From e954438a1d3a45addebf52ab04155459d7d84db0 Mon Sep 17 00:00:00 2001 From: Boyan Tabakov Date: Tue, 18 Dec 2012 21:24:31 +0200 Subject: Extended users API to support updating and deleting users. Also added tests. --- lib/api/entities.rb | 2 +- lib/api/users.rb | 47 ++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 47 insertions(+), 2 deletions(-) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 070fbad27ed..bfb9093d61e 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -2,7 +2,7 @@ module Gitlab module Entities class User < Grape::Entity expose :id, :username, :email, :name, :bio, :skype, :linkedin, :twitter, - :dark_scheme, :theme_id, :blocked, :created_at + :dark_scheme, :theme_id, :blocked, :created_at, :extern_uid, :provider end class UserBasic < Grape::Entity diff --git a/lib/api/users.rb b/lib/api/users.rb index 140c20f6bd2..7ea90c75e9e 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -34,11 +34,14 @@ module Gitlab # linkedin - Linkedin # twitter - Twitter account # projects_limit - Number of projects user can create + # extern_uid - External authentication provider UID + # provider - External provider + # bio - Bio # Example Request: # POST /users post do authenticated_as_admin! - attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username] + attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio] user = User.new attrs, as: :admin if user.save present user, with: Entities::User @@ -46,6 +49,48 @@ module Gitlab not_found! end end + + # Update user. Available only for admin + # + # Parameters: + # email - Email + # name - Name + # password - Password + # skype - Skype ID + # linkedin - Linkedin + # twitter - Twitter account + # projects_limit - Limit projects wich user can create + # extern_uid - External authentication provider UID + # provider - External provider + # bio - Bio + # Example Request: + # PUT /users/:id + put ":id" do + authenticated_as_admin! + attrs = attributes_for_keys [:email, :name, :password, :skype, :linkedin, :twitter, :projects_limit, :username, :extern_uid, :provider, :bio] + user = User.find_by_id(params[:id]) + + if user && user.update_attributes(attrs) + present user, with: Entities::User + else + not_found! + end + end + + # Delete user. Available only for admin + # + # Example Request: + # DELETE /users/:id + delete ":id" do + authenticated_as_admin! + user = User.find_by_id(params[:id]) + + if user + user.destroy + else + not_found! + end + end end resource :user do -- cgit v1.2.1 From 1694dc8fe226c0687ce2c54a71739adba22f33c5 Mon Sep 17 00:00:00 2001 From: Micah Huff Date: Tue, 29 Jan 2013 21:15:13 -0800 Subject: Expose MergeRequest object as a notable in the API to allow for easy retrieval of comments --- lib/api/notes.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/api') diff --git a/lib/api/notes.rb b/lib/api/notes.rb index 4613db54578..70344d6e381 100644 --- a/lib/api/notes.rb +++ b/lib/api/notes.rb @@ -3,7 +3,7 @@ module Gitlab class Notes < Grape::API before { authenticate! } - NOTEABLE_TYPES = [Issue, Snippet] + NOTEABLE_TYPES = [Issue, MergeRequest, Snippet] resource :projects do # Get a list of project wall notes -- cgit v1.2.1 From 193a5624b2daf4d638c382b88001d06535f57f2d Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Thu, 31 Jan 2013 09:11:35 +0200 Subject: add path and path_with_namespace to api project entity --- lib/api/entities.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 80e2954a344..3637464676b 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -21,6 +21,7 @@ module Gitlab expose :id, :name, :description, :default_branch expose :owner, using: Entities::UserBasic expose :private_flag, as: :private + expose :path, :path_with_namespace expose :issues_enabled, :merge_requests_enabled, :wall_enabled, :wiki_enabled, :created_at expose :namespace end -- cgit v1.2.1 From 2c7554e897356fe424f292c66cd03e0192b05167 Mon Sep 17 00:00:00 2001 From: Matt Humphrey Date: Mon, 28 Jan 2013 17:22:44 +0000 Subject: Added methods to protect and unprotect branches --- lib/api/entities.rb | 5 +++++ lib/api/projects.rb | 40 ++++++++++++++++++++++++++++++++++++++-- 2 files changed, 43 insertions(+), 2 deletions(-) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 80e2954a344..3f228300e26 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -33,6 +33,11 @@ module Gitlab class RepoObject < Grape::Entity expose :name, :commit + expose :protected do |repo, options| + if options[:project] + options[:project].protected_branch? repo.name + end + end end class RepoCommit < Grape::Entity diff --git a/lib/api/projects.rb b/lib/api/projects.rb index cbef1ed3b50..a16243aa822 100644 --- a/lib/api/projects.rb +++ b/lib/api/projects.rb @@ -218,7 +218,7 @@ module Gitlab # Example Request: # GET /projects/:id/repository/branches get ":id/repository/branches" do - present user_project.repo.heads.sort_by(&:name), with: Entities::RepoObject + present user_project.repo.heads.sort_by(&:name), with: Entities::RepoObject, project: user_project end # Get a single branch @@ -230,7 +230,43 @@ module Gitlab # GET /projects/:id/repository/branches/:branch get ":id/repository/branches/:branch" do @branch = user_project.repo.heads.find { |item| item.name == params[:branch] } - present @branch, with: Entities::RepoObject + present @branch, with: Entities::RepoObject, project: user_project + end + + # Protect a single branch + # + # Parameters: + # id (required) - The ID of a project + # branch (required) - The name of the branch + # Example Request: + # PUT /projects/:id/repository/branches/:branch/protect + put ":id/repository/branches/:branch/protect" do + @branch = user_project.repo.heads.find { |item| item.name == params[:branch] } + protected = user_project.protected_branches.find_by_name(@branch.name) + + unless protected + user_project.protected_branches.create(:name => @branch.name) + end + + present @branch, with: Entities::RepoObject, project: user_project + end + + # Unprotect a single branch + # + # Parameters: + # id (required) - The ID of a project + # branch (required) - The name of the branch + # Example Request: + # PUT /projects/:id/repository/branches/:branch/unprotect + put ":id/repository/branches/:branch/unprotect" do + @branch = user_project.repo.heads.find { |item| item.name == params[:branch] } + protected = user_project.protected_branches.find_by_name(@branch.name) + + if protected + protected.destroy + end + + present @branch, with: Entities::RepoObject, project: user_project end # Get a project repository tags -- cgit v1.2.1 From 8edc6b6a8c240322499356df96e1199bb6bbc872 Mon Sep 17 00:00:00 2001 From: Christian Simon Date: Tue, 8 Jan 2013 22:05:00 +0100 Subject: Add api for creating/listing/viewing groups --- lib/api/entities.rb | 10 ++++++++++ lib/api/groups.rb | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+) create mode 100644 lib/api/groups.rb (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 5cbb1118a89..3bbbd831548 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -32,6 +32,16 @@ module Gitlab end end + class Group < Grape::Entity + expose :id, :name, :path, :name, :owner_id, :type + end + + class GroupDetail < Grape::Entity + expose :id, :name, :path, :name, :owner_id, :type + expose :projects, using: Entities::Project + end + + class RepoObject < Grape::Entity expose :name, :commit expose :protected do |repo, options| diff --git a/lib/api/groups.rb b/lib/api/groups.rb new file mode 100644 index 00000000000..bc856eccdab --- /dev/null +++ b/lib/api/groups.rb @@ -0,0 +1,50 @@ +module Gitlab + # groups API + class Groups < Grape::API + before { authenticate! } + + resource :groups do + # Get a groups list + # + # Example Request: + # GET /groups + get do + @groups = paginate Group + present @groups, with: Entities::Group + + end + + # Create group. Available only for admin + # + # Parameters: + # name (required) - Name + # path (required) - Path + # Example Request: + # POST /groups + post do + authenticated_as_admin! + attrs = attributes_for_keys [:name, :path] + @group = Group.new(attrs) + @group.owner = current_user + + if @group.save + present @group, with: Entities::Group + else + not_found! + end + end + + # Get a single group, with containing projects + # + # Parameters: + # id (required) - The ID of a group + # Example Request: + # GET /groups/:id + get ":id" do + @group = Group.find(params[:id]) + present @group, with: Entities::GroupDetail + end + + end + end +end -- cgit v1.2.1 From 149ccd5d91abf0c4b7ec610c03ad46a8ad17eec2 Mon Sep 17 00:00:00 2001 From: Christian Simon Date: Fri, 1 Feb 2013 15:00:12 +0100 Subject: Fix groups api: differ between users and admin --- lib/api/entities.rb | 2 +- lib/api/groups.rb | 92 ++++++++++++++++++++++++++++------------------------- 2 files changed, 50 insertions(+), 44 deletions(-) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 3bbbd831548..b78fc1b86fe 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -33,7 +33,7 @@ module Gitlab end class Group < Grape::Entity - expose :id, :name, :path, :name, :owner_id, :type + expose :id, :name, :path, :owner_id end class GroupDetail < Grape::Entity diff --git a/lib/api/groups.rb b/lib/api/groups.rb index bc856eccdab..a67caef0bc5 100644 --- a/lib/api/groups.rb +++ b/lib/api/groups.rb @@ -2,49 +2,55 @@ module Gitlab # groups API class Groups < Grape::API before { authenticate! } - - resource :groups do - # Get a groups list - # - # Example Request: - # GET /groups - get do - @groups = paginate Group - present @groups, with: Entities::Group - end - - # Create group. Available only for admin - # - # Parameters: - # name (required) - Name - # path (required) - Path - # Example Request: - # POST /groups - post do - authenticated_as_admin! - attrs = attributes_for_keys [:name, :path] - @group = Group.new(attrs) - @group.owner = current_user - - if @group.save - present @group, with: Entities::Group - else - not_found! - end - end - - # Get a single group, with containing projects - # - # Parameters: - # id (required) - The ID of a group - # Example Request: - # GET /groups/:id - get ":id" do - @group = Group.find(params[:id]) - present @group, with: Entities::GroupDetail - end - - end + resource :groups do + # Get a groups list + # + # Example Request: + # GET /groups + get do + if current_user.admin + @groups = paginate Group + else + @groups = paginate current_user.groups + end + present @groups, with: Entities::Group + end + + # Create group. Available only for admin + # + # Parameters: + # name (required) - Name + # path (required) - Path + # Example Request: + # POST /groups + post do + authenticated_as_admin! + attrs = attributes_for_keys [:name, :path] + @group = Group.new(attrs) + @group.owner = current_user + + if @group.save + present @group, with: Entities::Group + else + not_found! + end + end + + # Get a single group, with containing projects + # + # Parameters: + # id (required) - The ID of a group + # Example Request: + # GET /groups/:id + get ":id" do + @group = Group.find(params[:id]) + if current_user.admin or current_user.groups.include? @group + present @group, with: Entities::GroupDetail + else + not_found! + end + end + end end end -- cgit v1.2.1 From 33c48ecd35f4a2d5b2596882e36e722f700aff2f Mon Sep 17 00:00:00 2001 From: Christian Simon Date: Sun, 3 Feb 2013 19:38:33 +0100 Subject: Code deduplication using inheritance for GroupDetail --- lib/api/entities.rb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index b78fc1b86fe..c1873d87b55 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -36,8 +36,7 @@ module Gitlab expose :id, :name, :path, :owner_id end - class GroupDetail < Grape::Entity - expose :id, :name, :path, :name, :owner_id, :type + class GroupDetail < Group expose :projects, using: Entities::Project end -- cgit v1.2.1 From 935b6ae6534e77f2b9e84bcb686aeeda88089122 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Mon, 4 Feb 2013 17:53:43 +0200 Subject: Internal API --- lib/api/internal.rb | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 lib/api/internal.rb (limited to 'lib/api') diff --git a/lib/api/internal.rb b/lib/api/internal.rb new file mode 100644 index 00000000000..c12605841ab --- /dev/null +++ b/lib/api/internal.rb @@ -0,0 +1,24 @@ +module Gitlab + # Access API + class Internal < Grape::API + + get "/allowed" do + user = User.find_by_username(params[:username]) + project = Project.find_with_namespace(params[:project]) + action = case params[:action] + when 'git-upload-pack' + then :download_code + when 'git-receive-pack' + then + if project.protected_branch?(params[:ref]) + :push_code_to_protected_branches + else + :push_code + end + end + + user.can?(action, project) + end + end +end + -- cgit v1.2.1 From 70e3bffd95eb5736dd108e0836abaa85a2f1c742 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Tue, 5 Feb 2013 12:47:50 +0200 Subject: Fixed: post-receive, project remove, tests --- lib/api/internal.rb | 44 +++++++++++++++++++++++++++++--------------- 1 file changed, 29 insertions(+), 15 deletions(-) (limited to 'lib/api') diff --git a/lib/api/internal.rb b/lib/api/internal.rb index c12605841ab..576b64d04c3 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -1,23 +1,37 @@ module Gitlab - # Access API + # Internal access API class Internal < Grape::API + namespace 'internal' do + # + # Check if ssh key has access to project code + # + get "/allowed" do + key = Key.find(params[:key_id]) + user = key.user - get "/allowed" do - user = User.find_by_username(params[:username]) - project = Project.find_with_namespace(params[:project]) - action = case params[:action] - when 'git-upload-pack' - then :download_code - when 'git-receive-pack' - then - if project.protected_branch?(params[:ref]) - :push_code_to_protected_branches - else - :push_code + project = Project.find_with_namespace(params[:project]) + action = case params[:action] + when 'git-upload-pack' + then :download_code + when 'git-receive-pack' + then + if project.protected_branch?(params[:ref]) + :push_code_to_protected_branches + else + :push_code + end end - end - user.can?(action, project) + user.can?(action, project) + end + + # + # Discover user by ssh key + # + get "/discover" do + key = Key.find(params[:key_id]) + present key.user, with: Entities::User + end end end end -- cgit v1.2.1 From bd3288e3207c12e90d7fed629b345cfe83018bbf Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Tue, 5 Feb 2013 15:55:49 +0200 Subject: api check call --- lib/api/internal.rb | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lib/api') diff --git a/lib/api/internal.rb b/lib/api/internal.rb index 576b64d04c3..0a0f55bc512 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -32,6 +32,12 @@ module Gitlab key = Key.find(params[:key_id]) present key.user, with: Entities::User end + + get "/check" do + { + api_version: '3' + } + end end end end -- cgit v1.2.1 From 8ae1d812dc9c8099b691e164e7119ede7eb21c61 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Thu, 7 Feb 2013 09:56:13 +0200 Subject: deploy keys support for gitlab-shell api --- lib/api/internal.rb | 31 ++++++++++++++++++------------- 1 file changed, 18 insertions(+), 13 deletions(-) (limited to 'lib/api') diff --git a/lib/api/internal.rb b/lib/api/internal.rb index 0a0f55bc512..3e5e3a478ba 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -7,22 +7,27 @@ module Gitlab # get "/allowed" do key = Key.find(params[:key_id]) - user = key.user - project = Project.find_with_namespace(params[:project]) - action = case params[:action] - when 'git-upload-pack' - then :download_code - when 'git-receive-pack' - then - if project.protected_branch?(params[:ref]) - :push_code_to_protected_branches - else - :push_code + git_cmd = params[:action] + + if key.is_deploy_key + project == key.project && git_cmd == 'git-upload-pack' + else + user = key.user + action = case git_cmd + when 'git-upload-pack' + then :download_code + when 'git-receive-pack' + then + if project.protected_branch?(params[:ref]) + :push_code_to_protected_branches + else + :push_code + end end - end - user.can?(action, project) + user.can?(action, project) + end end # -- cgit v1.2.1