTHORIZATION' => "token #{token}"                                                 }}
+    before        { Travis::API::V3::Models::Permission.create(repository: repo, user: repo.owner, push: true) }
+    before        { post("/v3/job/#{job.id}/cancel", params, headers)                                      }
+
+    example { expect(last_response.status).to be == 202 }
+    example { expect(JSON.load(body).to_s).to include(
+      "@type",
+      "job",
+      "@href",
+      "@representation",
+      "minimal",
+      "cancel",
+      "id",
+      "state_change")
+    }
+
+    example { expect(sidekiq_payload).to be == {
+      "id"     => "#{job.id}",
+      "user_id"=> repo.owner_id,
+      "source" => "api"}
+    }
+
+    example { expect(Sidekiq::Client.last['queue']).to be == 'job_cancellations'                }
+    example { expect(Sidekiq::Client.last['class']).to be == 'Travis::Sidekiq::JobCancellation' }
+
+    describe "setting id has no effect" do
+      let(:params) {{ id: 42 }}
+      example { expect(sidekiq_payload).to be == {
+        "id"     => "#{job.id}",
+        "user_id"=> repo.owner_id,
+        "source" => "api"}
+      }
+    end
+  end
+
+  #  TODO decided to discuss further with rkh as this use case doesn't really exist at the moment
+  #  and 'fixing' the query requires modifying workers that v2 uses, thereby running the risk of breaking v2,
+  #  and also because in 6 months or so travis-hub will be able to cancel builds without using travis-core at all.
+  #
+  # describe "existing repository, application with full access" do
+  #   let(:app_name)   { 'travis-example'                                                           }
+  #   let(:app_secret) { '12345678'                                                                 }
+  #   let(:sign_opts)  { "a=#{app_name}"                                                            }
+  #   let(:signature)  { OpenSSL::HMAC.hexdigest('sha256', app_secret, sign_opts)                   }
+  #   let(:headers)    {{ 'HTTP_AUTHORIZATION' => "signature #{sign_opts}:#{signature}"            }}
+  #   before { Travis.config.applications = { app_name => { full_access: true, secret: app_secret }}}
+  #   before { post("/v3/job/#{job.id}/cancel", params, headers)                                }
+  #
+  #   describe 'without setting user' do
+  #     let(:params) {{}}
+  #     example { expect(last_response.status).to be == 400 }
+  #     example { expect(JSON.load(body)).to      be ==     {
+  #       "@type"         => "error",
+  #       "error_type"    => "wrong_params",
+  #       "error_message" => "missing user"
+  #     }}
+  #   end
+  #
+  #   describe 'setting user' do
+  #     let(:params) {{ user: { id: repo.owner.id } }}
+  #     example { expect(last_response.status).to be == 202 }
+  #     example { expect(sidekiq_payload).to be == {
+  #       # repository: { id: repo.id, owner_name: 'svenfuchs', name: 'minimal' },
+  #       # user:       { id: repo.owner.id },
+  #       # message:    nil,
+  #       # branch:     'master',
+  #       # config:     {}
+  #     }}
+  #   end
+  # end
+end