Merge branch 'ac-releases-api' into 'master'

Add first-class releases API See merge request gitlab-org/gitlab-ce!23795
author: Kamil Trzciński <ayufan@ayufan.eu> 2018-12-31 09:40:15 +0000
committer: Kamil Trzciński <ayufan@ayufan.eu> 2018-12-31 09:40:15 +0000
commit: 102c1870cf134d3532b9ec3320096f8180a38412 (patch)
tree: d7a532c11aa997ef5539b5f993838debca88efde /app
parent: 1860117556be6a9eabf3befbf9e1622080b64893 (diff)
parent: 54df1a570186c6e1851b98f268121d9d92c2de8a (diff)
download: gitlab-ce-102c1870cf134d3532b9ec3320096f8180a38412.tar.gz
16 files changed, 240 insertions, 79 deletions
diff --git a/app/controllers/projects/releases_controller.rb b/app/controllers/projects/releases_controller.rb
index 58d5ea4762f..62bdc84b41a 100644
--- a/app/controllers/projects/releases_controller.rb
+++ b/app/controllers/projects/releases_controller.rb
@@ -3,7 +3,7 @@
 class Projects::ReleasesController < Projects::ApplicationController
   # Authorize
   before_action :require_non_empty_project
-  before_action :authorize_download_code!
+  before_action :authorize_read_release!
   before_action :check_releases_page_feature_flag
 
   def index
@@ -12,8 +12,8 @@ class Projects::ReleasesController < Projects::ApplicationController
   private
 
   def check_releases_page_feature_flag
-    return render_404 unless Feature.enabled?(:releases_page)
+    return render_404 unless Feature.enabled?(:releases_page, @project)
 
-    push_frontend_feature_flag(:releases_page)
+    push_frontend_feature_flag(:releases_page, @project)
   end
 end
diff --git a/app/controllers/projects/tags_controller.rb b/app/controllers/projects/tags_controller.rb
index a50a1475eb2..a17c050b696 100644
--- a/app/controllers/projects/tags_controller.rb
+++ b/app/controllers/projects/tags_controller.rb
@@ -43,9 +43,22 @@ class Projects::TagsController < Projects::ApplicationController
 
   def create
     result = ::Tags::CreateService.new(@project, current_user)
-      .execute(params[:tag_name], params[:ref], params[:message], params[:release_description])
+      .execute(params[:tag_name], params[:ref], params[:message])
 
     if result[:status] == :success
+      # Release creation with Tags was deprecated in GitLab 11.7
+      if params[:release_description].present?
+        release_params = {
+          tag: params[:tag_name],
+          name: params[:tag_name],
+          description: params[:release_description]
+        }
+
+        Releases::CreateService
+          .new(@project, current_user, release_params)
+          .execute
+      end
+
       @tag = result[:tag]
 
       redirect_to project_tag_path(@project, @tag.name)
diff --git a/app/finders/releases_finder.rb b/app/finders/releases_finder.rb
new file mode 100644
index 00000000000..59e84198fde
--- /dev/null
+++ b/app/finders/releases_finder.rb
@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+class ReleasesFinder
+  def initialize(project, current_user = nil)
+    @project = project
+    @current_user = current_user
+  end
+
+  def execute
+    return Release.none unless Ability.allowed?(@current_user, :read_release, @project)
+
+    @project.releases.sorted
+  end
+end
diff --git a/app/models/release.rb b/app/models/release.rb
index 7a09ee459a6..df3dfe1cf2f 100644
--- a/app/models/release.rb
+++ b/app/models/release.rb
@@ -2,11 +2,39 @@
 
 class Release < ActiveRecord::Base
   include CacheMarkdownField
+  include Gitlab::Utils::StrongMemoize
 
   cache_markdown_field :description
 
   belongs_to :project
+  # releases prior to 11.7 have no author
   belongs_to :author, class_name: 'User'
 
   validates :description, :project, :tag, presence: true
+
+  scope :sorted, -> { order(created_at: :desc) }
+
+  delegate :repository, to: :project
+
+  def commit
+    strong_memoize(:commit) do
+      repository.commit(actual_sha)
+    end
+  end
+
+  def tag_missing?
+    actual_tag.nil?
+  end
+
+  private
+
+  def actual_sha
+    sha || actual_tag&.dereferenced_target
+  end
+
+  def actual_tag
+    strong_memoize(:actual_tag) do
+      repository.find_tag(tag)
+    end
+  end
 end
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index bcbd9676f2e..3146f26bed5 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -23,6 +23,7 @@ class ProjectPolicy < BasePolicy
     container_image
     pages
     cluster
+    release
   ].freeze
 
   desc "User is a project owner"
@@ -173,6 +174,7 @@ class ProjectPolicy < BasePolicy
     enable :read_cycle_analytics
     enable :award_emoji
     enable :read_pages_content
+    enable :read_release
   end
 
   # These abilities are not allowed to admins that are not members of the project,
@@ -239,6 +241,8 @@ class ProjectPolicy < BasePolicy
     enable :update_container_image
     enable :create_environment
     enable :create_deployment
+    enable :create_release
+    enable :update_release
   end
 
   rule { can?(:maintainer_access) }.policy do
@@ -266,6 +270,7 @@ class ProjectPolicy < BasePolicy
     enable :update_cluster
     enable :admin_cluster
     enable :create_environment_terminal
+    enable :destroy_release
   end
 
   rule { (mirror_available & can?(:admin_project)) | admin }.enable :admin_remote_mirror
@@ -325,6 +330,7 @@ class ProjectPolicy < BasePolicy
     prevent :download_code
     prevent :fork_project
     prevent :read_commit_status
+    prevent(*create_read_update_admin_destroy(:release))
   end
 
   rule { container_registry_disabled }.policy do
@@ -354,6 +360,7 @@ class ProjectPolicy < BasePolicy
     enable :read_commit_status
     enable :read_container_image
     enable :download_code
+    enable :read_release
     enable :download_wiki_code
     enable :read_cycle_analytics
     enable :read_pages_content
diff --git a/app/policies/release_policy.rb b/app/policies/release_policy.rb
new file mode 100644
index 00000000000..d7f9e5d7445
--- /dev/null
+++ b/app/policies/release_policy.rb
@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class ReleasePolicy < BasePolicy
+  delegate { @subject.project }
+end
diff --git a/app/services/commits/tag_service.rb b/app/services/commits/tag_service.rb
index 7961ba4d3c4..bb8cfb63f98 100644
--- a/app/services/commits/tag_service.rb
+++ b/app/services/commits/tag_service.rb
@@ -9,11 +9,10 @@ module Commits
 
       tag_name = params[:tag_name]
       message = params[:tag_message]
-      release_description = nil
 
       result = Tags::CreateService
         .new(commit.project, current_user)
-        .execute(tag_name, commit.sha, message, release_description)
+        .execute(tag_name, commit.sha, message)
 
       if result[:status] == :success
         tag = result[:tag]
diff --git a/app/services/create_release_service.rb b/app/services/create_release_service.rb
deleted file mode 100644
index ab2dc5337aa..00000000000
--- a/app/services/create_release_service.rb
+++ /dev/null
@@ -1,35 +0,0 @@
-# frozen_string_literal: true
-
-class CreateReleaseService < BaseService
-  # rubocop: disable CodeReuse/ActiveRecord
-  def execute(tag_name, release_description)
-    repository = project.repository
-    existing_tag = repository.find_tag(tag_name)
-
-    # Only create a release if the tag exists
-    if existing_tag
-      release = project.releases.find_by(tag: tag_name)
-
-      if release
-        error('Release already exists', 409)
-      else
-        release = project.releases.create!(
-          tag: tag_name,
-          name: tag_name,
-          sha: existing_tag.dereferenced_target.sha,
-          author: current_user,
-          description: release_description
-        )
-
-        success(release)
-      end
-    else
-      error('Tag does not exist', 404)
-    end
-  end
-  # rubocop: enable CodeReuse/ActiveRecord
-
-  def success(release)
-    super().merge(release: release)
-  end
-end
diff --git a/app/services/releases/concerns.rb b/app/services/releases/concerns.rb
new file mode 100644
index 00000000000..a04bb8f9e14
--- /dev/null
+++ b/app/services/releases/concerns.rb
@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+module Releases
+  module Concerns
+    extend ActiveSupport::Concern
+    include Gitlab::Utils::StrongMemoize
+
+    included do
+      def tag_name
+        params[:tag]
+      end
+
+      def ref
+        params[:ref]
+      end
+
+      def name
+        params[:name]
+      end
+
+      def description
+        params[:description]
+      end
+
+      def release
+        strong_memoize(:release) do
+          project.releases.find_by_tag(tag_name)
+        end
+      end
+
+      def existing_tag
+        strong_memoize(:existing_tag) do
+          repository.find_tag(tag_name)
+        end
+      end
+
+      def tag_exist?
+        existing_tag.present?
+      end
+
+      def repository
+        strong_memoize(:repository) do
+          project.repository
+        end
+      end
+    end
+  end
+end
diff --git a/app/services/releases/create_service.rb b/app/services/releases/create_service.rb
new file mode 100644
index 00000000000..73fcebf79af
--- /dev/null
+++ b/app/services/releases/create_service.rb
@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+module Releases
+  class CreateService < BaseService
+    include Releases::Concerns
+
+    def execute
+      return error('Access Denied', 403) unless allowed?
+      return error('Release already exists', 409) if release
+
+      tag = ensure_tag
+
+      return tag unless tag.is_a?(Gitlab::Git::Tag)
+
+      create_release(tag)
+    end
+
+    private
+
+    def ensure_tag
+      existing_tag || create_tag
+    end
+
+    def create_tag
+      return error('Ref is not specified', 422) unless ref
+
+      result = Tags::CreateService
+        .new(project, current_user)
+        .execute(tag_name, ref, nil)
+
+      return result unless result[:status] == :success
+
+      result[:tag]
+    end
+
+    def allowed?
+      Ability.allowed?(current_user, :create_release, project)
+    end
+
+    def create_release(tag)
+      release = project.releases.create!(
+        name: name,
+        description: description,
+        author: current_user,
+        tag: tag.name,
+        sha: tag.dereferenced_target.sha
+      )
+
+      success(tag: tag, release: release)
+    rescue ActiveRecord::RecordInvalid => e
+      error(e.message, 400)
+    end
+  end
+end
diff --git a/app/services/releases/destroy_service.rb b/app/services/releases/destroy_service.rb
new file mode 100644
index 00000000000..8c2bc3b4e6e
--- /dev/null
+++ b/app/services/releases/destroy_service.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Releases
+  class DestroyService < BaseService
+    include Releases::Concerns
+
+    def execute
+      return error('Tag does not exist', 404) unless existing_tag
+      return error('Release does not exist', 404) unless release
+      return error('Access Denied', 403) unless allowed?
+
+      if release.destroy
+        success(tag: existing_tag, release: release)
+      else
+        error(release.errors.messages || '400 Bad request', 400)
+      end
+    end
+
+    private
+
+    def allowed?
+      Ability.allowed?(current_user, :destroy_release, release)
+    end
+  end
+end
diff --git a/app/services/releases/update_service.rb b/app/services/releases/update_service.rb
new file mode 100644
index 00000000000..fabfa398c59
--- /dev/null
+++ b/app/services/releases/update_service.rb
@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+module Releases
+  class UpdateService < BaseService
+    include Releases::Concerns
+
+    def execute
+      return error('Tag does not exist', 404) unless existing_tag
+      return error('Release does not exist', 404) unless release
+      return error('Access Denied', 403) unless allowed?
+      return error('params is empty', 400) if empty_params?
+
+      if release.update(params)
+        success(tag: existing_tag, release: release)
+      else
+        error(release.errors.messages || '400 Bad request', 400)
+      end
+    end
+
+    private
+
+    def allowed?
+      Ability.allowed?(current_user, :update_release, release)
+    end
+
+    # rubocop: disable CodeReuse/ActiveRecord
+    def empty_params?
+      params.except(:tag).empty?
+    end
+    # rubocop: enable CodeReuse/ActiveRecord
+  end
+end
diff --git a/app/services/tags/create_service.rb b/app/services/tags/create_service.rb
index 6bb9bb3988e..4de6b2d2774 100644
--- a/app/services/tags/create_service.rb
+++ b/app/services/tags/create_service.rb
@@ -2,7 +2,7 @@
 
 module Tags
   class CreateService < BaseService
-    def execute(tag_name, target, message, release_description = nil)
+    def execute(tag_name, target, message)
       valid_tag = Gitlab::GitRefValidator.validate(tag_name)
       return error('Tag name invalid') unless valid_tag
 
@@ -20,10 +20,7 @@ module Tags
       end
 
       if new_tag
-        if release_description.present?
-          CreateReleaseService.new(@project, @current_user)
-            .execute(tag_name, release_description)
-        end
+        repository.expire_tags_cache
 
         success.merge(tag: new_tag)
       else
diff --git a/app/services/tags/destroy_service.rb b/app/services/tags/destroy_service.rb
index 6bfef09ac54..cab507946b4 100644
--- a/app/services/tags/destroy_service.rb
+++ b/app/services/tags/destroy_service.rb
@@ -2,7 +2,6 @@
 
 module Tags
   class DestroyService < BaseService
-    # rubocop: disable CodeReuse/ActiveRecord
     def execute(tag_name)
       repository = project.repository
       tag = repository.find_tag(tag_name)
@@ -12,8 +11,12 @@ module Tags
       end
 
       if repository.rm_tag(current_user, tag_name)
-        release = project.releases.find_by(tag: tag_name)
-        release&.destroy
+        ##
+        # When a tag in a repository is destroyed,
+        # release assets will be destroyed too.
+        Releases::DestroyService
+          .new(project, current_user, tag: tag_name)
+          .execute
 
         push_data = build_push_data(tag)
         EventCreateService.new.push(project, current_user, push_data)
@@ -27,7 +30,6 @@ module Tags
     rescue Gitlab::Git::PreReceiveError => ex
       error(ex.message)
     end
-    # rubocop: enable CodeReuse/ActiveRecord
 
     def error(message, return_code = 400)
       super(message).merge(return_code: return_code)
diff --git a/app/services/update_release_service.rb b/app/services/update_release_service.rb
deleted file mode 100644
index e2228ca026c..00000000000
--- a/app/services/update_release_service.rb
+++ /dev/null
@@ -1,28 +0,0 @@
-# frozen_string_literal: true
-
-class UpdateReleaseService < BaseService
-  # rubocop: disable CodeReuse/ActiveRecord
-  def execute(tag_name, release_description)
-    repository = project.repository
-    existing_tag = repository.find_tag(tag_name)
-
-    if existing_tag
-      release = project.releases.find_by(tag: tag_name)
-
-      if release
-        release.update(description: release_description)
-
-        success(release)
-      else
-        error('Release does not exist', 404)
-      end
-    else
-      error('Tag does not exist', 404)
-    end
-  end
-  # rubocop: enable CodeReuse/ActiveRecord
-
-  def success(release)
-    super().merge(release: release)
-  end
-end
diff --git a/app/views/layouts/nav/sidebar/_project.html.haml b/app/views/layouts/nav/sidebar/_project.html.haml
index 59557c70904..d8017742c90 100644
--- a/app/views/layouts/nav/sidebar/_project.html.haml
+++ b/app/views/layouts/nav/sidebar/_project.html.haml
@@ -29,7 +29,7 @@
             = link_to activity_project_path(@project), title: _('Activity'), class: 'shortcuts-project-activity' do
               %span= _('Activity')
 
-          - if project_nav_tab?(:releases) && Feature.enabled?(:releases_page)
+          - if project_nav_tab?(:releases) && Feature.enabled?(:releases_page, @project)
             = nav_link(controller: :releases) do
               = link_to project_releases_path(@project), title: _('Releases'), class: 'shortcuts-project-releases' do
                 %span= _('Releases')
author	Kamil Trzciński <ayufan@ayufan.eu>	2018-12-31 09:40:15 +0000
committer	Kamil Trzciński <ayufan@ayufan.eu>	2018-12-31 09:40:15 +0000
commit	102c1870cf134d3532b9ec3320096f8180a38412 (patch)
tree	d7a532c11aa997ef5539b5f993838debca88efde /app
parent	1860117556be6a9eabf3befbf9e1622080b64893 (diff)
parent	54df1a570186c6e1851b98f268121d9d92c2de8a (diff)
download	gitlab-ce-102c1870cf134d3532b9ec3320096f8180a38412.tar.gz