summaryrefslogtreecommitdiff
path: root/lib/api/helpers.rb
Commit message (Collapse)AuthorAgeFilesLines
* Enable the Style/PreferredHashMethods coprc/enable-PreferredHashMethods-copRémy Coutable2017-06-021-1/+1
| | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* Add missing specsKamil Trzcinski2017-06-011-0/+10
|
* Add :owned param to ProjectFinderToon Claes2017-05-301-5/+2
| | | | And use it in the API.
* Use helper to construct Finder paramsToon Claes2017-05-301-0/+10
| | | | | | | The ProjectsFinder and GroupFinder both support the same set of params. And the `/api/v4/projects` and `/api/v4/group/:id/projects` also support the same set of params. But they do not match the Finder params. So use a helper method to transform them.
* Use ProjectFinder to filter the projectsToon Claes2017-05-301-13/+0
| | | | | Instead of trying to do the heavy lifting in the API itself, use the existing features of the ProjectFinder.
* Handle `membership` in ProjectFinderToon Claes2017-05-301-4/+0
| | | | | The ProjectFinder supports the `non_public` parameter. This can be used to find only projects the user is member of.
* Merge branch '27144-enforce-rubocop-trailing_commas-no_comma-style' into ↵Robert Speicher2017-05-101-1/+1
|\ | | | | | | | | | | | | | | | | | | 'master' Resolve "Use consistent style for trailing commas" Closes #27144 See merge request !11063
| * Enable the Style/TrailingCommaInArguments copRémy Coutable2017-05-101-1/+1
| | | | | | | | | | | | Use the EnforcedStyleForMultiline: no_comma option. Signed-off-by: Rémy Coutable <remy@rymai.me>
* | Use new SnippetsFinder signature in APIbvl-security-patchesBob Van Landuyt2017-05-101-2/+2
|/
* Allow admins to sudo to blocked users.29505-allow-admins-sudo-to-blocked-usersTimothy Andrew2017-04-261-1/+1
| | | | | | | | | | - Currently, (for example) admins can't delete snippets for blocked users, which is an unexpected limitation. - We modify `authenticate!` to conduct the `access_api` policy check against the `initial_current_user`, instead of the user being impersonated. - Update CHANGELOG for !10842
* Remove the User#is_admin? methodblackst0ne2017-04-091-2/+2
|
* API: Make the /notes endpoint work with noteable iid instead of idToon Claes2017-03-271-0/+5
| | | | | | | | | | | | | | | | In API V4 all endpoints were changed so Merge Requests and Issues should be referred by iid, instead of id. Except the /notes endpoint was forgotten. So change the endpoints from: - /projects/:id/issues/:issue_id/notes - /projects/:id/merge_requests/:merge_request_id/notes To: - /projects/:id/issues/:issue_iid/notes - /projects/:id/merge_requests/:merge_request_iid/notes For Project Snippets nothing changes.
* use the policy stack to protect loginshttp://jneen.net/2017-03-091-1/+1
|
* use a magic default :global symbol instead of nilhttp://jneen.net/2017-03-091-2/+2
| | | | to make sure we mean the global permissions
* API routes referencing a specific merge request should use the MR `iid`Timothy Andrew2017-03-071-4/+4
| | | | | | - As opposed to the `id` that was previously being used. - This brings the API routes closer to the web interface's routes. - This is specific to API v4.
* API routes referencing a specific issue should use the issue `iid`Timothy Andrew2017-03-071-2/+2
| | | | | | - As opposed to the issue `id` that was previously being used. - This brings the API routes closer to the web interface's routes. - This is specific to API v4.
* Test various login scenarios if the limit gets enforcedPawel Chojnacki2017-03-061-7/+8
|
* Remove "subscribed" field from API responses returning list of issues or ↵api-drop-subscribedAdam Niedzielski2017-03-061-8/+0
| | | | merge requests
* Rename query parameter to `membership`28865-filter-by-authorized-projects-in-v4Toon Claes2017-03-031-1/+1
| | | | The query parameter `membership` should be more self-explaining.
* Add filter param for authorized projects for current_user for V4Oswaldo Ferreira2017-03-031-0/+4
|
* Enable filtering milestones by search criteria in the APIMark Fletcher2017-03-021-0/+4
| | | | - Also remove a redundant test
* Return 202 with JSON body on async removals on V4 API3874-correctly-return-json-on-delete-responsesOswaldo2017-02-231-0/+4
|
* Enable Style/MutableConstantDouwe Maan2017-02-231-1/+1
|
* Merge branch '28093-snippet-and-issue-spam-check-on-edit' into 'master'Sean McGivern2017-02-221-0/+4
|\ | | | | | | | | | | | | Spam check and reCAPTCHA improvements Closes #28093 See merge request !9248
| * Spam check and reCAPTCHA improvements28093-snippet-and-issue-spam-check-on-editOswaldo Ferreira2017-02-211-0/+4
| |
* | No more and/orDouwe Maan2017-02-211-1/+1
|/
* Use grape validation for datesapi-grape-datetimeRobert Schilling2017-02-201-16/+0
|
* API: Consolidate /projects endpointToon Claes2017-02-141-0/+8
| | | | | | | | | | | It consolidates these endpoints: - /projects - /projects/owned - /projects/visible - /projects/starred - /projects/all Into the /projects endpoint using query parameters.
* API: Fix file downloadingRobert Schilling2017-02-031-1/+1
|
* replace `find_with_namespace` with `find_by_full_path`Adam Pahlevi2017-02-031-1/+1
| | | | add complete changelog for !8949
* Merge branch 'fix-api-mr-permissions' into 'security'Robert Speicher2017-01-231-0/+6
| | | | | | Ensure that only privileged users can access merge requests in the API See merge request !2053
* Fix specsKamil Trzcinski2017-01-191-1/+1
|
* Fix specsKamil Trzcinski2017-01-191-1/+1
|
* Merge remote-tracking branch 'origin/master' into 21698-redis-runner-last-buildKamil Trzcinski2017-01-191-51/+9
|\
| * Merge branch 'time-tracking-api' into 'master' Sean McGivern2017-01-181-0/+4
| |\ | | | | | | | | | | | | | | | | | | Time tracking API Closes #25861 See merge request !8483
| | * Add some API endpoints for time tracking.Ruben Davila2017-01-181-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | New endpoints are: POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/time_estimate" POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/reset_time_estimate" POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/add_spent_time" POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/reset_spent_time" GET :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/time_stats"
| * | Fix a API deprecation warningfix-deprecation-warningRobert Schilling2017-01-161-1/+1
| |/
| * fix pipelines/index.html.haml merge conflictRegis2017-01-021-2/+2
| |\
| | * Merge branch 'fix-api-deprecation' into 'master' Robert Schilling2016-12-281-1/+1
| | |\ | | | | | | | | | | | | | | | | Fix a Grape deprecation, use `#request_method` instead of `#route_method` See merge request !8297
| | | * Fix a Grape deprecation, use `#request_method` instead of `#route_method`fix-api-deprecationRémy Coutable2016-12-231-1/+1
| | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
| | * | Add more storage statisticsMarkus Koller2016-12-211-1/+1
| | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds counters for build artifacts and LFS objects, and moves the preexisting repository_size and commit_count from the projects table into a new project_statistics table. The counters are displayed in the administration area for projects and groups, and also available through the API for admins (on */all) and normal users (on */owned) The statistics are updated through ProjectCacheWorker, which can now do more granular updates with the new :statistics argument.
| * | Remove redundant pagination helpers after a bad mergeGrzegorz Bizon2016-12-211-32/+0
| | | | | | | | | | | | [ci skip]
| * | Merge branch 'master' into auto-pipelines-vueGrzegorz Bizon2016-12-211-12/+3
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * master: (367 commits) Set “Remove branch” button to default size remove unused helper method reduce common code even further to satisfy rake flay remove button class size alteration from revert and cherry pick links factor out common code to satisfy rake flay homogenize revert and cherry-pick button styles generated by commits_helper apply margin on alert banners only when there is one or more alerts Rename MattermostNotificationService back to MattermostService Rename SlackNotificationService back to SlackService Fix stage and pipeline specs and rubocop offenses Added QueryRecorder to test N+1 fix on Milestone#show Use gitlab-workhorse 1.2.1 Make 'unmarked as WIP' message more consistent Improve specs for Files API Allow unauthenticated access to Repositories Files API GET endpoints Add isolated view spec for pipeline stage partial Move test for HTML stage endpoint to controller specs Fix sizing of avatar circles; add border Fix broken test Fix broken test Changes after review ... Conflicts: app/assets/stylesheets/pages/pipelines.scss app/controllers/projects/pipelines_controller.rb app/views/projects/pipelines/index.html.haml spec/features/projects/pipelines/pipelines_spec.rb
| | * Calls to the API are checked for scope.Timothy Andrew2016-12-161-12/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Move the `Oauth2::AccessTokenValidationService` class to `AccessTokenValidationService`, since it is now being used for personal access token validation as well. - Each API endpoint declares the scopes it accepts (if any). Currently, the top level API module declares the `api` scope, and the `Users` API module declares the `read_user` scope (for GET requests). - Move the `find_user_by_private_token` from the API `Helpers` module to the `APIGuard` module, to avoid littering `Helpers` with more auth-related methods to support `find_user_by_private_token`
| * | merge masterRegis2016-12-131-62/+106
| |\ \ | | |/
| * | Merge branch 'master' into auto-pipelines-vueGrzegorz Bizon2016-12-091-20/+11
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * master: (76 commits) Update "Installation from source" guide for 8.15.0 Group links spec update Updates the font weight of button styles because of the change to system fonts Refactor SSH keys docs Improvements to setting up ssh Do not reload diff for merge request made from fork when target branch in fork is updated Add 8.12.10, 8.12.11, and 8.12.12 CHANGELOG.md items Changes after review Fix broken test Adds CHANGELOG entry Adds tests Uniformize props name format Replace commit icon svg logic Replace play icon svg logic Updated JS based on review Fixed group links dropdown to match Update docs to reflect new defaults on omnibus Merge branch 'jej-23867-use-mr-finder-instead-of-access-check' into 'security' Merge branch 'html-safe-diff-line-content' into 'security' Merge branch 'rs-filter-authentication_token' into 'security' Merge branch 'destroy-session' into 'security' ... Conflicts: app/models/ci/pipeline.rb app/models/commit_status.rb app/views/projects/ci/pipelines/_pipeline.html.haml app/views/projects/commit/_pipeline.html.haml app/views/projects/pipelines/_with_tabs.html.haml app/views/projects/pipelines/index.html.haml lib/api/helpers.rb
| * | | Extract API pagination code to a separete moduleGrzegorz Bizon2016-12-071-38/+1
| | | |
* | | | WIP: Add tests and make sure that headers are set21698-redis-runner-last-buildLin Jen-Shin2017-01-041-1/+1
| |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | * We realized that headers were not set whenever we give 204 because `render_api_error!` doesn't preserve the headers. * We also realized that `update_runner_info` would be called in POST /builds/register every time therefore runner is updated every time, ticking the queue, making this last_update didn't work very well, and the test would be failing due to that.
* | | Merge branch '25482-fix-api-sudo' into 'master' Sean McGivern2016-12-131-53/+76
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | API: Memoize the current_user so that the sudo can work properly Closes #25482 See merge request !8017
| * | | Be smarter when finding a sudoed user in API::Helpers25482-fix-api-sudoRémy Coutable2016-12-131-13/+11
| | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
View Lorry Controller Status