From 4317a2a3a2e39e4c2594b0b28abf7a8cc694eeab Mon Sep 17 00:00:00 2001 From: Sean McGivern Date: Mon, 8 Apr 2019 15:33:30 +0000 Subject: Fix `updated_at` doesn't apply to `state_event` updates of issues via API --- lib/api/issues.rb | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'lib/api') diff --git a/lib/api/issues.rb b/lib/api/issues.rb index 999a9cb5a82..000c00ea9f9 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -230,9 +230,13 @@ module API issue = user_project.issues.find_by!(iid: params.delete(:issue_iid)) authorize! :update_issue, issue - # Setting created_at time only allowed for admins and project/group owners - unless current_user.admin? || user_project.owner == current_user || current_user.owned_groups.include?(user_project.owner) - params.delete(:updated_at) + # Setting updated_at only allowed for admins and owners as well + if params[:updated_at].present? + if current_user.admin? || user_project.owner == current_user || current_user.owned_groups.include?(user_project.owner) + issue.system_note_timestamp = params[:updated_at] + else + params.delete(:updated_at) + end end update_params = declared_params(include_missing: false).merge(request: request, api: true) -- cgit v1.2.1 From aa352a95df665ded5178c1b26d4492433e47714e Mon Sep 17 00:00:00 2001 From: Luke Duncalfe Date: Fri, 29 Mar 2019 14:07:03 +1300 Subject: Support merge request create with push options To create a new merge request: git push -u origin -o merge_request.create To create a new merge request setting target branch: git push -u origin -o merge_request.create \ -o merge_request.target=123 To update an existing merge request with a new target branch: git push -u origin -o merge_request.target=123 A new Gitlab::PushOptions class handles parsing and validating the push options array. This can be the start of the standard of GitLab accepting push options that follow namespacing rules. Rules are discussed in issue https://gitlab.com/gitlab-org/gitlab-ce/issues/43263. E.g. these push options: -o merge_request.create -o merge_request.target=123 Become parsed as: { merge_request: { create: true, target: '123', } } And are fetched with the class via: push_options.get(:merge_request) push_options.get(:merge_request, :create) push_options.get(:merge_request, :target) A new MergeRequests::PushOptionsHandlerService takes the `merge_request` namespaced push options and handles creating and updating merge requests. Any errors encountered are passed to the existing `output` Hash in Api::Internal's `post_receive` endpoint, and passed to gitlab-shell where they're output to the user. Issue https://gitlab.com/gitlab-org/gitlab-ce/issues/43263 --- lib/api/helpers/internal_helpers.rb | 5 +++++ lib/api/internal.rb | 36 +++++++++++++++++++++++++++++------- 2 files changed, 34 insertions(+), 7 deletions(-) (limited to 'lib/api') diff --git a/lib/api/helpers/internal_helpers.rb b/lib/api/helpers/internal_helpers.rb index 3fd824877ae..5014ba51b94 100644 --- a/lib/api/helpers/internal_helpers.rb +++ b/lib/api/helpers/internal_helpers.rb @@ -43,6 +43,11 @@ module API ::MergeRequests::GetUrlsService.new(project).execute(params[:changes]) end + def push_options_warning(warning) + options = Array.wrap(params[:push_options]).map { |p| "'#{p}'" }.join(' ') + "Error encountered with push options #{options}: #{warning}" + end + def redis_ping result = Gitlab::Redis::SharedState.with { |redis| redis.ping } diff --git a/lib/api/internal.rb b/lib/api/internal.rb index 9c7b9146c8f..75202fa953c 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -256,19 +256,41 @@ module API post '/post_receive' do status 200 + output = {} # Messages to gitlab-shell + user = identify(params[:identifier]) + project = Gitlab::GlRepository.parse(params[:gl_repository]).first + push_options = Gitlab::PushOptions.new(params[:push_options]) + PostReceive.perform_async(params[:gl_repository], params[:identifier], params[:changes], params[:push_options].to_a) + + if (mr_options = push_options.get(:merge_request)) + begin + service = ::MergeRequests::PushOptionsHandlerService.new( + project, + user, + params[:changes], + mr_options + ).execute + + if service.errors.present? + output[:warnings] = push_options_warning(service.errors.join("\n\n")) + end + rescue ::MergeRequests::PushOptionsHandlerService::Error => e + output[:warnings] = push_options_warning(e.message) + rescue Gitlab::Access::AccessDeniedError + output[:warnings] = push_options_warning('User access was denied') + end + end + broadcast_message = BroadcastMessage.current&.last&.message reference_counter_decreased = Gitlab::ReferenceCounter.new(params[:gl_repository]).decrease - output = { - merge_request_urls: merge_request_urls, + output.merge!( broadcast_message: broadcast_message, - reference_counter_decreased: reference_counter_decreased - } - - project = Gitlab::GlRepository.parse(params[:gl_repository]).first - user = identify(params[:identifier]) + reference_counter_decreased: reference_counter_decreased, + merge_request_urls: merge_request_urls + ) # A user is not guaranteed to be returned; an orphaned write deploy # key could be used -- cgit v1.2.1 From ca884980ee8e6fe1269f5abdb803519d51aa09c0 Mon Sep 17 00:00:00 2001 From: Oswaldo Ferreira Date: Sun, 7 Apr 2019 15:35:16 -0300 Subject: [CE] Support multiple assignees for merge requests Backports https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/10161 (code out of ee/ folder). --- lib/api/entities.rb | 6 +++++- lib/api/merge_requests.rb | 4 ++++ 2 files changed, 9 insertions(+), 1 deletion(-) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 2dd3120d3fc..8e0623887a8 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -663,7 +663,11 @@ module API expose(:user_notes_count) { |merge_request, options| issuable_metadata(merge_request, options, :user_notes_count) } expose(:upvotes) { |merge_request, options| issuable_metadata(merge_request, options, :upvotes) } expose(:downvotes) { |merge_request, options| issuable_metadata(merge_request, options, :downvotes) } - expose :author, :assignee, using: Entities::UserBasic + expose :assignee, using: ::API::Entities::UserBasic do |merge_request| + merge_request.assignee + end + expose :author, :assignees, using: Entities::UserBasic + expose :source_project_id, :target_project_id expose :labels do |merge_request| # Avoids an N+1 query since labels are preloaded diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb index e4b21b7d1c4..1cc0ecc6df8 100644 --- a/lib/api/merge_requests.rb +++ b/lib/api/merge_requests.rb @@ -20,6 +20,7 @@ module API def self.update_params_at_least_one_of %i[ assignee_id + assignee_ids description labels milestone_id @@ -184,6 +185,7 @@ module API params :optional_params do optional :description, type: String, desc: 'The description of the merge request' optional :assignee_id, type: Integer, desc: 'The ID of a user to assign the merge request' + optional :assignee_ids, type: Array[Integer], desc: 'The array of user IDs to assign issue' optional :milestone_id, type: Integer, desc: 'The ID of a milestone to assign the merge request' optional :labels, type: Array[String], coerce_with: Validations::Types::LabelsList.coerce, desc: 'Comma-separated list of label names' optional :remove_source_branch, type: Boolean, desc: 'Remove source branch when merging' @@ -231,6 +233,7 @@ module API mr_params = declared_params(include_missing: false) mr_params[:force_remove_source_branch] = mr_params.delete(:remove_source_branch) + mr_params = convert_parameters_from_legacy_format(mr_params) merge_request = ::MergeRequests::CreateService.new(user_project, current_user, mr_params).execute @@ -334,6 +337,7 @@ module API mr_params = declared_params(include_missing: false) mr_params[:force_remove_source_branch] = mr_params.delete(:remove_source_branch) if mr_params[:remove_source_branch].present? + mr_params = convert_parameters_from_legacy_format(mr_params) merge_request = ::MergeRequests::UpdateService.new(user_project, current_user, mr_params).execute(merge_request) -- cgit v1.2.1 From 1883e320eafa02b332a16eec658f65c4a28def83 Mon Sep 17 00:00:00 2001 From: Luke Duncalfe Date: Fri, 5 Apr 2019 17:19:30 +1300 Subject: Use Gitlab::PushOptions for `ci.skip` push option Previously the raw push option Array was sent to Pipeline::Chain::Skip. This commit updates this class (and the chain of classes that pass the push option parameters from the API internal `post_receive` endpoint to that class) to treat push options as a Hash of options parsed by GitLab::PushOptions. The GitLab::PushOptions class takes options like this: -o ci.skip -o merge_request.create -o merge_request.target=branch and turns them into a Hash like this: { ci: { skip: true }, merge_request: { create: true, target: 'branch' } } This now how Pipeline::Chain::Skip is determining if the `ci.skip` push option was used. --- lib/api/internal.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/api') diff --git a/lib/api/internal.rb b/lib/api/internal.rb index 75202fa953c..ee1fb465608 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -262,7 +262,7 @@ module API push_options = Gitlab::PushOptions.new(params[:push_options]) PostReceive.perform_async(params[:gl_repository], params[:identifier], - params[:changes], params[:push_options].to_a) + params[:changes], push_options.as_json) if (mr_options = push_options.get(:merge_request)) begin -- cgit v1.2.1 From e73f537cb5097e85849110bafe184cb89e3bbc22 Mon Sep 17 00:00:00 2001 From: Luke Duncalfe Date: Mon, 8 Apr 2019 17:07:53 +1200 Subject: Refactor PushOptionsHandlerService from review Exceptions are no longer raised, instead all errors encountered are added to the errors property. MergeRequests::BuildService is used to generate attributes of a new merge request. Code moved from Api::Internal to Api::Helpers::InternalHelpers. --- lib/api/helpers/internal_helpers.rb | 17 +++++++++++++++++ lib/api/internal.rb | 20 ++------------------ 2 files changed, 19 insertions(+), 18 deletions(-) (limited to 'lib/api') diff --git a/lib/api/helpers/internal_helpers.rb b/lib/api/helpers/internal_helpers.rb index 5014ba51b94..71c30ec99a5 100644 --- a/lib/api/helpers/internal_helpers.rb +++ b/lib/api/helpers/internal_helpers.rb @@ -43,6 +43,23 @@ module API ::MergeRequests::GetUrlsService.new(project).execute(params[:changes]) end + def process_mr_push_options(push_options, project, user, changes) + output = {} + + service = ::MergeRequests::PushOptionsHandlerService.new( + project, + user, + changes, + push_options + ).execute + + if service.errors.present? + output[:warnings] = push_options_warning(service.errors.join("\n\n")) + end + + output + end + def push_options_warning(warning) options = Array.wrap(params[:push_options]).map { |p| "'#{p}'" }.join(' ') "Error encountered with push options #{options}: #{warning}" diff --git a/lib/api/internal.rb b/lib/api/internal.rb index ee1fb465608..224aaaaf006 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -264,24 +264,8 @@ module API PostReceive.perform_async(params[:gl_repository], params[:identifier], params[:changes], push_options.as_json) - if (mr_options = push_options.get(:merge_request)) - begin - service = ::MergeRequests::PushOptionsHandlerService.new( - project, - user, - params[:changes], - mr_options - ).execute - - if service.errors.present? - output[:warnings] = push_options_warning(service.errors.join("\n\n")) - end - rescue ::MergeRequests::PushOptionsHandlerService::Error => e - output[:warnings] = push_options_warning(e.message) - rescue Gitlab::Access::AccessDeniedError - output[:warnings] = push_options_warning('User access was denied') - end - end + mr_options = push_options.get(:merge_request) + output.merge!(process_mr_push_options(mr_options, project, user, params[:changes])) if mr_options.present? broadcast_message = BroadcastMessage.current&.last&.message reference_counter_decreased = Gitlab::ReferenceCounter.new(params[:gl_repository]).decrease -- cgit v1.2.1 From 3c40c98e263328ceb11a008dbec108362e727dbc Mon Sep 17 00:00:00 2001 From: Luke Duncalfe Date: Mon, 8 Apr 2019 21:59:12 +1200 Subject: Feature flag for merge requestion push options https://gitlab.com/gitlab-org/gitlab-ce/issues/43263 https://gitlab.com/gitlab-org/gitlab-ce/issues/53198 --- lib/api/internal.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'lib/api') diff --git a/lib/api/internal.rb b/lib/api/internal.rb index 224aaaaf006..00f0bbab231 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -264,8 +264,10 @@ module API PostReceive.perform_async(params[:gl_repository], params[:identifier], params[:changes], push_options.as_json) - mr_options = push_options.get(:merge_request) - output.merge!(process_mr_push_options(mr_options, project, user, params[:changes])) if mr_options.present? + if Feature.enabled?(:mr_push_options, default_enabled: true) + mr_options = push_options.get(:merge_request) + output.merge!(process_mr_push_options(mr_options, project, user, params[:changes])) if mr_options.present? + end broadcast_message = BroadcastMessage.current&.last&.message reference_counter_decreased = Gitlab::ReferenceCounter.new(params[:gl_repository]).decrease -- cgit v1.2.1 From 724f19ba0a051bbe8e9dd89f208261abe0f8133a Mon Sep 17 00:00:00 2001 From: Krasimir Angelov Date: Tue, 9 Apr 2019 09:16:57 +0000 Subject: Add new API endpoint to expose single environment This is resolving https://gitlab.com/gitlab-org/gitlab-ce/issues/30157. Implement new API endpoint `/projects/:id/environments/:environment_id` to expose single environment. Include information for environment's last deployment if there is one. --- lib/api/entities.rb | 9 +++++---- lib/api/environments.rb | 15 +++++++++++++++ 2 files changed, 20 insertions(+), 4 deletions(-) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 2dd3120d3fc..f9773086f69 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -1294,10 +1294,6 @@ module API expose :id, :name, :slug, :external_url end - class Environment < EnvironmentBasic - expose :project, using: Entities::BasicProjectDetails - end - class Deployment < Grape::Entity expose :id, :iid, :ref, :sha, :created_at expose :user, using: Entities::UserBasic @@ -1305,6 +1301,11 @@ module API expose :deployable, using: Entities::Job end + class Environment < EnvironmentBasic + expose :project, using: Entities::BasicProjectDetails + expose :last_deployment, using: Entities::Deployment, if: { last_deployment: true } + end + class LicenseBasic < Grape::Entity expose :key, :name, :nickname expose :url, as: :html_url diff --git a/lib/api/environments.rb b/lib/api/environments.rb index 5b0f3b914cb..6cd43923559 100644 --- a/lib/api/environments.rb +++ b/lib/api/environments.rb @@ -101,6 +101,21 @@ module API status 200 present environment, with: Entities::Environment, current_user: current_user end + + desc 'Get a single environment' do + success Entities::Environment + end + params do + requires :environment_id, type: Integer, desc: 'The environment ID' + end + get ':id/environments/:environment_id' do + authorize! :read_environment, user_project + + environment = user_project.environments.find(params[:environment_id]) + present environment, with: Entities::Environment, current_user: current_user, + except: [:project, { last_deployment: [:environment] }], + last_deployment: true + end end end end -- cgit v1.2.1 From 20093f9de0b34da88a8b01ca94ee773685b16308 Mon Sep 17 00:00:00 2001 From: Agustin Henze Date: Tue, 9 Apr 2019 14:53:44 +0000 Subject: Add new permission model `read-pipeline-variable` Used to get the variables via the API endpoint `/projects/:id/pipelines/:pipeline_id/variables` Signed-off-by: Agustin Henze --- lib/api/pipelines.rb | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'lib/api') diff --git a/lib/api/pipelines.rb b/lib/api/pipelines.rb index ac8fe98e55e..f29a18e94cf 100644 --- a/lib/api/pipelines.rb +++ b/lib/api/pipelines.rb @@ -81,6 +81,19 @@ module API present pipeline, with: Entities::Pipeline end + desc 'Gets the variables for a given pipeline' do + detail 'This feature was introduced in GitLab 11.11' + success Entities::Variable + end + params do + requires :pipeline_id, type: Integer, desc: 'The pipeline ID' + end + get ':id/pipelines/:pipeline_id/variables' do + authorize! :read_pipeline_variable, pipeline + + present pipeline.variables, with: Entities::Variable + end + desc 'Deletes a pipeline' do detail 'This feature was introduced in GitLab 11.6' http_codes [[204, 'Pipeline was deleted'], [403, 'Forbidden']] -- cgit v1.2.1 From 9bc5ed14fe97fe63cd5be30c013c6af978715621 Mon Sep 17 00:00:00 2001 From: Imre Farkas Date: Tue, 9 Apr 2019 15:38:58 +0000 Subject: Move Contribution Analytics related spec in spec/features/groups/group_page_with_external_authorization_service_spec to EE --- lib/api/entities.rb | 3 +++ lib/api/helpers/projects_helpers.rb | 5 +++-- lib/api/settings.rb | 4 +++- 3 files changed, 9 insertions(+), 3 deletions(-) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index b45484945fd..4bdac278add 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -277,6 +277,7 @@ module API expose :statistics, using: 'API::Entities::ProjectStatistics', if: -> (project, options) { options[:statistics] && Ability.allowed?(options[:current_user], :read_statistics, project) } + expose :external_authorization_classification_label # rubocop: disable CodeReuse/ActiveRecord def self.preload_relation(projects_relation, options = {}) @@ -1120,6 +1121,8 @@ module API expose(:default_snippet_visibility) { |setting, _options| Gitlab::VisibilityLevel.string_level(setting.default_snippet_visibility) } expose(:default_group_visibility) { |setting, _options| Gitlab::VisibilityLevel.string_level(setting.default_group_visibility) } + expose(*::ApplicationSettingsHelper.external_authorization_service_attributes) + # support legacy names, can be removed in v5 expose :password_authentication_enabled_for_web, as: :password_authentication_enabled expose :password_authentication_enabled_for_web, as: :signin_enabled diff --git a/lib/api/helpers/projects_helpers.rb b/lib/api/helpers/projects_helpers.rb index 7b858dc2e72..aaf32dafca4 100644 --- a/lib/api/helpers/projects_helpers.rb +++ b/lib/api/helpers/projects_helpers.rb @@ -29,13 +29,13 @@ module API optional :printing_merge_request_link_enabled, type: Boolean, desc: 'Show link to create/view merge request when pushing from the command line' optional :merge_method, type: String, values: %w(ff rebase_merge merge), desc: 'The merge method used when merging merge requests' optional :initialize_with_readme, type: Boolean, desc: "Initialize a project with a README.md" + optional :external_authorization_classification_label, type: String, desc: 'The classification label for the project' end if Gitlab.ee? params :optional_project_params_ee do optional :repository_storage, type: String, desc: 'Which storage shard the repository is on. Available only to admins' optional :approvals_before_merge, type: Integer, desc: 'How many approvers should approve merge request by default' - optional :external_authorization_classification_label, type: String, desc: 'The classification label for the project' optional :mirror, type: Boolean, desc: 'Enables pull mirroring in a project' optional :mirror_trigger_builds, type: Boolean, desc: 'Pull mirroring triggers builds' end @@ -72,7 +72,8 @@ module API :tag_list, :visibility, :wiki_enabled, - :avatar + :avatar, + :external_authorization_classification_label ] end end diff --git a/lib/api/settings.rb b/lib/api/settings.rb index d96cdc31212..b064747e5fc 100644 --- a/lib/api/settings.rb +++ b/lib/api/settings.rb @@ -168,7 +168,9 @@ module API optional :usage_ping_enabled, type: Boolean, desc: 'Every week GitLab will report license usage back to GitLab, Inc.' end - optional_attributes = ::ApplicationSettingsHelper.visible_attributes << :performance_bar_allowed_group_id + optional_attributes = [*::ApplicationSettingsHelper.visible_attributes, + *::ApplicationSettingsHelper.external_authorization_service_attributes, + :performance_bar_allowed_group_id] if Gitlab.ee? optional_attributes += EE::ApplicationSettingsHelper.possible_licensed_attributes -- cgit v1.2.1