diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-16 18:25:58 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-16 18:25:58 +0000 |
commit | a5f4bba440d7f9ea47046a0a561d49adf0a1e6d4 (patch) | |
tree | fb69158581673816a8cd895f9d352dcb3c678b1e /lib/api/pypi_packages.rb | |
parent | d16b2e8639e99961de6ddc93909f3bb5c1445ba1 (diff) | |
download | gitlab-ce-a5f4bba440d7f9ea47046a0a561d49adf0a1e6d4.tar.gz |
Add latest changes from gitlab-org/gitlab@14-0-stable-eev14.0.0-rc42
Diffstat (limited to 'lib/api/pypi_packages.rb')
-rw-r--r-- | lib/api/pypi_packages.rb | 78 |
1 files changed, 72 insertions, 6 deletions
diff --git a/lib/api/pypi_packages.rb b/lib/api/pypi_packages.rb index 73b2f658825..7c5f8bb4d99 100644 --- a/lib/api/pypi_packages.rb +++ b/lib/api/pypi_packages.rb @@ -28,6 +28,73 @@ module API require_packages_enabled! end + helpers do + params :package_download do + requires :file_identifier, type: String, desc: 'The PyPi package file identifier', file_path: true + requires :sha256, type: String, desc: 'The PyPi package sha256 check sum' + end + + params :package_name do + requires :package_name, type: String, file_path: true, desc: 'The PyPi package name' + end + end + + params do + requires :id, type: Integer, desc: 'The ID of a group' + end + resource :groups, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do + after_validation do + unauthorized_user_group! + end + + namespace ':id/-/packages/pypi' do + params do + use :package_download + end + + route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true, job_token_allowed: :basic_auth + get 'files/:sha256/*file_identifier' do + group = unauthorized_user_group! + + filename = "#{params[:file_identifier]}.#{params[:format]}" + package = Packages::Pypi::PackageFinder.new(current_user, group, { filename: filename, sha256: params[:sha256] }).execute + package_file = ::Packages::PackageFileFinder.new(package, filename, with_file_name_like: false).execute + + track_package_event('pull_package', :pypi) + + present_carrierwave_file!(package_file.file, supports_direct_download: true) + end + + desc 'The PyPi Simple Endpoint' do + detail 'This feature was introduced in GitLab 12.10' + end + + params do + use :package_name + end + + # An Api entry point but returns an HTML file instead of JSON. + # PyPi simple API returns the package descriptor as a simple HTML file. + route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true, job_token_allowed: :basic_auth + get 'simple/*package_name', format: :txt do + group = find_authorized_group! + authorize_read_package!(group) + + track_package_event('list_package', :pypi) + + packages = Packages::Pypi::PackagesFinder.new(current_user, group, { package_name: params[:package_name] }).execute! + presenter = ::Packages::Pypi::PackagePresenter.new(packages, group) + + # Adjusts grape output format + # to be HTML + content_type "text/html; charset=utf-8" + env['api.format'] = :binary + + body presenter.body + end + end + end + params do requires :id, type: Integer, desc: 'The ID of a project' end @@ -43,8 +110,7 @@ module API end params do - requires :file_identifier, type: String, desc: 'The PyPi package file identifier', file_path: true - requires :sha256, type: String, desc: 'The PyPi package sha256 check sum' + use :package_download end route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true, job_token_allowed: :basic_auth @@ -55,7 +121,7 @@ module API package = Packages::Pypi::PackageFinder.new(current_user, project, { filename: filename, sha256: params[:sha256] }).execute package_file = ::Packages::PackageFileFinder.new(package, filename, with_file_name_like: false).execute - track_package_event('pull_package', :pypi) + track_package_event('pull_package', :pypi, project: project, namespace: project.namespace) present_carrierwave_file!(package_file.file, supports_direct_download: true) end @@ -65,7 +131,7 @@ module API end params do - requires :package_name, type: String, file_path: true, desc: 'The PyPi package name' + use :package_name end # An Api entry point but returns an HTML file instead of JSON. @@ -74,7 +140,7 @@ module API get 'simple/*package_name', format: :txt do authorize_read_package!(authorized_user_project) - track_package_event('list_package', :pypi) + track_package_event('list_package', :pypi, project: authorized_user_project, namespace: authorized_user_project.namespace) packages = Packages::Pypi::PackagesFinder.new(current_user, authorized_user_project, { package_name: params[:package_name] }).execute! presenter = ::Packages::Pypi::PackagePresenter.new(packages, authorized_user_project) @@ -105,7 +171,7 @@ module API authorize_upload!(authorized_user_project) bad_request!('File is too large') if authorized_user_project.actual_limits.exceeded?(:pypi_max_file_size, params[:content].size) - track_package_event('push_package', :pypi) + track_package_event('push_package', :pypi, project: authorized_user_project, user: current_user, namespace: authorized_user_project.namespace) ::Packages::Pypi::CreatePackageService .new(authorized_user_project, current_user, declared_params.merge(build: current_authenticated_job)) |