diff options
| author | Tomasz Maczukin <tomasz@maczukin.pl> | 2016-01-26 17:03:38 +0100 |
|---|---|---|
| committer | Tomasz Maczukin <tomasz@maczukin.pl> | 2016-02-19 13:18:46 +0100 |
| commit | 128be3c0103f601b2c80f3489646e57e202f6327 (patch) | |
| tree | 293399797a6cb9cc5814eac25acd6e5d57c9f1ea /lib/api/runners.rb | |
| parent | e586858eb58cc628f700c4f0d6ae7b574def3be9 (diff) | |
| download | gitlab-ce-128be3c0103f601b2c80f3489646e57e202f6327.tar.gz | |
Add basic runners management API
- add feature to list runners
- add feature to show runners details
- add feature to delete runner
- add feature to update runner
Diffstat (limited to 'lib/api/runners.rb')
| -rw-r--r-- | lib/api/runners.rb | 107 |
1 files changed, 107 insertions, 0 deletions
diff --git a/lib/api/runners.rb b/lib/api/runners.rb new file mode 100644 index 00000000000..7d4ca3f1587 --- /dev/null +++ b/lib/api/runners.rb @@ -0,0 +1,107 @@ +module API + # Runners API + class Runners < Grape::API + before { authenticate! } + + resource :runners do + # Get available shared runners + # + # Example Request: + # GET /runners + get do + runners = + if current_user.is_admin? + Ci::Runner.all + else + current_user.ci_authorized_runners + end + + runners = filter_runners(runners, params[:scope]) + present paginate(runners), with: Entities::Runner + end + + get ':id' do + runner = get_runner(params[:id]) + can_show_runner?(runner) unless current_user.is_admin? + + present runner, with: Entities::RunnerDetails + end + + put ':id' do + runner = get_runner(params[:id]) + can_update_runner?(runner) unless current_user.is_admin? + + attrs = attributes_for_keys [:description, :active, :tag_list] + if runner.update(attrs) + present runner, with: Entities::RunnerDetails + else + render_validation_error!(runner) + end + end + + delete ':id' do + runner = get_runner(params[:id]) + can_delete_runner?(runner) + runner.destroy! + + present runner, with: Entities::RunnerDetails + end + end + + resource :projects do + before { authorize_admin_project } + + # Get runners available for project + # + # Example Request: + # GET /projects/:id/runners + get ':id/runners' do + runners = filter_runners(Ci::Runner.owned_or_shared(user_project.id), params[:scope]) + present paginate(runners), with: Entities::Runner + end + end + + helpers do + def filter_runners(runners, scope) + return runners unless scope.present? + + available_scopes = ::Ci::Runner::AVAILABLE_SCOPES + unless (available_scopes && scope).empty? + runners.send(scope) + else + render_api_error!('Scope contains invalid value', 400) + end + end + + def get_runner(id) + runner = Ci::Runner.find(id) + not_found!('Runner') unless runner + runner + end + + def can_show_runner?(runner) + return true if runner.is_shared + forbidden!("Can't show runner's details - no access granted") unless user_can_access_runner?(runner) + end + + def can_update_runner?(runner) + return true if current_user.is_admin? + forbidden!("Can't update shared runner") if runner.is_shared? + forbidden!("Can't update runner - no access granted") unless user_can_access_runner?(runner) + end + + def can_delete_runner?(runner) + return true if current_user.is_admin? + forbidden!("Can't delete shared runner") if runner.is_shared? + forbidden!("Can't delete runner - associated with more than one project") if runner.projects.count > 1 + forbidden!("Can't delete runner - no access granted") unless user_can_access_runner?(runner) + end + + def user_can_access_runner?(runner) + runner.projects.inject(false) do |final, project| + final ||= abilities.allowed?(current_user, :admin_project, project) + end + end + end + end +end |