From 846e581732e291f8927d04a5b1b40fe8f2688885 Mon Sep 17 00:00:00 2001 From: "http://jneen.net/" Date: Tue, 28 Feb 2017 13:08:07 -0800 Subject: use a magic default :global symbol instead of nil to make sure we mean the global permissions --- lib/api/helpers.rb | 4 ++-- lib/api/users.rb | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'lib/api') diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index a9b364da9e1..e5f5de2af57 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -116,7 +116,7 @@ module API forbidden! unless current_user.is_admin? end - def authorize!(action, subject = nil) + def authorize!(action, subject = :global) forbidden! unless can?(current_user, action, subject) end @@ -134,7 +134,7 @@ module API end end - def can?(object, action, subject) + def can?(object, action, subject = :global) Ability.allowed?(object, action, subject) end diff --git a/lib/api/users.rb b/lib/api/users.rb index 549003f576a..2d4d5a25221 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -45,7 +45,7 @@ module API use :pagination end get do - unless can?(current_user, :read_users_list, nil) + unless can?(current_user, :read_users_list) render_api_error!("Not authorized.", 403) end -- cgit v1.2.1 From 0ea04cc5bfcc125875a6e0f46702389f0e2e19c0 Mon Sep 17 00:00:00 2001 From: "http://jneen.net/" Date: Tue, 28 Feb 2017 13:19:52 -0800 Subject: use the policy stack to protect logins --- lib/api/helpers.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/api') diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index e5f5de2af57..bd22b82476b 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -97,7 +97,7 @@ module API end def authenticate! - unauthorized! unless current_user + unauthorized! unless current_user && can?(current_user, :access_api) end def authenticate_non_get! -- cgit v1.2.1 From 0267b83898d604181e70c5ea8ac4a84108d2e6d6 Mon Sep 17 00:00:00 2001 From: Bob Van Landuyt Date: Thu, 22 Dec 2016 13:31:12 +0100 Subject: Delegate a single discussion to a new issue Delegate a discussion in a merge request into a new issue. The discussion wil be marked as resolved and a system note will be added linking to the newly created issue. --- lib/api/issues.rb | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'lib/api') diff --git a/lib/api/issues.rb b/lib/api/issues.rb index 4a9f2b26fb2..9aac3c8fe1a 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -118,6 +118,8 @@ module API desc: 'Date time when the issue was created. Available only for admins and project owners.' optional :merge_request_for_resolving_discussions, type: Integer, desc: 'The IID of a merge request for which to resolve discussions' + optional :discussion_to_resolve, type: String, + desc: 'The ID of a discussion to resolve' use :issue_params end post ':id/issues' do @@ -134,6 +136,11 @@ module API find_by(iid: merge_request_iid) end + if discussion_id = params[:discussion_to_resolve] + issue_params[:discussion_to_resolve] = NotesFinder.new(user_project, current_user, discussion_id: discussion_id). + first_discussion + end + issue = ::Issues::CreateService.new(user_project, current_user, issue_params.merge(request: request, api: true)).execute -- cgit v1.2.1 From f86928953d2d79f40f10813a6e244c1da0779d16 Mon Sep 17 00:00:00 2001 From: Bob Van Landuyt Date: Mon, 27 Feb 2017 10:23:36 +0100 Subject: Always require MR-iid for resolving discussions And deduplicate the finding of MR's & discussions. Now the searching is done in the service, istead of the controller & the API. --- lib/api/issues.rb | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) (limited to 'lib/api') diff --git a/lib/api/issues.rb b/lib/api/issues.rb index 9aac3c8fe1a..162e13a313d 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -119,7 +119,7 @@ module API optional :merge_request_for_resolving_discussions, type: Integer, desc: 'The IID of a merge request for which to resolve discussions' optional :discussion_to_resolve, type: String, - desc: 'The ID of a discussion to resolve' + desc: 'The ID of a discussion to resolve, also pass `merge_request_for_resolving_discussions`' use :issue_params end post ':id/issues' do @@ -130,17 +130,6 @@ module API issue_params = declared_params(include_missing: false) - if merge_request_iid = params[:merge_request_for_resolving_discussions] - issue_params[:merge_request_for_resolving_discussions] = MergeRequestsFinder.new(current_user, project_id: user_project.id). - execute. - find_by(iid: merge_request_iid) - end - - if discussion_id = params[:discussion_to_resolve] - issue_params[:discussion_to_resolve] = NotesFinder.new(user_project, current_user, discussion_id: discussion_id). - first_discussion - end - issue = ::Issues::CreateService.new(user_project, current_user, issue_params.merge(request: request, api: true)).execute -- cgit v1.2.1 From 40be92e74c60262b5ed92064fe42a27eac88f1c3 Mon Sep 17 00:00:00 2001 From: Bob Van Landuyt Date: Wed, 1 Mar 2017 10:15:58 +0100 Subject: Make API v3 compatible with the changes in `Issues::CreateService` --- lib/api/v3/issues.rb | 6 ------ 1 file changed, 6 deletions(-) (limited to 'lib/api') diff --git a/lib/api/v3/issues.rb b/lib/api/v3/issues.rb index 5d7dfabfcd6..bb3535bedf8 100644 --- a/lib/api/v3/issues.rb +++ b/lib/api/v3/issues.rb @@ -140,12 +140,6 @@ module API issue_params = declared_params(include_missing: false) - if merge_request_iid = params[:merge_request_for_resolving_discussions] - issue_params[:merge_request_for_resolving_discussions] = MergeRequestsFinder.new(current_user, project_id: user_project.id). - execute. - find_by(iid: merge_request_iid) - end - issue = ::Issues::CreateService.new(user_project, current_user, issue_params.merge(request: request, api: true)).execute -- cgit v1.2.1 From ea70a0d674539d53e40c63a0a3cebef33d7e13b7 Mon Sep 17 00:00:00 2001 From: Bob Van Landuyt Date: Fri, 10 Mar 2017 09:19:12 +0100 Subject: Rename variable merge_request_for_resolving_discussions -> merge_request_to_resolve_discussions_of --- lib/api/issues.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/api') diff --git a/lib/api/issues.rb b/lib/api/issues.rb index 162e13a313d..1abe8639445 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -116,10 +116,10 @@ module API requires :title, type: String, desc: 'The title of an issue' optional :created_at, type: DateTime, desc: 'Date time when the issue was created. Available only for admins and project owners.' - optional :merge_request_for_resolving_discussions, type: Integer, + optional :merge_request_to_resolve_discussions_of, type: Integer, desc: 'The IID of a merge request for which to resolve discussions' optional :discussion_to_resolve, type: String, - desc: 'The ID of a discussion to resolve, also pass `merge_request_for_resolving_discussions`' + desc: 'The ID of a discussion to resolve, also pass `merge_request_to_resolve_discussions_of`' use :issue_params end post ':id/issues' do -- cgit v1.2.1 From 92f82773900882ce9769fc05ce214d240abd5a62 Mon Sep 17 00:00:00 2001 From: Bob Van Landuyt Date: Fri, 10 Mar 2017 19:24:09 +0100 Subject: Make API v3 work with the new param name --- lib/api/v3/issues.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'lib/api') diff --git a/lib/api/v3/issues.rb b/lib/api/v3/issues.rb index bb3535bedf8..258cbfed022 100644 --- a/lib/api/v3/issues.rb +++ b/lib/api/v3/issues.rb @@ -139,6 +139,7 @@ module API end issue_params = declared_params(include_missing: false) + issue_params = issue_params.merge(merge_request_to_resolve_discussions_of: issue_params.delete(:merge_request_for_resolving_discussions)) issue = ::Issues::CreateService.new(user_project, current_user, -- cgit v1.2.1 From c9abdadd7a08f972d5a12472f9f5ac443e37a6ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9my=20Coutable?= Date: Tue, 14 Mar 2017 18:08:50 +0100 Subject: Ensure dots in project path is allowed in the commits API MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rémy Coutable --- lib/api/commits.rb | 2 +- lib/api/v3/commits.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/api') diff --git a/lib/api/commits.rb b/lib/api/commits.rb index 42401abfe0f..48939798900 100644 --- a/lib/api/commits.rb +++ b/lib/api/commits.rb @@ -10,7 +10,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: /.+/ } do desc 'Get a project repository commits' do success Entities::RepoCommit end diff --git a/lib/api/v3/commits.rb b/lib/api/v3/commits.rb index d254d247042..6f36b2bc1c4 100644 --- a/lib/api/v3/commits.rb +++ b/lib/api/v3/commits.rb @@ -11,7 +11,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: /.+/ } do desc 'Get a project repository commits' do success ::API::Entities::RepoCommit end -- cgit v1.2.1 From 5f9ace8eb1d71b35c92156177465b066ebbc4a3e Mon Sep 17 00:00:00 2001 From: Jacopo Date: Sun, 29 Jan 2017 10:44:30 +0100 Subject: Add 'Undo mark all as done' to Todos Added the ability to 'Undo mark all as done' todos marked as complete with 'Mark all as done' in the 'Todo' tab of the Todo dashboard. The operation undos only the todo previously marked as done with the 'Mark al as done' button. --- lib/api/v3/todos.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/api') diff --git a/lib/api/v3/todos.rb b/lib/api/v3/todos.rb index e60cb25e57b..e3b311d61cd 100644 --- a/lib/api/v3/todos.rb +++ b/lib/api/v3/todos.rb @@ -20,9 +20,9 @@ module API desc 'Mark all todos as done' delete do status(200) - + todos = TodosFinder.new(current_user, params).execute - TodoService.new.mark_todos_as_done(todos, current_user) + TodoService.new.mark_todos_as_done(todos, current_user).size end end end -- cgit v1.2.1 From 63360adeae3ba5b302b711c73b6439956d274cde Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9my=20Coutable?= Date: Wed, 15 Mar 2017 19:09:24 +0100 Subject: Add `requirements: { id: %r{[^/]+} }` for all projects and groups namespaced API routes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rémy Coutable --- lib/api/access_requests.rb | 2 +- lib/api/award_emoji.rb | 6 ++++-- lib/api/boards.rb | 2 +- lib/api/branches.rb | 2 +- lib/api/commit_statuses.rb | 7 ++++--- lib/api/commits.rb | 2 +- lib/api/deploy_keys.rb | 2 +- lib/api/deployments.rb | 2 +- lib/api/environments.rb | 2 +- lib/api/files.rb | 2 +- lib/api/groups.rb | 4 ++-- lib/api/issues.rb | 4 ++-- lib/api/jobs.rb | 2 +- lib/api/labels.rb | 2 +- lib/api/members.rb | 2 +- lib/api/merge_request_diffs.rb | 7 ++++--- lib/api/merge_requests.rb | 2 +- lib/api/milestones.rb | 2 +- lib/api/notes.rb | 2 +- lib/api/notification_settings.rb | 9 ++++----- lib/api/pipelines.rb | 2 +- lib/api/project_hooks.rb | 2 +- lib/api/project_snippets.rb | 2 +- lib/api/projects.rb | 2 +- lib/api/repositories.rb | 2 +- lib/api/runners.rb | 2 +- lib/api/services.rb | 7 +++++-- lib/api/subscriptions.rb | 2 +- lib/api/tags.rb | 2 +- lib/api/todos.rb | 2 +- lib/api/triggers.rb | 2 +- lib/api/v3/award_emoji.rb | 2 +- lib/api/v3/boards.rb | 2 +- lib/api/v3/branches.rb | 2 +- lib/api/v3/commits.rb | 2 +- lib/api/v3/deploy_keys.rb | 2 +- lib/api/v3/deployments.rb | 2 +- lib/api/v3/environments.rb | 2 +- lib/api/v3/files.rb | 2 +- lib/api/v3/groups.rb | 4 ++-- lib/api/v3/issues.rb | 4 ++-- lib/api/v3/labels.rb | 2 +- lib/api/v3/members.rb | 2 +- lib/api/v3/merge_request_diffs.rb | 7 ++++--- lib/api/v3/merge_requests.rb | 2 +- lib/api/v3/milestones.rb | 2 +- lib/api/v3/notes.rb | 2 +- lib/api/v3/pipelines.rb | 2 +- lib/api/v3/project_hooks.rb | 2 +- lib/api/v3/project_snippets.rb | 2 +- lib/api/v3/projects.rb | 2 +- lib/api/v3/repositories.rb | 2 +- lib/api/v3/runners.rb | 2 +- lib/api/v3/services.rb | 7 +++++-- lib/api/v3/subscriptions.rb | 2 +- lib/api/v3/tags.rb | 2 +- lib/api/v3/triggers.rb | 2 +- lib/api/v3/variables.rb | 2 +- lib/api/variables.rb | 2 +- 59 files changed, 86 insertions(+), 76 deletions(-) (limited to 'lib/api') diff --git a/lib/api/access_requests.rb b/lib/api/access_requests.rb index 789f45489eb..a5c9f0b509c 100644 --- a/lib/api/access_requests.rb +++ b/lib/api/access_requests.rb @@ -10,7 +10,7 @@ module API params do requires :id, type: String, desc: "The #{source_type} ID" end - resource source_type.pluralize do + resource source_type.pluralize, requirements: { id: %r{[^/]+} } do desc "Gets a list of access requests for a #{source_type}." do detail 'This feature was introduced in GitLab 8.11.' success Entities::AccessRequester diff --git a/lib/api/award_emoji.rb b/lib/api/award_emoji.rb index f9e0c2c4e16..56f19f89642 100644 --- a/lib/api/award_emoji.rb +++ b/lib/api/award_emoji.rb @@ -9,13 +9,15 @@ module API { type: 'snippet', find_by: :id } ].freeze - resource :projects do + params do + requires :id, type: String, desc: 'The ID of a project' + end + resource :projects, requirements: { id: %r{[^/]+} } do AWARDABLES.each do |awardable_params| awardable_string = awardable_params[:type].pluralize awardable_id_string = "#{awardable_params[:type]}_#{awardable_params[:find_by]}" params do - requires :id, type: String, desc: 'The ID of a project' requires :"#{awardable_id_string}", type: Integer, desc: "The ID of an Issue, Merge Request or Snippet" end diff --git a/lib/api/boards.rb b/lib/api/boards.rb index b6843c1b6af..5a2d7a681e3 100644 --- a/lib/api/boards.rb +++ b/lib/api/boards.rb @@ -7,7 +7,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get all project boards' do detail 'This feature was introduced in 8.13' success Entities::Board diff --git a/lib/api/branches.rb b/lib/api/branches.rb index 73a7e939627..2cc64fc6712 100644 --- a/lib/api/branches.rb +++ b/lib/api/branches.rb @@ -10,7 +10,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get a project repository branches' do success Entities::RepoBranch end diff --git a/lib/api/commit_statuses.rb b/lib/api/commit_statuses.rb index 9d9f82fdb83..827a38d33da 100644 --- a/lib/api/commit_statuses.rb +++ b/lib/api/commit_statuses.rb @@ -2,7 +2,10 @@ require 'mime/types' module API class CommitStatuses < Grape::API - resource :projects do + params do + requires :id, type: String, desc: 'The ID of a project' + end + resource :projects, requirements: { id: %r{[^/]+} } do include PaginationParams before { authenticate! } @@ -11,7 +14,6 @@ module API success Entities::CommitStatus end params do - requires :id, type: String, desc: 'The ID of a project' requires :sha, type: String, desc: 'The commit hash' optional :ref, type: String, desc: 'The ref' optional :stage, type: String, desc: 'The stage' @@ -37,7 +39,6 @@ module API success Entities::CommitStatus end params do - requires :id, type: String, desc: 'The ID of a project' requires :sha, type: String, desc: 'The commit hash' requires :state, type: String, desc: 'The state of the status', values: %w(pending running success failed canceled) diff --git a/lib/api/commits.rb b/lib/api/commits.rb index 48939798900..66b37fd2bcc 100644 --- a/lib/api/commits.rb +++ b/lib/api/commits.rb @@ -10,7 +10,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects, requirements: { id: /.+/ } do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get a project repository commits' do success Entities::RepoCommit end diff --git a/lib/api/deploy_keys.rb b/lib/api/deploy_keys.rb index 69e85c27a65..b888ede6fe8 100644 --- a/lib/api/deploy_keys.rb +++ b/lib/api/deploy_keys.rb @@ -17,7 +17,7 @@ module API params do requires :id, type: String, desc: 'The ID of the project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do before { authorize_admin_project } desc "Get a specific project's deploy keys" do diff --git a/lib/api/deployments.rb b/lib/api/deployments.rb index 2f1ad12c38c..46b936897f6 100644 --- a/lib/api/deployments.rb +++ b/lib/api/deployments.rb @@ -8,7 +8,7 @@ module API params do requires :id, type: String, desc: 'The project ID' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get all deployments of the project' do detail 'This feature was introduced in GitLab 8.11.' success Entities::Deployment diff --git a/lib/api/environments.rb b/lib/api/environments.rb index ebe8c3a5b2c..945771d46f3 100644 --- a/lib/api/environments.rb +++ b/lib/api/environments.rb @@ -9,7 +9,7 @@ module API params do requires :id, type: String, desc: 'The project ID' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get all environments of the project' do detail 'This feature was introduced in GitLab 8.11.' success Entities::Environment diff --git a/lib/api/files.rb b/lib/api/files.rb index bb8f5c3076d..33fc970dc09 100644 --- a/lib/api/files.rb +++ b/lib/api/files.rb @@ -52,7 +52,7 @@ module API params do requires :id, type: String, desc: 'The project ID' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get raw file contents from the repository' params do requires :file_path, type: String, desc: 'The url encoded path to the file. Ex. lib%2Fclass%2Erb' diff --git a/lib/api/groups.rb b/lib/api/groups.rb index b862ff70b31..8f3799417e3 100644 --- a/lib/api/groups.rb +++ b/lib/api/groups.rb @@ -84,7 +84,7 @@ module API params do requires :id, type: String, desc: 'The ID of a group' end - resource :groups do + resource :groups, requirements: { id: %r{[^/]+} } do desc 'Update a group. Available only for users who can administrate groups.' do success Entities::Group end @@ -154,7 +154,7 @@ module API params do requires :project_id, type: String, desc: 'The ID or path of the project' end - post ":id/projects/:project_id" do + post ":id/projects/:project_id", requirements: { project_id: /.+/ } do authenticated_as_admin! group = find_group!(params[:id]) project = find_project!(params[:project_id]) diff --git a/lib/api/issues.rb b/lib/api/issues.rb index 1abe8639445..b3183357625 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -58,7 +58,7 @@ module API params do requires :id, type: String, desc: 'The ID of a group' end - resource :groups do + resource :groups, requirements: { id: %r{[^/]+} } do desc 'Get a list of group issues' do success Entities::IssueBasic end @@ -79,7 +79,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do include TimeTrackingEndpoints desc 'Get a list of project issues' do diff --git a/lib/api/jobs.rb b/lib/api/jobs.rb index 44118522abe..ffab0aafe59 100644 --- a/lib/api/jobs.rb +++ b/lib/api/jobs.rb @@ -7,7 +7,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do helpers do params :optional_scope do optional :scope, types: [String, Array[String]], desc: 'The scope of builds to show', diff --git a/lib/api/labels.rb b/lib/api/labels.rb index 59f0e7cb647..d9a3cb7bb6b 100644 --- a/lib/api/labels.rb +++ b/lib/api/labels.rb @@ -7,7 +7,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get all labels of the project' do success Entities::Label end diff --git a/lib/api/members.rb b/lib/api/members.rb index baf85e6075a..c200e46a328 100644 --- a/lib/api/members.rb +++ b/lib/api/members.rb @@ -10,7 +10,7 @@ module API params do requires :id, type: String, desc: "The #{source_type} ID" end - resource source_type.pluralize do + resource source_type.pluralize, requirements: { id: %r{[^/]+} } do desc 'Gets a list of group or project members viewable by the authenticated user.' do success Entities::Member end diff --git a/lib/api/merge_request_diffs.rb b/lib/api/merge_request_diffs.rb index a59e39cca26..4b79eac2b8b 100644 --- a/lib/api/merge_request_diffs.rb +++ b/lib/api/merge_request_diffs.rb @@ -5,14 +5,16 @@ module API before { authenticate! } - resource :projects do + params do + requires :id, type: String, desc: 'The ID of a project' + end + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get a list of merge request diff versions' do detail 'This feature was introduced in GitLab 8.12.' success Entities::MergeRequestDiff end params do - requires :id, type: String, desc: 'The ID of a project' requires :merge_request_iid, type: Integer, desc: 'The IID of a merge request' use :pagination end @@ -28,7 +30,6 @@ module API end params do - requires :id, type: String, desc: 'The ID of a project' requires :merge_request_iid, type: Integer, desc: 'The IID of a merge request' requires :version_id, type: Integer, desc: 'The ID of a merge request diff version' end diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb index 7a03955a045..5cc807d5bff 100644 --- a/lib/api/merge_requests.rb +++ b/lib/api/merge_requests.rb @@ -7,7 +7,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do include TimeTrackingEndpoints helpers do diff --git a/lib/api/milestones.rb b/lib/api/milestones.rb index abd263c1dfc..e7ab82f08db 100644 --- a/lib/api/milestones.rb +++ b/lib/api/milestones.rb @@ -23,7 +23,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get a list of project milestones' do success Entities::Milestone end diff --git a/lib/api/notes.rb b/lib/api/notes.rb index 3b3e45cbd06..29ceffdbd2d 100644 --- a/lib/api/notes.rb +++ b/lib/api/notes.rb @@ -9,7 +9,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do NOTEABLE_TYPES.each do |noteable_type| noteables_str = noteable_type.to_s.underscore.pluralize diff --git a/lib/api/notification_settings.rb b/lib/api/notification_settings.rb index c5e9b3ad69b..992ea5dc24d 100644 --- a/lib/api/notification_settings.rb +++ b/lib/api/notification_settings.rb @@ -48,14 +48,14 @@ module API end %w[group project].each do |source_type| - resource source_type.pluralize do + params do + requires :id, type: String, desc: "The #{source_type} ID" + end + resource source_type.pluralize, requirements: { id: %r{[^/]+} } do desc "Get #{source_type} level notification level settings, defaults to Global" do detail 'This feature was introduced in GitLab 8.12' success Entities::NotificationSetting end - params do - requires :id, type: String, desc: 'The group ID or project ID or project NAMESPACE/PROJECT_NAME' - end get ":id/notification_settings" do source = find_source(source_type, params[:id]) @@ -69,7 +69,6 @@ module API success Entities::NotificationSetting end params do - requires :id, type: String, desc: 'The group ID or project ID or project NAMESPACE/PROJECT_NAME' optional :level, type: String, desc: "The #{source_type} notification level" NotificationSetting::EMAIL_EVENTS.each do |event| optional event, type: Boolean, desc: 'Enable/disable this notification' diff --git a/lib/api/pipelines.rb b/lib/api/pipelines.rb index 0721b975ba4..754c3d85a04 100644 --- a/lib/api/pipelines.rb +++ b/lib/api/pipelines.rb @@ -7,7 +7,7 @@ module API params do requires :id, type: String, desc: 'The project ID' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get all Pipelines of the project' do detail 'This feature was introduced in GitLab 8.11.' success Entities::PipelineBasic diff --git a/lib/api/project_hooks.rb b/lib/api/project_hooks.rb index 57a5f97dc7f..53791166c33 100644 --- a/lib/api/project_hooks.rb +++ b/lib/api/project_hooks.rb @@ -24,7 +24,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get project hooks' do success Entities::ProjectHook end diff --git a/lib/api/project_snippets.rb b/lib/api/project_snippets.rb index f57e7ea4032..cfee38a9baf 100644 --- a/lib/api/project_snippets.rb +++ b/lib/api/project_snippets.rb @@ -7,7 +7,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do helpers do def handle_project_member_errors(errors) if errors[:project_access].any? diff --git a/lib/api/projects.rb b/lib/api/projects.rb index 63a4cdd5954..0fbe1669d45 100644 --- a/lib/api/projects.rb +++ b/lib/api/projects.rb @@ -142,7 +142,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects, requirements: { id: /[^\/]+/ } do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get a single project' do success Entities::ProjectWithAccess end diff --git a/lib/api/repositories.rb b/lib/api/repositories.rb index 531ef5a63ea..8f16e532ecb 100644 --- a/lib/api/repositories.rb +++ b/lib/api/repositories.rb @@ -9,7 +9,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do helpers do def handle_project_member_errors(errors) if errors[:project_access].any? diff --git a/lib/api/runners.rb b/lib/api/runners.rb index 2e41f16f8c6..a77c876a749 100644 --- a/lib/api/runners.rb +++ b/lib/api/runners.rb @@ -86,7 +86,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do before { authorize_admin_project } desc 'Get runners available for project' do diff --git a/lib/api/services.rb b/lib/api/services.rb index 5aa2f5eba7b..be614bb8dc0 100644 --- a/lib/api/services.rb +++ b/lib/api/services.rb @@ -604,7 +604,10 @@ module API ] }.freeze - resource :projects do + params do + requires :id, type: String, desc: 'The ID of a project' + end + resource :projects, requirements: { id: %r{[^/]+} } do before { authenticate! } before { authorize_admin_project } @@ -692,7 +695,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc "Trigger a slash command for #{service_slug}" do detail 'Added in GitLab 8.13' end diff --git a/lib/api/subscriptions.rb b/lib/api/subscriptions.rb index 772b5cca017..dbe54d3cd31 100644 --- a/lib/api/subscriptions.rb +++ b/lib/api/subscriptions.rb @@ -12,7 +12,7 @@ module API requires :id, type: String, desc: 'The ID of a project' requires :subscribable_id, type: String, desc: 'The ID of a resource' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do subscribable_types.each do |type, finder| type_singularized = type.singularize entity_class = Entities.const_get(type_singularized.camelcase) diff --git a/lib/api/tags.rb b/lib/api/tags.rb index d31ef9de26b..c7b1efe0bfa 100644 --- a/lib/api/tags.rb +++ b/lib/api/tags.rb @@ -7,7 +7,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get a project repository tags' do success Entities::RepoTag end diff --git a/lib/api/todos.rb b/lib/api/todos.rb index d9b8837a5bb..d1f7e364029 100644 --- a/lib/api/todos.rb +++ b/lib/api/todos.rb @@ -12,7 +12,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do ISSUABLE_TYPES.each do |type, finder| type_id_str = "#{type.singularize}_iid".to_sym diff --git a/lib/api/triggers.rb b/lib/api/triggers.rb index 119e9024712..aa3c9a06ed5 100644 --- a/lib/api/triggers.rb +++ b/lib/api/triggers.rb @@ -5,7 +5,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Trigger a GitLab project pipeline' do success Entities::Pipeline end diff --git a/lib/api/v3/award_emoji.rb b/lib/api/v3/award_emoji.rb index cf9e1551f60..b96b2d70b12 100644 --- a/lib/api/v3/award_emoji.rb +++ b/lib/api/v3/award_emoji.rb @@ -6,7 +6,7 @@ module API before { authenticate! } AWARDABLES = %w[issue merge_request snippet].freeze - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do AWARDABLES.each do |awardable_type| awardable_string = awardable_type.pluralize awardable_id_string = "#{awardable_type}_id" diff --git a/lib/api/v3/boards.rb b/lib/api/v3/boards.rb index b1c2a3c59f2..94acc67171e 100644 --- a/lib/api/v3/boards.rb +++ b/lib/api/v3/boards.rb @@ -6,7 +6,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get all project boards' do detail 'This feature was introduced in 8.13' success ::API::Entities::Board diff --git a/lib/api/v3/branches.rb b/lib/api/v3/branches.rb index 699e41b5537..7d9d6246e46 100644 --- a/lib/api/v3/branches.rb +++ b/lib/api/v3/branches.rb @@ -9,7 +9,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get a project repository branches' do success ::API::Entities::RepoBranch end diff --git a/lib/api/v3/commits.rb b/lib/api/v3/commits.rb index 6f36b2bc1c4..3414a2883e5 100644 --- a/lib/api/v3/commits.rb +++ b/lib/api/v3/commits.rb @@ -11,7 +11,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects, requirements: { id: /.+/ } do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get a project repository commits' do success ::API::Entities::RepoCommit end diff --git a/lib/api/v3/deploy_keys.rb b/lib/api/v3/deploy_keys.rb index 5bbb167755c..bbb174b6003 100644 --- a/lib/api/v3/deploy_keys.rb +++ b/lib/api/v3/deploy_keys.rb @@ -13,7 +13,7 @@ module API params do requires :id, type: String, desc: 'The ID of the project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do before { authorize_admin_project } %w(keys deploy_keys).each do |path| diff --git a/lib/api/v3/deployments.rb b/lib/api/v3/deployments.rb index 95114ad1fe1..1d4972eda26 100644 --- a/lib/api/v3/deployments.rb +++ b/lib/api/v3/deployments.rb @@ -9,7 +9,7 @@ module API params do requires :id, type: String, desc: 'The project ID' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get all deployments of the project' do detail 'This feature was introduced in GitLab 8.11.' success ::API::V3::Deployments diff --git a/lib/api/v3/environments.rb b/lib/api/v3/environments.rb index 3056b70e6ef..6bb4e016a01 100644 --- a/lib/api/v3/environments.rb +++ b/lib/api/v3/environments.rb @@ -9,7 +9,7 @@ module API params do requires :id, type: String, desc: 'The project ID' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get all environments of the project' do detail 'This feature was introduced in GitLab 8.11.' success Entities::Environment diff --git a/lib/api/v3/files.rb b/lib/api/v3/files.rb index 4f8d58d37c8..13542b0c71c 100644 --- a/lib/api/v3/files.rb +++ b/lib/api/v3/files.rb @@ -40,7 +40,7 @@ module API params do requires :id, type: String, desc: 'The project ID' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get a file from repository' params do requires :file_path, type: String, desc: 'The path to the file. Ex. lib/class.rb' diff --git a/lib/api/v3/groups.rb b/lib/api/v3/groups.rb index 0aad87a3f58..c5b37622d79 100644 --- a/lib/api/v3/groups.rb +++ b/lib/api/v3/groups.rb @@ -93,7 +93,7 @@ module API params do requires :id, type: String, desc: 'The ID of a group' end - resource :groups do + resource :groups, requirements: { id: %r{[^/]+} } do desc 'Update a group. Available only for users who can administrate groups.' do success Entities::Group end @@ -163,7 +163,7 @@ module API params do requires :project_id, type: String, desc: 'The ID or path of the project' end - post ":id/projects/:project_id" do + post ":id/projects/:project_id", requirements: { project_id: /.+/ } do authenticated_as_admin! group = find_group!(params[:id]) project = find_project!(params[:project_id]) diff --git a/lib/api/v3/issues.rb b/lib/api/v3/issues.rb index 258cbfed022..cead03b1e6b 100644 --- a/lib/api/v3/issues.rb +++ b/lib/api/v3/issues.rb @@ -68,7 +68,7 @@ module API params do requires :id, type: String, desc: 'The ID of a group' end - resource :groups do + resource :groups, requirements: { id: %r{[^/]+} } do desc 'Get a list of group issues' do success ::API::Entities::Issue end @@ -89,7 +89,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do include TimeTrackingEndpoints desc 'Get a list of project issues' do diff --git a/lib/api/v3/labels.rb b/lib/api/v3/labels.rb index 41f45d244e3..bd5eb2175e8 100644 --- a/lib/api/v3/labels.rb +++ b/lib/api/v3/labels.rb @@ -6,7 +6,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get all labels of the project' do success ::API::Entities::Label end diff --git a/lib/api/v3/members.rb b/lib/api/v3/members.rb index 3d4972afd9d..684860b553e 100644 --- a/lib/api/v3/members.rb +++ b/lib/api/v3/members.rb @@ -11,7 +11,7 @@ module API params do requires :id, type: String, desc: "The #{source_type} ID" end - resource source_type.pluralize do + resource source_type.pluralize, requirements: { id: %r{[^/]+} } do desc 'Gets a list of group or project members viewable by the authenticated user.' do success ::API::Entities::Member end diff --git a/lib/api/v3/merge_request_diffs.rb b/lib/api/v3/merge_request_diffs.rb index a462803e26c..35f462e907b 100644 --- a/lib/api/v3/merge_request_diffs.rb +++ b/lib/api/v3/merge_request_diffs.rb @@ -4,14 +4,16 @@ module API class MergeRequestDiffs < Grape::API before { authenticate! } - resource :projects do + params do + requires :id, type: String, desc: 'The ID of a project' + end + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get a list of merge request diff versions' do detail 'This feature was introduced in GitLab 8.12.' success ::API::Entities::MergeRequestDiff end params do - requires :id, type: String, desc: 'The ID of a project' requires :merge_request_id, type: Integer, desc: 'The ID of a merge request' end @@ -27,7 +29,6 @@ module API end params do - requires :id, type: String, desc: 'The ID of a project' requires :merge_request_id, type: Integer, desc: 'The ID of a merge request' requires :version_id, type: Integer, desc: 'The ID of a merge request diff version' end diff --git a/lib/api/v3/merge_requests.rb b/lib/api/v3/merge_requests.rb index 7dbd4691a94..3077240e650 100644 --- a/lib/api/v3/merge_requests.rb +++ b/lib/api/v3/merge_requests.rb @@ -10,7 +10,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do include TimeTrackingEndpoints helpers do diff --git a/lib/api/v3/milestones.rb b/lib/api/v3/milestones.rb index 2a850a08a8a..be90cec4afc 100644 --- a/lib/api/v3/milestones.rb +++ b/lib/api/v3/milestones.rb @@ -18,7 +18,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get a list of project milestones' do success ::API::Entities::Milestone end diff --git a/lib/api/v3/notes.rb b/lib/api/v3/notes.rb index 0796bb62e68..4f8e0eff4ff 100644 --- a/lib/api/v3/notes.rb +++ b/lib/api/v3/notes.rb @@ -10,7 +10,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do NOTEABLE_TYPES.each do |noteable_type| noteables_str = noteable_type.to_s.underscore.pluralize diff --git a/lib/api/v3/pipelines.rb b/lib/api/v3/pipelines.rb index 2c26a5f7d35..82827249244 100644 --- a/lib/api/v3/pipelines.rb +++ b/lib/api/v3/pipelines.rb @@ -8,7 +8,7 @@ module API params do requires :id, type: String, desc: 'The project ID' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get all Pipelines of the project' do detail 'This feature was introduced in GitLab 8.11.' success ::API::Entities::Pipeline diff --git a/lib/api/v3/project_hooks.rb b/lib/api/v3/project_hooks.rb index 861b991b8e1..94614bfc8b6 100644 --- a/lib/api/v3/project_hooks.rb +++ b/lib/api/v3/project_hooks.rb @@ -25,7 +25,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get project hooks' do success ::API::V3::Entities::ProjectHook end diff --git a/lib/api/v3/project_snippets.rb b/lib/api/v3/project_snippets.rb index 809ca4f37ba..fc065a22d74 100644 --- a/lib/api/v3/project_snippets.rb +++ b/lib/api/v3/project_snippets.rb @@ -8,7 +8,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do helpers do def handle_project_member_errors(errors) if errors[:project_access].any? diff --git a/lib/api/v3/projects.rb b/lib/api/v3/projects.rb index 47bfc12035a..b753dbab381 100644 --- a/lib/api/v3/projects.rb +++ b/lib/api/v3/projects.rb @@ -234,7 +234,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects, requirements: { id: /[^\/]+/ } do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get a single project' do success ::API::V3::Entities::ProjectWithAccess end diff --git a/lib/api/v3/repositories.rb b/lib/api/v3/repositories.rb index 44584e2eb70..e4d14bc8168 100644 --- a/lib/api/v3/repositories.rb +++ b/lib/api/v3/repositories.rb @@ -8,7 +8,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do helpers do def handle_project_member_errors(errors) if errors[:project_access].any? diff --git a/lib/api/v3/runners.rb b/lib/api/v3/runners.rb index 8967141fe3d..1934d6e578c 100644 --- a/lib/api/v3/runners.rb +++ b/lib/api/v3/runners.rb @@ -26,7 +26,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do before { authorize_admin_project } desc "Disable project's runner" do diff --git a/lib/api/v3/services.rb b/lib/api/v3/services.rb index d77185ffe5a..3bacaeee032 100644 --- a/lib/api/v3/services.rb +++ b/lib/api/v3/services.rb @@ -554,7 +554,10 @@ module API ] }.freeze - resource :projects do + params do + requires :id, type: String, desc: 'The ID of a project' + end + resource :projects, requirements: { id: %r{[^/]+} } do before { authenticate! } before { authorize_admin_project } @@ -609,7 +612,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc "Trigger a slash command for #{service_slug}" do detail 'Added in GitLab 8.13' end diff --git a/lib/api/v3/subscriptions.rb b/lib/api/v3/subscriptions.rb index 02a4157c26e..068750ec077 100644 --- a/lib/api/v3/subscriptions.rb +++ b/lib/api/v3/subscriptions.rb @@ -14,7 +14,7 @@ module API requires :id, type: String, desc: 'The ID of a project' requires :subscribable_id, type: String, desc: 'The ID of a resource' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do subscribable_types.each do |type, finder| type_singularized = type.singularize entity_class = ::API::Entities.const_get(type_singularized.camelcase) diff --git a/lib/api/v3/tags.rb b/lib/api/v3/tags.rb index 6913720d9c5..c2541de2f50 100644 --- a/lib/api/v3/tags.rb +++ b/lib/api/v3/tags.rb @@ -6,7 +6,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get a project repository tags' do success ::API::Entities::RepoTag end diff --git a/lib/api/v3/triggers.rb b/lib/api/v3/triggers.rb index 1dfdb6a5956..b46639a2205 100644 --- a/lib/api/v3/triggers.rb +++ b/lib/api/v3/triggers.rb @@ -6,7 +6,7 @@ module API params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Trigger a GitLab project build' do success ::API::V3::Entities::TriggerRequest end diff --git a/lib/api/v3/variables.rb b/lib/api/v3/variables.rb index 0f55a14fb28..83972b1e7ce 100644 --- a/lib/api/v3/variables.rb +++ b/lib/api/v3/variables.rb @@ -10,7 +10,7 @@ module API requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Delete an existing variable from a project' do success ::API::Entities::Variable end diff --git a/lib/api/variables.rb b/lib/api/variables.rb index 77e5d54c225..5acde41551b 100644 --- a/lib/api/variables.rb +++ b/lib/api/variables.rb @@ -9,7 +9,7 @@ module API requires :id, type: String, desc: 'The ID of a project' end - resource :projects do + resource :projects, requirements: { id: %r{[^/]+} } do desc 'Get project variables' do success Entities::Variable end -- cgit v1.2.1 From 3f111741967a5dcb6e0418471d2b26ca9ab04eac Mon Sep 17 00:00:00 2001 From: Oswaldo Ferreira Date: Thu, 16 Mar 2017 21:15:05 -0300 Subject: Use "branch_name" instead "branch" on V3 branch creation API --- lib/api/v3/branches.rb | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'lib/api') diff --git a/lib/api/v3/branches.rb b/lib/api/v3/branches.rb index 7d9d6246e46..0a877b960f6 100644 --- a/lib/api/v3/branches.rb +++ b/lib/api/v3/branches.rb @@ -45,6 +45,27 @@ module API status(200) end + + desc 'Create branch' do + success ::API::Entities::RepoBranch + end + params do + requires :branch_name, type: String, desc: 'The name of the branch' + requires :ref, type: String, desc: 'Create branch from commit sha or existing branch' + end + post ":id/repository/branches" do + authorize_push_project + result = CreateBranchService.new(user_project, current_user). + execute(params[:branch_name], params[:ref]) + + if result[:status] == :success + present result[:branch], + with: ::API::Entities::RepoBranch, + project: user_project + else + render_api_error!(result[:message], 400) + end + end end end end -- cgit v1.2.1