From 9a5f40878c6d71e7fd4858f7fa1d948af6c371ae Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Wed, 3 Aug 2016 11:32:29 +0300 Subject: Add API to list merge request diff versions Signed-off-by: Dmitriy Zaporozhets --- lib/api/api.rb | 1 + lib/api/entities.rb | 11 +++++++++++ lib/api/merge_request_diffs.rb | 25 +++++++++++++++++++++++++ 3 files changed, 37 insertions(+) create mode 100644 lib/api/merge_request_diffs.rb (limited to 'lib/api') diff --git a/lib/api/api.rb b/lib/api/api.rb index bd16806892b..9d8f297191f 100644 --- a/lib/api/api.rb +++ b/lib/api/api.rb @@ -67,5 +67,6 @@ module API mount ::API::Triggers mount ::API::Users mount ::API::Variables + mount ::API::MergeRequestDiffs end end diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 3e21b7a0b8a..af069063f0c 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -228,6 +228,17 @@ module API end end + class MergeRequestDiff < Grape::Entity + expose :id, :head_commit_sha, :base_commit_sha, :start_commit_sha, + :created_at, :merge_request_id, :state, :real_size + + expose :commits, using: Entities::RepoCommit + + expose :diffs, using: Entities::RepoDiff do |compare, _| + compare.diffs(all_diffs: true).to_a + end + end + class SSHKey < Grape::Entity expose :id, :title, :key, :created_at end diff --git a/lib/api/merge_request_diffs.rb b/lib/api/merge_request_diffs.rb new file mode 100644 index 00000000000..4bd149d1603 --- /dev/null +++ b/lib/api/merge_request_diffs.rb @@ -0,0 +1,25 @@ +module API + # MergeRequestDiff API + class MergeRequestDiffs < Grape::API + before { authenticate! } + + resource :projects do + # List merge requests diff versions + # + # Parameters: + # id (required) - The ID of a project + # merge_request_id (required) - The ID of MR + # + # Example: + # GET /projects/:id/merge_requests/:merge_request_id/versions + # + get ":id/merge_requests/:merge_request_id/versions" do + merge_request = user_project.merge_requests. + find(params[:merge_request_id]) + + authorize! :read_merge_request, merge_request + present merge_request.merge_request_diffs, with: Entities::MergeRequestDiff + end + end + end +end -- cgit v1.2.1 From 69096ad9da77ce51d544a8f23f4e8873df273f4e Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Wed, 3 Aug 2016 11:58:09 +0300 Subject: Update merge request versions API to match styleguide Signed-off-by: Dmitriy Zaporozhets --- lib/api/merge_request_diffs.rb | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) (limited to 'lib/api') diff --git a/lib/api/merge_request_diffs.rb b/lib/api/merge_request_diffs.rb index 4bd149d1603..be954ff96ac 100644 --- a/lib/api/merge_request_diffs.rb +++ b/lib/api/merge_request_diffs.rb @@ -4,15 +4,16 @@ module API before { authenticate! } resource :projects do - # List merge requests diff versions - # - # Parameters: - # id (required) - The ID of a project - # merge_request_id (required) - The ID of MR - # - # Example: - # GET /projects/:id/merge_requests/:merge_request_id/versions - # + desc 'Get a list of merge request diff versions' do + detail 'This feature was introduced in GitLab 8.12.' + success Entities::MergeRequestDiff + end + + params do + requires :id, type: Integer, desc: 'The ID of a project' + requests :merge_request_id, type: Integer, desc: 'The ID of a merge request' + end + get ":id/merge_requests/:merge_request_id/versions" do merge_request = user_project.merge_requests. find(params[:merge_request_id]) -- cgit v1.2.1 From 08f5f897889dc7e7f00a65f56e988449350e60f2 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Wed, 3 Aug 2016 12:35:20 +0300 Subject: Fix project id param for merge request version API Signed-off-by: Dmitriy Zaporozhets --- lib/api/merge_request_diffs.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/api') diff --git a/lib/api/merge_request_diffs.rb b/lib/api/merge_request_diffs.rb index be954ff96ac..a2f92f81107 100644 --- a/lib/api/merge_request_diffs.rb +++ b/lib/api/merge_request_diffs.rb @@ -10,8 +10,8 @@ module API end params do - requires :id, type: Integer, desc: 'The ID of a project' - requests :merge_request_id, type: Integer, desc: 'The ID of a merge request' + requires :id, type: String, desc: 'The ID of a project' + requires :merge_request_id, type: Integer, desc: 'The ID of a merge request' end get ":id/merge_requests/:merge_request_id/versions" do -- cgit v1.2.1 From ac072132b8f0e36badf297208a5964109dbed126 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Fri, 12 Aug 2016 14:44:49 +0300 Subject: Add single merge request diff API endpoint Signed-off-by: Dmitriy Zaporozhets --- lib/api/entities.rb | 2 ++ lib/api/merge_request_diffs.rb | 19 +++++++++++++++++++ 2 files changed, 21 insertions(+) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index af069063f0c..f582b2ce250 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -231,7 +231,9 @@ module API class MergeRequestDiff < Grape::Entity expose :id, :head_commit_sha, :base_commit_sha, :start_commit_sha, :created_at, :merge_request_id, :state, :real_size + end + class MergeRequestDiffFull < MergeRequestDiff expose :commits, using: Entities::RepoCommit expose :diffs, using: Entities::RepoDiff do |compare, _| diff --git a/lib/api/merge_request_diffs.rb b/lib/api/merge_request_diffs.rb index a2f92f81107..07435d78468 100644 --- a/lib/api/merge_request_diffs.rb +++ b/lib/api/merge_request_diffs.rb @@ -21,6 +21,25 @@ module API authorize! :read_merge_request, merge_request present merge_request.merge_request_diffs, with: Entities::MergeRequestDiff end + + desc 'Get a single merge request diff version' do + detail 'This feature was introduced in GitLab 8.12.' + success Entities::MergeRequestDiffFull + end + + params do + requires :id, type: String, desc: 'The ID of a project' + requires :merge_request_id, type: Integer, desc: 'The ID of a merge request' + requires :version_id, type: Integer, desc: 'The ID of a merge request diff version' + end + + get ":id/merge_requests/:merge_request_id/versions/:version_id" do + merge_request = user_project.merge_requests. + find(params[:merge_request_id]) + + authorize! :read_merge_request, merge_request + present merge_request.merge_request_diffs.find(params[:version_id]), with: Entities::MergeRequestDiffFull + end end end end -- cgit v1.2.1 From dde44b83ddeae75a5c14810d0571ee5c7ab0a26d Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Mon, 22 Aug 2016 15:30:23 +0300 Subject: Fix merge request diff api Signed-off-by: Dmitriy Zaporozhets --- lib/api/entities.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 3f050a8fd81..3241cb7ca56 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -246,7 +246,7 @@ module API expose :commits, using: Entities::RepoCommit expose :diffs, using: Entities::RepoDiff do |compare, _| - compare.diffs(all_diffs: true).to_a + compare.raw_diffs(all_diffs: true).to_a end end -- cgit v1.2.1 From 31b2c1ef880349c9579f41e501de0346e59f0a4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20Dequ=C3=A8nes=20=28Duck=29?= Date: Mon, 22 Aug 2016 12:47:58 +0900 Subject: expose 'only_allow_merge_if_build_succeeds' project setting in the API --- lib/api/entities.rb | 1 + lib/api/projects.rb | 9 ++++++--- 2 files changed, 7 insertions(+), 3 deletions(-) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 66b85ab1793..0f6d28f1821 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -90,6 +90,7 @@ module API expose :shared_with_groups do |project, options| SharedGroup.represent(project.project_group_links.all, options) end + expose :only_allow_merge_if_build_succeeds end class Member < UserBasic diff --git a/lib/api/projects.rb b/lib/api/projects.rb index 60cfc103afd..71efd4f33ca 100644 --- a/lib/api/projects.rb +++ b/lib/api/projects.rb @@ -123,7 +123,8 @@ module API :public, :visibility_level, :import_url, - :public_builds] + :public_builds, + :only_allow_merge_if_build_succeeds] attrs = map_public_to_visibility_level(attrs) @project = ::Projects::CreateService.new(current_user, attrs).execute if @project.saved? @@ -172,7 +173,8 @@ module API :public, :visibility_level, :import_url, - :public_builds] + :public_builds, + :only_allow_merge_if_build_succeeds] attrs = map_public_to_visibility_level(attrs) @project = ::Projects::CreateService.new(user, attrs).execute if @project.saved? @@ -234,7 +236,8 @@ module API :shared_runners_enabled, :public, :visibility_level, - :public_builds] + :public_builds, + :only_allow_merge_if_build_succeeds] attrs = map_public_to_visibility_level(attrs) authorize_admin_project authorize! :rename_project, user_project if attrs[:name].present? -- cgit v1.2.1 From e43c4060b67c1996b917bc00afa72122d1d00004 Mon Sep 17 00:00:00 2001 From: Ben Boeckel Date: Tue, 2 Aug 2016 13:37:04 -0400 Subject: api: expose web_url for project entities This allows web hooks to have a URL back to entities without having to generate it themselves. --- lib/api/entities.rb | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 66b85ab1793..e6bc23b97d7 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -177,6 +177,10 @@ module API # TODO (rspeicher): Deprecated; remove in 9.0 expose(:expires_at) { |snippet| nil } + + expose :web_url do |snippet, options| + Gitlab::UrlBuilder.build(snippet) + end end class ProjectEntity < Grape::Entity @@ -206,6 +210,10 @@ module API expose :user_notes_count expose :upvotes, :downvotes expose :due_date + + expose :web_url do |issue, options| + Gitlab::UrlBuilder.build(issue) + end end class ExternalIssue < Grape::Entity @@ -229,6 +237,10 @@ module API expose :user_notes_count expose :should_remove_source_branch?, as: :should_remove_source_branch expose :force_remove_source_branch?, as: :force_remove_source_branch + + expose :web_url do |merge_request, options| + Gitlab::UrlBuilder.build(merge_request) + end end class MergeRequestChanges < MergeRequest -- cgit v1.2.1 From 99c2f3b3c534386d1d8258fea23d3991695ff4fe Mon Sep 17 00:00:00 2001 From: Ben Boeckel Date: Tue, 23 Aug 2016 14:54:44 -0400 Subject: api: expose wiki_page_events project hook field in the API --- lib/api/entities.rb | 2 +- lib/api/project_hooks.rb | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 66b85ab1793..3ecdc7d448a 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -49,7 +49,7 @@ module API class ProjectHook < Hook expose :project_id, :push_events expose :issues_events, :merge_requests_events, :tag_push_events - expose :note_events, :build_events, :pipeline_events + expose :note_events, :build_events, :pipeline_events, :wiki_page_events expose :enable_ssl_verification end diff --git a/lib/api/project_hooks.rb b/lib/api/project_hooks.rb index 3f63cd678e8..14f5be3b5f6 100644 --- a/lib/api/project_hooks.rb +++ b/lib/api/project_hooks.rb @@ -46,6 +46,7 @@ module API :note_events, :build_events, :pipeline_events, + :wiki_page_events, :enable_ssl_verification ] @hook = user_project.hooks.new(attrs) @@ -80,6 +81,7 @@ module API :note_events, :build_events, :pipeline_events, + :wiki_page_events, :enable_ssl_verification ] -- cgit v1.2.1 From 170885edd6f3ea52792511586778e0dce8021cf7 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Thu, 18 Aug 2016 17:06:33 -0700 Subject: Add Sentry logging to API calls Closes #21043 --- lib/api/api.rb | 12 ++---------- lib/api/helpers.rb | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 10 deletions(-) (limited to 'lib/api') diff --git a/lib/api/api.rb b/lib/api/api.rb index 6b8bfbbdae6..ecbd5a6e2fa 100644 --- a/lib/api/api.rb +++ b/lib/api/api.rb @@ -18,22 +18,14 @@ module API end rescue_from :all do |exception| - # lifted from https://github.com/rails/rails/blob/master/actionpack/lib/action_dispatch/middleware/debug_exceptions.rb#L60 - # why is this not wrapped in something reusable? - trace = exception.backtrace - - message = "\n#{exception.class} (#{exception.message}):\n" - message << exception.annoted_source_code.to_s if exception.respond_to?(:annoted_source_code) - message << " " << trace.join("\n ") - - API.logger.add Logger::FATAL, message - rack_response({ 'message' => '500 Internal Server Error' }.to_json, 500) + handle_api_exception(exception) end format :json content_type :txt, "text/plain" # Ensure the namespace is right, otherwise we might load Grape::API::Helpers + helpers ::SentryHelper helpers ::API::Helpers mount ::API::AccessRequests diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index d0469d6602d..da4b1bf9902 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -279,6 +279,24 @@ module API error!({ 'message' => message }, status) end + def handle_api_exception(exception) + if sentry_enabled? && report_exception?(exception) + define_params_for_grape_middleware + sentry_context + Raven.capture_exception(exception) + end + + # lifted from https://github.com/rails/rails/blob/master/actionpack/lib/action_dispatch/middleware/debug_exceptions.rb#L60 + trace = exception.backtrace + + message = "\n#{exception.class} (#{exception.message}):\n" + message << exception.annoted_source_code.to_s if exception.respond_to?(:annoted_source_code) + message << " " << trace.join("\n ") + + API.logger.add Logger::FATAL, message + rack_response({ 'message' => '500 Internal Server Error' }.to_json, 500) + end + # Projects helpers def filter_projects(projects) @@ -419,5 +437,19 @@ module API Entities::Issue end end + + # The Grape Error Middleware only has access to env but no params. We workaround this by + # defining a method that returns the right value. + def define_params_for_grape_middleware + self.define_singleton_method(:params) { Rack::Request.new(env).params.symbolize_keys } + end + + # We could get a Grape or a standard Ruby exception. We should only report anything that + # is clearly an error. + def report_exception?(exception) + return true unless exception.respond_to?(:status) + + exception.status == 500 + end end end -- cgit v1.2.1 From bba85773519e972d036a933b1f054b6c76050c5f Mon Sep 17 00:00:00 2001 From: Drew Blessing Date: Tue, 26 Jul 2016 16:48:51 -0500 Subject: Add two factor recovery endpoint to internal API --- lib/api/internal.rb | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'lib/api') diff --git a/lib/api/internal.rb b/lib/api/internal.rb index d8e9ac406c4..5b54c11ef62 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -101,6 +101,31 @@ module API {} end end + + post '/two_factor_recovery_codes' do + status 200 + + key = Key.find(params[:key_id]) + user = key.user + + # Make sure this isn't a deploy key + unless key.type.nil? + return { success: false, message: 'Deploy keys cannot be used to retrieve recovery codes' } + end + + unless user.present? + return { success: false, message: 'Could not find a user for the given key' } + end + + unless user.two_factor_enabled? + return { success: false, message: 'Two-factor authentication is not enabled for this user' } + end + + codes = user.generate_otp_backup_codes! + user.save! + + { success: true, recovery_codes: codes } + end end end end -- cgit v1.2.1