summaryrefslogtreecommitdiff
path: root/app/services/snippets
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-01-17 00:09:00 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2020-01-17 00:09:00 +0000
commitefb0c7f501e4a8883796b5acfdc584e2720febba (patch)
treea5870a33d1154a555a46b293aac42dbb4197b31d /app/services/snippets
parent727b1a890c8e44440414c59611e9ead34d6edc93 (diff)
downloadgitlab-ce-efb0c7f501e4a8883796b5acfdc584e2720febba.tar.gz
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/services/snippets')
-rw-r--r--app/services/snippets/base_service.rb15
-rw-r--r--app/services/snippets/create_service.rb40
-rw-r--r--app/services/snippets/destroy_service.rb48
-rw-r--r--app/services/snippets/update_service.rb36
4 files changed, 139 insertions, 0 deletions
diff --git a/app/services/snippets/base_service.rb b/app/services/snippets/base_service.rb
new file mode 100644
index 00000000000..2b450db0b83
--- /dev/null
+++ b/app/services/snippets/base_service.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Snippets
+ class BaseService < ::BaseService
+ private
+
+ def snippet_error_response(snippet, http_status)
+ ServiceResponse.error(
+ message: snippet.errors.full_messages.to_sentence,
+ http_status: http_status,
+ payload: { snippet: snippet }
+ )
+ end
+ end
+end
diff --git a/app/services/snippets/create_service.rb b/app/services/snippets/create_service.rb
new file mode 100644
index 00000000000..250e99c466a
--- /dev/null
+++ b/app/services/snippets/create_service.rb
@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+module Snippets
+ class CreateService < Snippets::BaseService
+ include SpamCheckMethods
+
+ def execute
+ filter_spam_check_params
+
+ snippet = if project
+ project.snippets.build(params)
+ else
+ PersonalSnippet.new(params)
+ end
+
+ unless Gitlab::VisibilityLevel.allowed_for?(current_user, snippet.visibility_level)
+ deny_visibility_level(snippet)
+
+ return snippet_error_response(snippet, 403)
+ end
+
+ snippet.author = current_user
+
+ spam_check(snippet, current_user)
+
+ snippet_saved = snippet.with_transaction_returning_status do
+ snippet.save && snippet.store_mentions!
+ end
+
+ if snippet_saved
+ UserAgentDetailService.new(snippet, @request).create
+ Gitlab::UsageDataCounters::SnippetCounter.count(:create)
+
+ ServiceResponse.success(payload: { snippet: snippet } )
+ else
+ snippet_error_response(snippet, 400)
+ end
+ end
+ end
+end
diff --git a/app/services/snippets/destroy_service.rb b/app/services/snippets/destroy_service.rb
new file mode 100644
index 00000000000..f253817d94f
--- /dev/null
+++ b/app/services/snippets/destroy_service.rb
@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+module Snippets
+ class DestroyService
+ include Gitlab::Allowable
+
+ attr_reader :current_user, :project
+
+ def initialize(user, snippet)
+ @current_user = user
+ @snippet = snippet
+ @project = snippet&.project
+ end
+
+ def execute
+ if snippet.nil?
+ return service_response_error('No snippet found.', 404)
+ end
+
+ unless user_can_delete_snippet?
+ return service_response_error(
+ "You don't have access to delete this snippet.",
+ 403
+ )
+ end
+
+ if snippet.destroy
+ ServiceResponse.success(message: 'Snippet was deleted.')
+ else
+ service_response_error('Failed to remove snippet.', 400)
+ end
+ end
+
+ private
+
+ attr_reader :snippet
+
+ def user_can_delete_snippet?
+ return can?(current_user, :admin_project_snippet, snippet) if project
+
+ can?(current_user, :admin_personal_snippet, snippet)
+ end
+
+ def service_response_error(message, http_status)
+ ServiceResponse.error(message: message, http_status: http_status)
+ end
+ end
+end
diff --git a/app/services/snippets/update_service.rb b/app/services/snippets/update_service.rb
new file mode 100644
index 00000000000..8d2c8cac148
--- /dev/null
+++ b/app/services/snippets/update_service.rb
@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module Snippets
+ class UpdateService < Snippets::BaseService
+ include SpamCheckMethods
+
+ def execute(snippet)
+ # check that user is allowed to set specified visibility_level
+ new_visibility = visibility_level
+
+ if new_visibility && new_visibility.to_i != snippet.visibility_level
+ unless Gitlab::VisibilityLevel.allowed_for?(current_user, new_visibility)
+ deny_visibility_level(snippet, new_visibility)
+
+ return snippet_error_response(snippet, 403)
+ end
+ end
+
+ filter_spam_check_params
+ snippet.assign_attributes(params)
+ spam_check(snippet, current_user)
+
+ snippet_saved = snippet.with_transaction_returning_status do
+ snippet.save && snippet.store_mentions!
+ end
+
+ if snippet_saved
+ Gitlab::UsageDataCounters::SnippetCounter.count(:update)
+
+ ServiceResponse.success(payload: { snippet: snippet } )
+ else
+ snippet_error_response(snippet, 400)
+ end
+ end
+ end
+end