Skip to content

Commit

Permalink
Merge pull request #1257 from travis-ci/bsfy-181-fix
Browse files Browse the repository at this point in the history
Bsfy 181 fix
  • Loading branch information
murtaza-swati authored Dec 14, 2022
2 parents 4d10c7f + 701db1c commit a92e03a
Show file tree
Hide file tree
Showing 10 changed files with 99 additions and 15 deletions.
38 changes: 35 additions & 3 deletions lib/travis/api/app/endpoint/setting_endpoint.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,11 @@

class Travis::Api::App
class SettingsEndpoint < Endpoint
include ActiveSupport::Callbacks

define_callbacks :after_save

set_callback :after_save, :after, :save_audit
set(:prefix) { "/settings/" << name[/[^:]+$/].underscore }

class << self
Expand Down Expand Up @@ -38,6 +43,7 @@ def define_routes!
# Rails style methods for easy overriding
def index
respond_with(collection, type: name, version: :v2)

end

def show
Expand All @@ -48,9 +54,12 @@ def update
disallow_migrating!(repo)

record.update(JSON.parse(request.body.read)[singular_name])

if record.valid?
@changes = { :"env_vars" => { created: "name: #{record.name}, is_public: #{record.public}, branch: #{record.branch || 'all'} " } } if is_env_var?

repo_settings.save
run_callbacks :after_save if is_env_var?

respond_with(record, type: singular_name, version: :v2)
else
status 422
Expand All @@ -62,9 +71,12 @@ def create
disallow_migrating!(repo)

record = collection.create(JSON.parse(request.body.read)[singular_name])

if record.valid?
@changes = { :"env_vars" => { created: "name: #{record.name}, is_public: #{record.public}, branch: #{record.branch || 'all'}" } } if is_env_var?

repo_settings.save
run_callbacks :after_save if is_env_var?

respond_with(record, type: singular_name, version: :v2)
else
status 422
Expand All @@ -76,7 +88,11 @@ def destroy
disallow_migrating!(repo)

record = collection.destroy(params[:id]) || record_not_found
@changes = { :"env_vars" => { destroyed: "name: #{record.name}, is_public: #{record.public}, branch: #{record.branch || 'all'} " } } if is_env_var?

repo_settings.save
run_callbacks :after_save if is_env_var?

respond_with(record, type: singular_name, version: :v2)
end

Expand All @@ -89,7 +105,7 @@ def collection
end

def repo
Repository.find(params[:repository_id])
@repo = Repository.find(params[:repository_id])
end

# This method can't be called "settings" because it clashes with
Expand All @@ -107,5 +123,21 @@ def record
def record_not_found
halt(404, { error: "Could not find a requested setting" })
end

def changes
@changes
end

def is_env_var?
singular_name == 'env_var'
end

private

def save_audit
change_source = access_token.app_id == 2 ? 'admin-v2' : 'travis-api'
Travis::API::V3::Models::Audit.create!(owner: current_user, change_source: change_source, source: @repo, source_changes: { settings: self.changes })
@changes = {}
end
end
end
31 changes: 28 additions & 3 deletions lib/travis/api/v3/models/env_vars.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,24 @@

module Travis::API::V3
class Models::EnvVars < Travis::Settings::Collection
include Models::JsonSync
include Models::JsonSync, ActiveSupport::Callbacks
extend ActiveSupport::Concern
model Models::EnvVar
define_callbacks :after_save

set_callback :after_save, :after, :save_audit

attr_accessor :user, :change_source
# See Models::JsonSync
def to_h
{ 'env_vars' => map(&:to_h).map(&:stringify_keys) }
end

def create(attributes)
super(attributes).tap { sync! }
@changes = { :"env_vars" => { created: "#{attributes.except("value")}" } }
env_var = super(attributes).tap { sync! }
run_callbacks :after_save
env_var
end

def add(env_var)
Expand All @@ -20,11 +28,28 @@ def add(env_var)
end

def destroy(id)
super(id).tap { sync! }
env_var = find(id)
@changes = { :"env_vars" => { deleted: "#{env_var.attributes.delete("value")}" } }
deleted_env_var = super(id).tap { sync! }
run_callbacks :after_save
deleted_env_var
end

def repository
@repository ||= Models::Repository.find(additional_attributes[:repository_id])
end

def changes
@changes
end

private

def save_audit
if self.change_source
Travis::API::V3::Models::Audit.create!(owner: self.user, change_source: self.change_source, source: self.repository, source_changes: { settings: self.changes })
@changes = {}
end
end
end
end
14 changes: 10 additions & 4 deletions lib/travis/api/v3/queries/env_var.rb
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,20 @@ def find(repository)
repository.env_vars.find(id)
end

def update(env_var)
def update(env_var, from_admin)
env_vars = env_var.repository.env_vars
env_vars.user = env_var.repository.user_settings.user
env_vars.change_source = 'travis-api' unless from_admin
env_var.update(env_var_params)
env_var.repository.env_vars.add(env_var)
env_vars.add(env_var)
env_var
end

def delete(repository)
repository.env_vars.destroy(id)
def delete(repository, from_admin)
env_vars = repository.env_vars
env_vars.user = repository.user_settings.user
env_vars.change_source = 'travis-api' unless from_admin
env_vars.destroy(id)
end
end
end
7 changes: 5 additions & 2 deletions lib/travis/api/v3/queries/env_vars.rb
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,11 @@ def find(repository)
repository.env_vars
end

def create(repository)
env_var = repository.env_vars.create(env_var_params)
def create(repository, from_admin)
env_vars = repository.env_vars
env_vars.user = repository.user_settings.user
env_vars.change_source = 'travis-api' unless from_admin
env_var = env_vars.create(env_var_params)
unless env_var.valid?
repository.env_vars.destroy(env_var.id)
handle_errors(env_var)
Expand Down
4 changes: 3 additions & 1 deletion lib/travis/api/v3/services/env_var/delete.rb
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,9 @@ def run!

env_var = find(:env_var, repository)
access_control.permissions(env_var).write!
query.delete(repository) and deleted
app_id = Travis::Api::App::AccessToken.find_by_token(access_control.token).app_id

query.delete(repository, app_id == 2) and deleted
end
end
end
4 changes: 3 additions & 1 deletion lib/travis/api/v3/services/env_var/update.rb
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,9 @@ def run!

env_var = find(:env_var, repository)
access_control.permissions(env_var).write!
result query.update(env_var)
app_id = Travis::Api::App::AccessToken.find_by_token(access_control.token).app_id

result query.update(env_var, app_id == 2)
end
end
end
3 changes: 2 additions & 1 deletion lib/travis/api/v3/services/env_vars/create.rb
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,9 @@ def run!
repository = check_login_and_find(:repository)
access_control.permissions(repository).create_env_var!
return repo_migrated if migrated?(repository)
app_id = Travis::Api::App::AccessToken.find_by_token(access_control.token).app_id

env_var = query(:env_vars).create(repository)
env_var = query(:env_vars).create(repository, app_id == 2)
result(env_var, status: 201)
end
end
Expand Down
4 changes: 4 additions & 0 deletions spec/v3/services/env_var/delete_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,10 @@
example 'does not clobber other settings' do
expect(repo.reload.settings['foo']).to eq 'bar'
end
example 'audit is created' do
expect(Travis::API::V3::Models::Audit.last.source_id).to eq(repo.id)
expect(Travis::API::V3::Models::Audit.last.source_type).to eq('Repository')
end
end
end

Expand Down
4 changes: 4 additions & 0 deletions spec/v3/services/env_var/update_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,10 @@
example 'does not clobber other settings' do
expect(repo.reload.settings['foo']).to eq 'bar'
end
example 'audit is created' do
expect(Travis::API::V3::Models::Audit.last.source_id).to eq(repo.id)
expect(Travis::API::V3::Models::Audit.last.source_type).to eq('Repository')
end
end

context do
Expand Down
5 changes: 5 additions & 0 deletions spec/v3/services/env_vars/create_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,11 @@
example 'persists repository id' do
expect(repo.reload.settings['env_vars'].first['repository_id']).to eq repo.id
end
example 'audit is created' do
expect(Travis::API::V3::Models::Audit.last.source_id).to eq(repo.id)
expect(Travis::API::V3::Models::Audit.last.source_type).to eq('Repository')
expect(Travis::API::V3::Models::Audit.last.source_changes).to eq({"settings"=>{"env_vars"=>{"created"=> "{\"name\"=>\"FOO\", \"public\"=>false}"}}})
end
end

describe 'public' do
Expand Down

0 comments on commit a92e03a

Please sign in to comment.