Add update feature for variables API

a692ce1c · Tomasz Maczukin · ea4777ff · a692ce1c · a692ce1c
--- a/lib/api/variables.rb
+++ b/lib/api/variables.rb
@@ -24,7 +24,7 @@ class Variables < Grape::API
      #   id (required) - The ID of a project
      #   variable_id (required) - The ID OR `key` of variable to show; if variable_id contains only digits it's treated
      #                            as ID other ways it's treated as `key`
-      # Example Reuest:
+      # Example Request:
      #   GET /projects/:id/variables/:variable_id
      get ':id/variables/:variable_id' do
        variable_id = params[:variable_id]
@@ -38,6 +38,25 @@ class Variables < Grape::API

        present variables.first, with: Entities::Variable
      end
+
+      # Update existing variable of a project
+      #
+      # Parameters:
+      #   id (required) - The ID of a project
+      #   variable_id (required) - The ID of a variable
+      #   key (optional) - new value for `key` field of variable
+      #   value (optional) - new value for `value` field of variable
+      # Example Request:
+      #   PUT /projects/:id/variables/:variable_id
+      put ':id/variables/:variable_id' do
+        variable = user_project.variables.where(id: params[:variable_id].to_i).first
+
+        variable.key = params[:key]
+        variable.value = params[:value]
+        variable.save!
+
+        present variable, with: Entities::Variable
+      end
    end
  end
 end
--- a/spec/requests/api/variables_spec.rb
+++ b/spec/requests/api/variables_spec.rb
@@ -40,25 +40,25 @@
  describe 'GET /projects/:id/variables/:variable_id' do
    context 'authorized user with proper permissions' do
      it 'should return project variable details when ID is used as :variable_id' do
-        get api("/projects/#{project.id}/variables/1", user)
+        get api("/projects/#{project.id}/variables/#{variable.id}", user)

        expect(response.status).to eq(200)
-        expect(json_response['key']).to eq('TEST_VARIABLE_1')
-        expect(json_response['value']).to eq('VALUE_1')
+        expect(json_response['key']).to eq(variable.key)
+        expect(json_response['value']).to eq(variable.value)
      end

      it 'should return project variable details when `key` is used as :variable_id' do
-        get api("/projects/#{project.id}/variables/TEST_VARIABLE_1", user)
+        get api("/projects/#{project.id}/variables/#{variable.key}", user)

        expect(response.status).to eq(200)
-        expect(json_response['id']).to eq(1)
-        expect(json_response['value']).to eq('VALUE_1')
+        expect(json_response['id']).to eq(variable.id)
+        expect(json_response['value']).to eq(variable.value)
      end
    end

    context 'authorized user with invalid permissions' do
      it 'should not return project variable details' do
-        get api("/projects/#{project.id}/variables/1", user2)
+        get api("/projects/#{project.id}/variables/#{variable.id}", user2)

        expect(response.status).to eq(403)
      end
@@ -66,7 +66,43 @@

    context 'unauthorized user' do
      it 'should not return project variable details' do
-        get api("/projects/#{project.id}/variables/1")
+        get api("/projects/#{project.id}/variables/#{variable.id}")
+
+        expect(response.status).to eq(401)
+      end
+    end
+  end
+
+  describe 'PUT /projects/:id/variables/:variable_id' do
+    context 'authorized user with proper permissions' do
+      it 'should update variable data' do
+        initial_variable = project.variables.first
+        key_before = initial_variable.key
+        value_before = initial_variable.value
+
+        put api("/projects/#{project.id}/variables/#{variable.id}", user), key: 'TEST_VARIABLE_1_UP', value: 'VALUE_1_UP'
+
+        updated_variable = project.variables.first
+
+        expect(response.status).to eq(200)
+        expect(key_before).to eq(variable.key)
+        expect(value_before).to eq(variable.value)
+        expect(updated_variable.key).to eq('TEST_VARIABLE_1_UP')
+        expect(updated_variable.value).to eq('VALUE_1_UP')
+      end
+    end
+
+    context 'authorized user with invalid permissions' do
+      it 'should not update variable' do
+        put api("/projects/#{project.id}/variables/#{variable.id}", user2)
+
+        expect(response.status).to eq(403)
+      end
+    end
+
+    context 'unauthorized user' do
+      it 'should not return project variable details' do
+        put api("/projects/#{project.id}/variables/#{variable.id}")

        expect(response.status).to eq(401)
      end