From e41dadcb33fda44ee274daa673bd933e13aa90eb Mon Sep 17 00:00:00 2001 From: Valery Sizov Date: Fri, 19 Dec 2014 16:15:29 +0200 Subject: Doorkeeper integration --- lib/api/helpers.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/api/helpers.rb') diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 027fb20ec46..2f2342840fd 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -11,7 +11,7 @@ module API def current_user private_token = (params[PRIVATE_TOKEN_PARAM] || env[PRIVATE_TOKEN_HEADER]).to_s - @current_user ||= User.find_by(authentication_token: private_token) + @current_user ||= (User.find_by(authentication_token: private_token) || doorkeeper_guard) unless @current_user && Gitlab::UserAccess.allowed?(@current_user) return nil -- cgit v1.2.1 From 7fa80b5bd01caff61c08c70b052c9965893cce5a Mon Sep 17 00:00:00 2001 From: Marin Jankovski Date: Tue, 30 Dec 2014 13:36:13 +0100 Subject: Update branch api not found messages to 'Branch not found'. --- lib/api/helpers.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/api/helpers.rb') diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 2f2342840fd..62c26ef76ce 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -42,7 +42,7 @@ module API def user_project @project ||= find_project(params[:id]) - @project || not_found! + @project || not_found!("Project") end def find_project(id) -- cgit v1.2.1 From e89058268118e3b2be4ebaf5d7bf2c684b590437 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Mon, 2 Feb 2015 20:36:54 -0800 Subject: Rubocop enabled for: Use spaces inside hash literal braces --- lib/api/helpers.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/api/helpers.rb') diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 62c26ef76ce..1ded63d136f 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -173,7 +173,7 @@ module API end def render_api_error!(message, status) - error!({'message' => message}, status) + error!({ 'message' => message }, status) end private -- cgit v1.2.1 From 4e97f26649a7756bef843fca74e3c58eadd117e1 Mon Sep 17 00:00:00 2001 From: jubianchi Date: Fri, 30 Jan 2015 10:46:08 +0100 Subject: Acces groups with their path in API --- lib/api/helpers.rb | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) (limited to 'lib/api/helpers.rb') diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 62c26ef76ce..96249ea8cfe 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -55,6 +55,21 @@ module API end end + def find_group(id) + begin + group = Group.find(id) + rescue ActiveRecord::RecordNotFound + group = Group.find_by!(path: id) + end + + if can?(current_user, :read_group, group) + group + else + forbidden!("#{current_user.username} lacks sufficient "\ + "access to #{group.name}") + end + end + def paginate(relation) per_page = params[:per_page].to_i paginated = relation.page(params[:page]).per(per_page) @@ -135,10 +150,16 @@ module API errors end + def validate_access_level?(level) + Gitlab::Access.options_with_owner.values.include? level.to_i + end + # error helpers - def forbidden! - render_api_error!('403 Forbidden', 403) + def forbidden!(reason = nil) + message = ['403 Forbidden'] + message << " - #{reason}" if reason + render_api_error!(message.join(' '), 403) end def bad_request!(attribute) -- cgit v1.2.1 From bdfb349ff70f0fde6d4dc7b4317c3bc7ead580a4 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Thu, 5 Feb 2015 22:00:54 -0800 Subject: Refactor and improve sorting objects in API for projects, issues and merge requests --- lib/api/helpers.rb | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'lib/api/helpers.rb') diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index be9e4280d65..8fa30460ba6 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -154,6 +154,22 @@ module API Gitlab::Access.options_with_owner.values.include? level.to_i end + def issuable_order_by + if params["order_by"] == 'updated_at' + 'updated_at' + else + 'created_at' + end + end + + def issuable_sort + if params["sort"] == 'asc' + :asc + else + :desc + end + end + # error helpers def forbidden!(reason = nil) -- cgit v1.2.1 From b0dacc8eb06615cf5d0afb1fc8d799dd64325846 Mon Sep 17 00:00:00 2001 From: Vinnie Okada Date: Tue, 20 Jan 2015 20:34:09 -0700 Subject: Edit group members via API Add an API endpoint to update the access level of an existing group member. --- lib/api/helpers.rb | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lib/api/helpers.rb') diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 8fa30460ba6..a50ee4659a3 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -238,5 +238,10 @@ module API def secret_token File.read(Rails.root.join('.gitlab_shell_secret')) end + + def handle_member_errors(errors) + error!(errors[:access_level], 422) if errors[:access_level].any? + not_found!(errors) + end end end -- cgit v1.2.1 From 558dd811971776fc4a921b79296f5d792b245686 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Wed, 18 Feb 2015 14:58:20 -0800 Subject: Improve broadcast message API --- lib/api/helpers.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/api/helpers.rb') diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index a50ee4659a3..228a719fbdf 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -83,7 +83,7 @@ module API end def authenticate_by_gitlab_shell_token! - unauthorized! unless secret_token == params['secret_token'] + unauthorized! unless secret_token == params['secret_token'].try(:chomp) end def authenticated_as_admin! @@ -236,7 +236,7 @@ module API end def secret_token - File.read(Rails.root.join('.gitlab_shell_secret')) + File.read(Rails.root.join('.gitlab_shell_secret')).chomp end def handle_member_errors(errors) -- cgit v1.2.1