summaryrefslogtreecommitdiff
path: root/lib/api/helpers.rb
Commit message (Collapse)AuthorAgeFilesLines
* Validate label params against all labels available to project on the APIDouglas Barbosa Alexandre2016-10-191-10/+9
|
* Merge branch 'memoize_shell_secret_token' into 'master' Rémy Coutable2016-10-071-1/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Memoize Github::Shell's secret token ## What does this MR do? `API::Helpers#secret_token` was reading the secret file on every invocation. This MR reads the file in the `gitlab_shell_secret_token.rb` initializer and saves it as a class variable at `Gitlab::Shell.secret_token` ## Are there points in the code the reviewer needs to double check? - I'm not sure if the use of `cattr_accessor` is the best approach, or if should be moved into the `class << self` block? - Should `API::Helpers#secret_token` be removed in favor of using `Gitlab::Shell.secret_token`? ## Why was this MR needed? Performance optimization. Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22510 See merge request !6599
| * Load Github::Shell's secret token from file on initialization instead of ↵Justin DiPierro2016-10-061-1/+1
| | | | | | | | every request.
* | Switch from request to env in ::API::HelpersNick Thomas2016-10-061-1/+1
|/ | | | | | Per https://gitlab.com/gitlab-org/gitlab-ce/issues/22820, this helper is mixed in to classes that lack a `request` method. They do include `env`, so use it instead.
* API: disable rails session auth for non-GET/HEAD requestsNick Thomas2016-09-231-1/+4
|
* Enable Warden for the Grape APINick Thomas2016-09-191-3/+20
| | | | | | | | | | | | | | The practical effect of this commit is to make the API check the Rails session cookie for authentication details. If the cookie is present and valid, it will be used to authenticate. The API now has several authentication options for users. They follow in this order of precedence: * Authentication token * Personal access token * OAuth2 Bearer token (Doorkeeper - application access) * Rails session cookie
* Change response for /ci/api/v1/builds/register.json from 404 to 204Tomasz Maczukin2016-09-131-0/+4
|
* use a nil subject when we want to check global abilitieshttp://jneen.net/2016-08-301-1/+1
|
* remove Ability.abilitieshttp://jneen.net/2016-08-301-5/+1
|
* remove six, and use a Set insteadhttp://jneen.net/2016-08-301-5/+1
|
* Add Sentry logging to API callsadd-sentry-logging-to-apiStan Hu2016-08-241-0/+32
| | | | Closes #21043
* Restore back-compatibility for current members API endpointsRémy Coutable2016-08-101-1/+0
| | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* New AccessRequests API endpoints for Group & ProjectRémy Coutable2016-08-101-19/+6
| | | | | | | | Also, mutualize AccessRequests and Members endpoints for Group & Project. New API documentation for the AccessRequests endpoints. Signed-off-by: Rémy Coutable <remy@rymai.me>
* Replace parse_boolean with to_booleanRobert Schilling2016-07-201-5/+1
|
* API: Expose 'developers_can_push' for branchesRobert Schilling2016-07-191-0/+7
|
* Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' ""Rémy Coutable2016-07-181-1/+1
| | | | | | | | This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
* Revert "Merge branch '18193-developers-can-merge' into 'master' "Robert Speicher2016-07-131-1/+1
| | | | | This reverts commit 9ca633eb4c62231e4ddff5466c723cf8e2bdb25d, reversing changes made to fb229bbf7970ba908962b837b270adf56f14098f.
* Refactor `Gitlab::GitAccess`Timothy Andrew2016-07-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Don't use case statements for dispatch anymore. This leads to a lot of duplication, and makes the logic harder to follow. 2. Remove duplicated logic. - For example, the `can_push_to_branch?` exists, but we also have a different way of checking the same condition within `change_access_check`. - This kind of duplication is removed, and the `can_push_to_branch?` method is used in both places. 3. Move checks returning true/false to `UserAccess`. - All public methods in `GitAccess` now return an instance of `GitAccessStatus`. Previously, some methods would return true/false as well, which was confusing. - It makes sense for these kinds of checks to be at the level of a user, so the `UserAccess` class was repurposed for this. The prior `UserAccess.allowed?` classmethod is converted into an instance method. - All external uses of these checks have been migrated to use the `UserAccess` class 4. Move the "change_access_check" into a separate class. - Create the `GitAccess::ChangeAccessCheck` class to run these checks, which are quite substantial. - `ChangeAccessCheck` returns an instance of `GitAccessStatus` as well. 5. Break out the boolean logic in `ChangeAccessCheck` into `if/else` chains - this seems more readable. 6. I can understand that this might look like overkill for !4892, but I think this is a good opportunity to clean it up. - http://martinfowler.com/bliki/OpportunisticRefactoring.html
* Implement @DouweM's feedback.Timothy Andrew2016-06-161-11/+3
| | | | | | | | | | | | | - Extract a duplicated `redirect_to` - Fix a typo: "token", not "certificate" - Have the "Expires at" datepicker be attached to a text field, not inline - Have both private tokens and personal access tokens verified in a single "authenticate_from_private_token" method, both in the application and API. Move relevant logic to `User#find_by_personal_access_token` - Remove unnecessary constants relating to API auth. We don't need a separate constant for personal access tokens since the param is the same as for private tokens.
* Merge remote-tracking branch 'origin/master' into 2979-personal-access-tokensTimothy Andrew2016-06-141-0/+18
|\
| * Fix Error 500 when using closes_issues API with an external issue trackerStan Hu2016-06-111-0/+8
| | | | | | | | Closes #18484
| * Satisfy Rubocopworkhorse-helpersDouwe Maan2016-06-101-2/+2
| |
| * Add workhorse controller and API helpersDouwe Maan2016-06-061-0/+10
| |
* | Merge remote-tracking branch 'origin/master' into 2979-personal-access-tokensTimothy Andrew2016-06-031-2/+13
|\ \ | |/
| * Enable Style/DefWithParentheses cop and fix single offenseRobert Speicher2016-05-231-1/+1
| |
| * Codestyle: make sure we have space around operatorsGabriel Mazetto2016-05-131-1/+1
| |
| * Add API endpoints for un/subscribing from/to a labelAhmad Sherif2016-05-121-0/+11
| | | | | | | | Closes #15638
* | Reuse the private token param and header for personal access tokens.Timothy Andrew2016-05-111-2/+2
| | | | | | | | | | | | | | | | - https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3749#note_11626427 - Personal access tokens are still a separate entity as far as the codebase is concerned - they just happen to use the same entry point as private tokens. - Update tests and documentation to reflect this change
* | Merge remote-tracking branch 'origin/master' into 2979-personal-access-tokensTimothy Andrew2016-05-111-0/+16
|\ \ | |/
| * API support for the 'since' and 'until' operators on commit requestsPaco Guzman2016-04-291-0/+16
| | | | | | - Parameter validation as ISO8601 format
* | Combine `API::Helpers::Core` and `API::Helpers::Authentication` back into ↵Timothy Andrew2016-04-281-0/+397
| | | | | | | | | | | | | | `API::Helpers` - Makes the MR easier to read; this can go in a separate MR - This is a (sort of) revert of 99bea01
* | Refactor `API::Helpers` into `API::Helpers::Core` and ↵Timothy Andrew2016-04-281-385/+0
|/ | | | `API::Helpers::Authentication`
* Merge branch 'api-star-project' into 'master' Rémy Coutable2016-04-131-0/+4
|\ | | | | | | | | | | | | | | | | | | API: Star and unstar a project Add two new endpoints `POST /projects/:id/star` and `POST /projects/:id/unstar` to star and unstar a project. * Closes #12739 See merge request !3578
| * Styling changes to code and docsRobert Schilling2016-04-131-1/+1
| |
| * API: Star and unstar a projectRobert Schilling2016-04-131-0/+4
| |
* | API: Return 404 if user does not have access to groupRobert Schilling2016-04-131-2/+1
|/
* minor improvements and fixed specsZeger-Jan van de Weg2016-03-191-3/+1
|
* Fix add_pagination_headers to keep request parameters in Link headerMichi3022016-02-021-5/+15
|
* Fix CI runner version not being properly updated when asking for a buildfix-ci-runners-version-updateKamil Trzcinski2016-01-271-2/+3
| | | | | | Due to broken implementation of attribute_for_keys the runner information was not updated correctly. This MR adds test to check that such scenario will never happen again.
* Change 'public' flag to more robust 'visibility' query.Josh Frye2016-01-191-2/+2
|
* Add public params to GET /projects api. Closes #3788Josh Frye2016-01-191-0/+4
|
* Merge branch 'master' of https://gitlab.com/gitlab-org/gitlab-ce into ↵Rémy Coutable2016-01-141-1/+3
|\ | | | | | | add-pagination-headers-to-api
| * Refactor build artifacts upload API endpointGrzegorz Bizon2016-01-141-1/+3
| |
* | Add pagination headers to already paginated API resourcesadd-pagination-headers-to-apiRémy Coutable2016-01-141-11/+19
|/
* Migrate CI::Project to ProjectKamil Trzcinski2015-12-111-6/+1
|
* Use normal file upload mechanism to upload artifactsKamil Trzcinski2015-11-101-6/+10
|
* Move tmp artifacts to shared/artifacts/tmp/. Check for GitLab-Workhorse nowKamil Trzcinski2015-11-101-1/+1
|
* Implement Build ArtifactsKamil Trzcinski2015-11-101-0/+44
| | | | | | | - Offloads uploading to GitLab Workhorse - Use /authorize request for fast uploading - Added backup recipes for artifacts - Support download acceleration using X-Sendfile
* Fix API::APIHelpers -> API::Helpers;Jason Lee2015-10-231-1/+1
| | | | Rails Autoload find file to require is use , APIHelpers -> api_helpers.rb, not helpers.rb;
* Fix rubocop warnings in libGuilherme Garnier2015-10-031-3/+2
|
View Lorry Controller Status