diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-02 12:08:18 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-02 12:08:18 +0000 |
| commit | 684d65316ac77c62f47d68b9926eea8af30db227 (patch) | |
| tree | d1f4c4eec399d7772ab4ad6294f98e7505c1cee5 /lib/api | |
| parent | ade18c9d68d5a2e6c6e28ef7e9d3add3b3491ace (diff) | |
| download | gitlab-ce-684d65316ac77c62f47d68b9926eea8af30db227.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/api')
| -rw-r--r-- | lib/api/deploy_tokens.rb | 18 | ||||
| -rw-r--r-- | lib/api/entities/commit_with_link.rb | 8 | ||||
| -rw-r--r-- | lib/api/environments.rb | 1 | ||||
| -rw-r--r-- | lib/api/helpers.rb | 6 | ||||
| -rw-r--r-- | lib/api/helpers/custom_validators.rb | 97 | ||||
| -rw-r--r-- | lib/api/helpers/merge_requests_helpers.rb | 1 | ||||
| -rw-r--r-- | lib/api/issues.rb | 2 | ||||
| -rw-r--r-- | lib/api/validations/check_assignees_count.rb | 34 | ||||
| -rw-r--r-- | lib/api/validations/validators/absence.rb | 15 | ||||
| -rw-r--r-- | lib/api/validations/validators/array_none_any.rb | 19 | ||||
| -rw-r--r-- | lib/api/validations/validators/check_assignees_count.rb | 36 | ||||
| -rw-r--r-- | lib/api/validations/validators/file_path.rb | 18 | ||||
| -rw-r--r-- | lib/api/validations/validators/git_ref.rb | 36 | ||||
| -rw-r--r-- | lib/api/validations/validators/git_sha.rb | 18 | ||||
| -rw-r--r-- | lib/api/validations/validators/integer_none_any.rb | 19 |
15 files changed, 184 insertions, 144 deletions
diff --git a/lib/api/deploy_tokens.rb b/lib/api/deploy_tokens.rb index fb4c4265aef..d36b75f5bfd 100644 --- a/lib/api/deploy_tokens.rb +++ b/lib/api/deploy_tokens.rb @@ -85,12 +85,10 @@ module API delete ':id/deploy_tokens/:token_id' do authorize!(:destroy_deploy_token, user_project) - deploy_token = user_project.project_deploy_tokens - .find_by_deploy_token_id(params[:token_id]) - - not_found!('Deploy Token') unless deploy_token + ::Projects::DeployTokens::DestroyService.new( + user_project, current_user, token_id: params[:token_id] + ).execute - deploy_token.destroy no_content! end end @@ -144,13 +142,17 @@ module API desc 'Delete a group deploy token' do detail 'This feature was introduced in GitLab 12.9' end + params do + requires :token_id, type: Integer, desc: 'The deploy token ID' + end delete ':id/deploy_tokens/:token_id' do authorize!(:destroy_deploy_token, user_group) - deploy_token = user_group.group_deploy_tokens - .find_by_deploy_token_id!(params[:token_id]) + ::Groups::DeployTokens::DestroyService.new( + user_group, current_user, token_id: params[:token_id] + ).execute - destroy_conditionally!(deploy_token) + no_content! end end end diff --git a/lib/api/entities/commit_with_link.rb b/lib/api/entities/commit_with_link.rb index 31a9efed9bc..a135cc19480 100644 --- a/lib/api/entities/commit_with_link.rb +++ b/lib/api/entities/commit_with_link.rb @@ -32,6 +32,14 @@ module API render('projects/commit/_signature', signature: commit.signature) if commit.has_signature? end + expose :prev_commit_id, if: { type: :full } do |commit| + options[:prev_commit_id] + end + + expose :next_commit_id, if: { type: :full } do |commit| + options[:next_commit_id] + end + expose :pipeline_status_path, if: { type: :full } do |commit, options| pipeline_ref = options[:pipeline_ref] pipeline_project = options[:pipeline_project] || commit.project diff --git a/lib/api/environments.rb b/lib/api/environments.rb index e5db9cdedc8..28019ce7796 100644 --- a/lib/api/environments.rb +++ b/lib/api/environments.rb @@ -3,7 +3,6 @@ module API # Environments RESTfull API endpoints class Environments < Grape::API - include ::API::Helpers::CustomValidators include PaginationParams before { authenticate! } diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index be41788ac77..42b82aac1c4 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -179,8 +179,10 @@ module API end # rubocop: disable CodeReuse/ActiveRecord - def find_project_issue(iid) - IssuesFinder.new(current_user, project_id: user_project.id).find_by!(iid: iid) + def find_project_issue(iid, project_id = nil) + project = project_id ? find_project!(project_id) : user_project + + ::IssuesFinder.new(current_user, project_id: project.id).find_by!(iid: iid) end # rubocop: enable CodeReuse/ActiveRecord diff --git a/lib/api/helpers/custom_validators.rb b/lib/api/helpers/custom_validators.rb deleted file mode 100644 index 76f5fe555b4..00000000000 --- a/lib/api/helpers/custom_validators.rb +++ /dev/null @@ -1,97 +0,0 @@ -# frozen_string_literal: true - -module API - module Helpers - module CustomValidators - class FilePath < Grape::Validations::Base - def validate_param!(attr_name, params) - path = params[attr_name] - - Gitlab::Utils.check_path_traversal!(path) - rescue StandardError - raise Grape::Exceptions::Validation, params: [@scope.full_name(attr_name)], - message: "should be a valid file path" - end - end - - class GitSha < Grape::Validations::Base - def validate_param!(attr_name, params) - sha = params[attr_name] - - return if Commit::EXACT_COMMIT_SHA_PATTERN.match?(sha) - - raise Grape::Exceptions::Validation, params: [@scope.full_name(attr_name)], - message: "should be a valid sha" - end - end - - class Absence < Grape::Validations::Base - def validate_param!(attr_name, params) - return if params.respond_to?(:key?) && !params.key?(attr_name) - - raise Grape::Exceptions::Validation, params: [@scope.full_name(attr_name)], message: message(:absence) - end - end - - class IntegerNoneAny < Grape::Validations::Base - def validate_param!(attr_name, params) - value = params[attr_name] - - return if value.is_a?(Integer) || - [IssuableFinder::Params::FILTER_NONE, IssuableFinder::Params::FILTER_ANY].include?(value.to_s.downcase) - - raise Grape::Exceptions::Validation, params: [@scope.full_name(attr_name)], - message: "should be an integer, 'None' or 'Any'" - end - end - - class ArrayNoneAny < Grape::Validations::Base - def validate_param!(attr_name, params) - value = params[attr_name] - - return if value.is_a?(Array) || - [IssuableFinder::Params::FILTER_NONE, IssuableFinder::Params::FILTER_ANY].include?(value.to_s.downcase) - - raise Grape::Exceptions::Validation, params: [@scope.full_name(attr_name)], - message: "should be an array, 'None' or 'Any'" - end - end - - class GitRef < Grape::Validations::Base - # There are few checks that a Git reference should pass through to be valid reference. - # The link contains some rules that have been added to this validator. - # https://mirrors.edge.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html - # We have skipped some checks that are optional and can be skipped for exception. - # We also check for control characters, More info on ctrl chars - https://ruby-doc.org/core-2.7.0/Regexp.html#class-Regexp-label-Character+Classes - INVALID_CHARS = Regexp.union('..', '\\', '@', '@{', ' ', '~', '^', ':', '*', '?', '[', /[[:cntrl:]]/).freeze - GIT_REF_LENGTH = (1..1024).freeze - - def validate_param!(attr_name, params) - revision = params[attr_name] - - return unless invalid_character?(revision) - - raise Grape::Exceptions::Validation, params: [@scope.full_name(attr_name)], - message: 'should be a valid reference path' - end - - private - - def invalid_character?(revision) - revision.nil? || - revision.start_with?('-') || - revision.end_with?('.') || - GIT_REF_LENGTH.exclude?(revision.length) || - INVALID_CHARS.match?(revision) - end - end - end - end -end - -Grape::Validations.register_validator(:file_path, ::API::Helpers::CustomValidators::FilePath) -Grape::Validations.register_validator(:git_sha, ::API::Helpers::CustomValidators::GitSha) -Grape::Validations.register_validator(:absence, ::API::Helpers::CustomValidators::Absence) -Grape::Validations.register_validator(:integer_none_any, ::API::Helpers::CustomValidators::IntegerNoneAny) -Grape::Validations.register_validator(:array_none_any, ::API::Helpers::CustomValidators::ArrayNoneAny) -Grape::Validations.register_validator(:git_ref, ::API::Helpers::CustomValidators::GitRef) diff --git a/lib/api/helpers/merge_requests_helpers.rb b/lib/api/helpers/merge_requests_helpers.rb index e0753254002..73711a7e0ba 100644 --- a/lib/api/helpers/merge_requests_helpers.rb +++ b/lib/api/helpers/merge_requests_helpers.rb @@ -4,7 +4,6 @@ module API module Helpers module MergeRequestsHelpers extend Grape::API::Helpers - include ::API::Helpers::CustomValidators params :merge_requests_base_params do optional :state, diff --git a/lib/api/issues.rb b/lib/api/issues.rb index d34c205281a..a78202877fb 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -23,7 +23,7 @@ module API optional :assignee_id, types: [Integer, String], integer_none_any: true, desc: 'Return issues which are assigned to the user with the given ID' optional :assignee_username, type: Array[String], check_assignees_count: true, - coerce_with: Validations::CheckAssigneesCount.coerce, + coerce_with: Validations::Validators::CheckAssigneesCount.coerce, desc: 'Return issues which are assigned to the user with the given username' mutually_exclusive :assignee_id, :assignee_username end diff --git a/lib/api/validations/check_assignees_count.rb b/lib/api/validations/check_assignees_count.rb deleted file mode 100644 index 451b14c623c..00000000000 --- a/lib/api/validations/check_assignees_count.rb +++ /dev/null @@ -1,34 +0,0 @@ -# frozen_string_literal: true - -module API - module Validations - class CheckAssigneesCount < Grape::Validations::Base - def self.coerce - lambda do |value| - case value - when String, Array - Array.wrap(value) - else - [] - end - end - end - - def validate_param!(attr_name, params) - return if param_allowed?(attr_name, params) - - raise Grape::Exceptions::Validation, - params: [@scope.full_name(attr_name)], - message: "allows one value, but found #{params[attr_name].size}: #{params[attr_name].join(", ")}" - end - - private - - def param_allowed?(attr_name, params) - params[attr_name].size <= 1 - end - end - end -end - -API::Validations::CheckAssigneesCount.prepend_if_ee('EE::API::Validations::CheckAssigneesCount') diff --git a/lib/api/validations/validators/absence.rb b/lib/api/validations/validators/absence.rb new file mode 100644 index 00000000000..1f43f3ab126 --- /dev/null +++ b/lib/api/validations/validators/absence.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module API + module Validations + module Validators + class Absence < Grape::Validations::Base + def validate_param!(attr_name, params) + return if params.respond_to?(:key?) && !params.key?(attr_name) + + raise Grape::Exceptions::Validation, params: [@scope.full_name(attr_name)], message: message(:absence) + end + end + end + end +end diff --git a/lib/api/validations/validators/array_none_any.rb b/lib/api/validations/validators/array_none_any.rb new file mode 100644 index 00000000000..7efb8e6ccee --- /dev/null +++ b/lib/api/validations/validators/array_none_any.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +module API + module Validations + module Validators + class ArrayNoneAny < Grape::Validations::Base + def validate_param!(attr_name, params) + value = params[attr_name] + + return if value.is_a?(Array) || + [IssuableFinder::Params::FILTER_NONE, IssuableFinder::Params::FILTER_ANY].include?(value.to_s.downcase) + + raise Grape::Exceptions::Validation, params: [@scope.full_name(attr_name)], + message: "should be an array, 'None' or 'Any'" + end + end + end + end +end diff --git a/lib/api/validations/validators/check_assignees_count.rb b/lib/api/validations/validators/check_assignees_count.rb new file mode 100644 index 00000000000..b614058e325 --- /dev/null +++ b/lib/api/validations/validators/check_assignees_count.rb @@ -0,0 +1,36 @@ +# frozen_string_literal: true + +module API + module Validations + module Validators + class CheckAssigneesCount < Grape::Validations::Base + def self.coerce + lambda do |value| + case value + when String, Array + Array.wrap(value) + else + [] + end + end + end + + def validate_param!(attr_name, params) + return if param_allowed?(attr_name, params) + + raise Grape::Exceptions::Validation, + params: [@scope.full_name(attr_name)], + message: "allows one value, but found #{params[attr_name].size}: #{params[attr_name].join(", ")}" + end + + private + + def param_allowed?(attr_name, params) + params[attr_name].size <= 1 + end + end + end + end +end + +API::Validations::Validators::CheckAssigneesCount.prepend_if_ee('EE::API::Validations::Validators::CheckAssigneesCount') diff --git a/lib/api/validations/validators/file_path.rb b/lib/api/validations/validators/file_path.rb new file mode 100644 index 00000000000..93a20e5bf7d --- /dev/null +++ b/lib/api/validations/validators/file_path.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +module API + module Validations + module Validators + class FilePath < Grape::Validations::Base + def validate_param!(attr_name, params) + path = params[attr_name] + + Gitlab::Utils.check_path_traversal!(path) + rescue StandardError + raise Grape::Exceptions::Validation, params: [@scope.full_name(attr_name)], + message: "should be a valid file path" + end + end + end + end +end diff --git a/lib/api/validations/validators/git_ref.rb b/lib/api/validations/validators/git_ref.rb new file mode 100644 index 00000000000..1dda9d758a7 --- /dev/null +++ b/lib/api/validations/validators/git_ref.rb @@ -0,0 +1,36 @@ +# frozen_string_literal: true + +module API + module Validations + module Validators + class GitRef < Grape::Validations::Base + # There are few checks that a Git reference should pass through to be valid reference. + # The link contains some rules that have been added to this validator. + # https://mirrors.edge.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html + # We have skipped some checks that are optional and can be skipped for exception. + # We also check for control characters, More info on ctrl chars - https://ruby-doc.org/core-2.7.0/Regexp.html#class-Regexp-label-Character+Classes + INVALID_CHARS = Regexp.union('..', '\\', '@', '@{', ' ', '~', '^', ':', '*', '?', '[', /[[:cntrl:]]/).freeze + GIT_REF_LENGTH = (1..1024).freeze + + def validate_param!(attr_name, params) + revision = params[attr_name] + + return unless invalid_character?(revision) + + raise Grape::Exceptions::Validation, params: [@scope.full_name(attr_name)], + message: 'should be a valid reference path' + end + + private + + def invalid_character?(revision) + revision.nil? || + revision.start_with?('-') || + revision.end_with?('.') || + GIT_REF_LENGTH.exclude?(revision.length) || + INVALID_CHARS.match?(revision) + end + end + end + end +end diff --git a/lib/api/validations/validators/git_sha.rb b/lib/api/validations/validators/git_sha.rb new file mode 100644 index 00000000000..657307db1df --- /dev/null +++ b/lib/api/validations/validators/git_sha.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +module API + module Validations + module Validators + class GitSha < Grape::Validations::Base + def validate_param!(attr_name, params) + sha = params[attr_name] + + return if Commit::EXACT_COMMIT_SHA_PATTERN.match?(sha) + + raise Grape::Exceptions::Validation, params: [@scope.full_name(attr_name)], + message: "should be a valid sha" + end + end + end + end +end diff --git a/lib/api/validations/validators/integer_none_any.rb b/lib/api/validations/validators/integer_none_any.rb new file mode 100644 index 00000000000..aa8c137a6ab --- /dev/null +++ b/lib/api/validations/validators/integer_none_any.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +module API + module Validations + module Validators + class IntegerNoneAny < Grape::Validations::Base + def validate_param!(attr_name, params) + value = params[attr_name] + + return if value.is_a?(Integer) || + [IssuableFinder::Params::FILTER_NONE, IssuableFinder::Params::FILTER_ANY].include?(value.to_s.downcase) + + raise Grape::Exceptions::Validation, params: [@scope.full_name(attr_name)], + message: "should be an integer, 'None' or 'Any'" + end + end + end + end +end |