From b55c3a7bc4c23618860916738702b5d62820c351 Mon Sep 17 00:00:00 2001 From: Alexis Reigel Date: Tue, 12 Sep 2017 11:34:34 +0200 Subject: support group runners in existing API endpoints --- lib/api/entities.rb | 18 +++++++++++++++--- lib/api/runner.rb | 5 ++++- lib/api/runners.rb | 1 + lib/api/v3/runners.rb | 1 + 4 files changed, 21 insertions(+), 4 deletions(-) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 8aad320e376..f28c4bcc784 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -242,13 +242,18 @@ module API expose :requested_at end - class Group < Grape::Entity - expose :id, :name, :path, :description, :visibility + class BasicGroupDetails < Grape::Entity + expose :id + expose :web_url + expose :name + end + + class Group < BasicGroupDetails + expose :path, :description, :visibility expose :lfs_enabled?, as: :lfs_enabled expose :avatar_url do |group, options| group.avatar_url(only_path: false) end - expose :web_url expose :request_access_enabled expose :full_name, :full_path @@ -965,6 +970,13 @@ module API options[:current_user].authorized_projects.where(id: runner.projects) end end + expose :groups, with: Entities::BasicGroupDetails do |runner, options| + if options[:current_user].admin? + runner.groups + else + options[:current_user].authorized_groups.where(id: runner.groups) + end + end end class RunnerRegistrationDetails < Grape::Entity diff --git a/lib/api/runner.rb b/lib/api/runner.rb index 4d4fbe50f9f..49d9b0b1b4f 100644 --- a/lib/api/runner.rb +++ b/lib/api/runner.rb @@ -25,8 +25,11 @@ module API # Create shared runner. Requires admin access Ci::Runner.create(attributes.merge(is_shared: true)) elsif project = Project.find_by(runners_token: params[:token]) - # Create a specific runner for project. + # Create a specific runner for the project project.runners.create(attributes) + elsif group = Group.find_by(runners_token: params[:token]) + # Create a specific runner for the group + group.runners.create(attributes) end break forbidden! unless runner diff --git a/lib/api/runners.rb b/lib/api/runners.rb index 5f2a9567605..ef4ec3f4800 100644 --- a/lib/api/runners.rb +++ b/lib/api/runners.rb @@ -199,6 +199,7 @@ module API forbidden!("Runner is shared") if runner.is_shared? forbidden!("Runner associated with more than one project") if runner.projects.count > 1 + forbidden!("Runner associated with more that one group") if runner.groups.count > 1 forbidden!("No access granted") unless user_can_access_runner?(runner) end diff --git a/lib/api/v3/runners.rb b/lib/api/v3/runners.rb index c6d9957d452..24e10128b79 100644 --- a/lib/api/v3/runners.rb +++ b/lib/api/v3/runners.rb @@ -54,6 +54,7 @@ module API forbidden!("Runner is shared") if runner.is_shared? forbidden!("Runner associated with more than one project") if runner.projects.count > 1 + forbidden!("Runner associated with more that one group") if runner.groups.count > 1 forbidden!("No access granted") unless user_can_access_runner?(runner) end -- cgit v1.2.1 From 32a9c85bd9a320984a17fa29cd6aaa3b45e0bf4c Mon Sep 17 00:00:00 2001 From: Alexis Reigel Date: Mon, 25 Sep 2017 13:34:45 +0200 Subject: revert support for v3 api --- lib/api/v3/runners.rb | 1 - 1 file changed, 1 deletion(-) (limited to 'lib/api') diff --git a/lib/api/v3/runners.rb b/lib/api/v3/runners.rb index 24e10128b79..c6d9957d452 100644 --- a/lib/api/v3/runners.rb +++ b/lib/api/v3/runners.rb @@ -54,7 +54,6 @@ module API forbidden!("Runner is shared") if runner.is_shared? forbidden!("Runner associated with more than one project") if runner.projects.count > 1 - forbidden!("Runner associated with more that one group") if runner.groups.count > 1 forbidden!("No access granted") unless user_can_access_runner?(runner) end -- cgit v1.2.1 From d0842d20758e2f33d44b41a250d361853abe47f4 Mon Sep 17 00:00:00 2001 From: Alexis Reigel Date: Mon, 25 Sep 2017 15:28:49 +0200 Subject: disallow group runners to become project runners --- lib/api/runners.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'lib/api') diff --git a/lib/api/runners.rb b/lib/api/runners.rb index ef4ec3f4800..84d33879c38 100644 --- a/lib/api/runners.rb +++ b/lib/api/runners.rb @@ -206,6 +206,7 @@ module API def authenticate_enable_runner!(runner) forbidden!("Runner is shared") if runner.is_shared? forbidden!("Runner is locked") if runner.locked? + forbidden!("Runner is a group runner") if runner.group? return if current_user.admin? forbidden!("No access granted") unless user_can_access_runner?(runner) -- cgit v1.2.1 From cc4bc22ae49582652413d45aa2f5b39dd2a15a82 Mon Sep 17 00:00:00 2001 From: Alexis Reigel Date: Wed, 20 Dec 2017 10:08:54 +0100 Subject: runner can't be assigned to more than 1 group therefore we don't need the api check. --- lib/api/runners.rb | 1 - 1 file changed, 1 deletion(-) (limited to 'lib/api') diff --git a/lib/api/runners.rb b/lib/api/runners.rb index 84d33879c38..1a05bed3465 100644 --- a/lib/api/runners.rb +++ b/lib/api/runners.rb @@ -199,7 +199,6 @@ module API forbidden!("Runner is shared") if runner.is_shared? forbidden!("Runner associated with more than one project") if runner.projects.count > 1 - forbidden!("Runner associated with more that one group") if runner.groups.count > 1 forbidden!("No access granted") unless user_can_access_runner?(runner) end -- cgit v1.2.1 From 5652ff953cba9773edbcb677908fe3f18b103be3 Mon Sep 17 00:00:00 2001 From: Dylan Griffith Date: Mon, 30 Apr 2018 10:43:29 +0400 Subject: Rename Runner#group? -> #assigned_to_group? and Runner#project? -> #assigned_to_project? --- lib/api/runners.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/api') diff --git a/lib/api/runners.rb b/lib/api/runners.rb index 1a05bed3465..11c31917fc5 100644 --- a/lib/api/runners.rb +++ b/lib/api/runners.rb @@ -205,7 +205,7 @@ module API def authenticate_enable_runner!(runner) forbidden!("Runner is shared") if runner.is_shared? forbidden!("Runner is locked") if runner.locked? - forbidden!("Runner is a group runner") if runner.group? + forbidden!("Runner is a group runner") if runner.assigned_to_group? return if current_user.admin? forbidden!("No access granted") unless user_can_access_runner?(runner) -- cgit v1.2.1 From 0d30b00de807df550bec947751c098317c5bb79f Mon Sep 17 00:00:00 2001 From: Dylan Griffith Date: Mon, 30 Apr 2018 17:00:28 +0400 Subject: Start persisting runner_type when creating runners --- lib/api/runner.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lib/api') diff --git a/lib/api/runner.rb b/lib/api/runner.rb index 49d9b0b1b4f..67896ae1fc5 100644 --- a/lib/api/runner.rb +++ b/lib/api/runner.rb @@ -23,13 +23,13 @@ module API runner = if runner_registration_token_valid? # Create shared runner. Requires admin access - Ci::Runner.create(attributes.merge(is_shared: true)) + Ci::Runner.create(attributes.merge(is_shared: true, runner_type: :instance_type)) elsif project = Project.find_by(runners_token: params[:token]) # Create a specific runner for the project - project.runners.create(attributes) + project.runners.create(attributes.merge(runner_type: :project_type)) elsif group = Group.find_by(runners_token: params[:token]) # Create a specific runner for the group - group.runners.create(attributes) + group.runners.create(attributes.merge(runner_type: :group_type)) end break forbidden! unless runner -- cgit v1.2.1 From e2b62f6e4441fe5fd0f721d5a824c62c7f40e013 Mon Sep 17 00:00:00 2001 From: Dylan Griffith Date: Mon, 30 Apr 2018 17:27:21 +0400 Subject: Remove API changes for assigning group runner to project Since we are going to handle the API stuff later we can just leave this as error case since the model validations will stop this --- lib/api/runners.rb | 1 - 1 file changed, 1 deletion(-) (limited to 'lib/api') diff --git a/lib/api/runners.rb b/lib/api/runners.rb index 11c31917fc5..5f2a9567605 100644 --- a/lib/api/runners.rb +++ b/lib/api/runners.rb @@ -205,7 +205,6 @@ module API def authenticate_enable_runner!(runner) forbidden!("Runner is shared") if runner.is_shared? forbidden!("Runner is locked") if runner.locked? - forbidden!("Runner is a group runner") if runner.assigned_to_group? return if current_user.admin? forbidden!("No access granted") unless user_can_access_runner?(runner) -- cgit v1.2.1