summaryrefslogtreecommitdiff
path: root/lib/api
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-08-28 21:20:15 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2020-08-28 21:20:15 +0000
commit92d5172ad42ebc62eb78cac21b1e236ad6ace580 (patch)
treeca89437d4725caeb4e27682522061d3bab7e05b0 /lib/api
parentf4a969f7f495978a7e656c69c929c9fdac111cff (diff)
downloadgitlab-ce-92d5172ad42ebc62eb78cac21b1e236ad6ace580.tar.gz
Add latest changes from gitlab-org/security/gitlab@13-3-stable-ee
Diffstat (limited to 'lib/api')
-rw-r--r--lib/api/badges.rb7
-rw-r--r--lib/api/conan_packages.rb10
-rw-r--r--lib/api/helpers/badges_helpers.rb8
-rw-r--r--lib/api/helpers/packages/conan/api_helpers.rb8
-rw-r--r--lib/api/helpers/packages_manager_clients_helpers.rb2
5 files changed, 20 insertions, 15 deletions
diff --git a/lib/api/badges.rb b/lib/api/badges.rb
index f6cd3f83ff3..f9728ffc446 100644
--- a/lib/api/badges.rb
+++ b/lib/api/badges.rb
@@ -109,9 +109,10 @@ module API
end
put ":id/badges/:badge_id" do
source = find_source_if_admin(source_type)
+ badge = find_badge(source)
badge = ::Badges::UpdateService.new(declared_params(include_missing: false))
- .execute(find_badge(source))
+ .execute(badge)
if badge.valid?
present_badges(source, badge)
@@ -130,10 +131,6 @@ module API
source = find_source_if_admin(source_type)
badge = find_badge(source)
- if badge.is_a?(GroupBadge) && source.is_a?(Project)
- error!('To delete a Group badge please use the Group endpoint', 403)
- end
-
destroy_conditionally!(badge)
end
end
diff --git a/lib/api/conan_packages.rb b/lib/api/conan_packages.rb
index 6923d252fbd..7f2afea9931 100644
--- a/lib/api/conan_packages.rb
+++ b/lib/api/conan_packages.rb
@@ -26,6 +26,8 @@ module API
PACKAGE_COMPONENT_REGEX = Gitlab::Regex.conan_recipe_component_regex
CONAN_REVISION_REGEX = Gitlab::Regex.conan_revision_regex
+ CONAN_FILES = (Gitlab::Regex::Packages::CONAN_RECIPE_FILES + Gitlab::Regex::Packages::CONAN_PACKAGE_FILES).freeze
+
before do
require_packages_enabled!
@@ -259,7 +261,7 @@ module API
end
params do
- requires :file_name, type: String, desc: 'Package file name', regexp: Gitlab::Regex.conan_file_name_regex
+ requires :file_name, type: String, desc: 'Package file name', values: CONAN_FILES
end
namespace 'export/:file_name', requirements: FILE_NAME_REQUIREMENTS do
desc 'Download recipe files' do
@@ -277,7 +279,7 @@ module API
end
params do
- use :workhorse_upload_params
+ requires :file, type: ::API::Validations::Types::WorkhorseFile, desc: 'The package file to be published (generated by Multipart middleware)'
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@@ -300,7 +302,7 @@ module API
params do
requires :conan_package_reference, type: String, desc: 'Conan Package ID'
requires :package_revision, type: String, desc: 'Conan Package Revision'
- requires :file_name, type: String, desc: 'Package file name', regexp: Gitlab::Regex.conan_file_name_regex
+ requires :file_name, type: String, desc: 'Package file name', values: CONAN_FILES
end
namespace 'package/:conan_package_reference/:package_revision/:file_name', requirements: FILE_NAME_REQUIREMENTS do
desc 'Download package files' do
@@ -328,7 +330,7 @@ module API
end
params do
- use :workhorse_upload_params
+ requires :file, type: ::API::Validations::Types::WorkhorseFile, desc: 'The package file to be published (generated by Multipart middleware)'
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
diff --git a/lib/api/helpers/badges_helpers.rb b/lib/api/helpers/badges_helpers.rb
index 46ce5b4e7b5..f402c603c87 100644
--- a/lib/api/helpers/badges_helpers.rb
+++ b/lib/api/helpers/badges_helpers.rb
@@ -6,7 +6,13 @@ module API
include ::API::Helpers::MembersHelpers
def find_badge(source)
- source.badges.find(params[:badge_id])
+ badge_id = params[:badge_id]
+
+ if source.is_a?(Project)
+ source.project_badges.find(badge_id)
+ else
+ source.badges.find(badge_id)
+ end
end
def present_badges(source, records, options = {})
diff --git a/lib/api/helpers/packages/conan/api_helpers.rb b/lib/api/helpers/packages/conan/api_helpers.rb
index a5fde1af41e..c9c2f66ef62 100644
--- a/lib/api/helpers/packages/conan/api_helpers.rb
+++ b/lib/api/helpers/packages/conan/api_helpers.rb
@@ -133,7 +133,7 @@ module API
end
def track_push_package_event
- if params[:file_name] == ::Packages::Conan::FileMetadatum::PACKAGE_BINARY && params['file.size'] > 0
+ if params[:file_name] == ::Packages::Conan::FileMetadatum::PACKAGE_BINARY && params[:file].size > 0 # rubocop: disable Style/ZeroLengthPredicate
track_event('push_package')
end
end
@@ -147,9 +147,9 @@ module API
end
def create_package_file_with_type(file_type, current_package)
- unless params['file.size'] == 0
+ unless params[:file].size == 0 # rubocop: disable Style/ZeroLengthPredicate
# conan sends two upload requests, the first has no file, so we skip record creation if file.size == 0
- ::Packages::Conan::CreatePackageFileService.new(current_package, uploaded_package_file, params.merge(conan_file_type: file_type)).execute
+ ::Packages::Conan::CreatePackageFileService.new(current_package, params[:file], params.merge(conan_file_type: file_type)).execute
end
end
@@ -220,7 +220,7 @@ module API
return unless token
- ::Ci::Build.find_by_token(token.access_token_id.to_s)
+ ::Ci::AuthJobFinder.new(token: token.access_token_id.to_s).execute
end
def decode_oauth_token_from_jwt
diff --git a/lib/api/helpers/packages_manager_clients_helpers.rb b/lib/api/helpers/packages_manager_clients_helpers.rb
index ae16b65aaa8..955d21cb44f 100644
--- a/lib/api/helpers/packages_manager_clients_helpers.rb
+++ b/lib/api/helpers/packages_manager_clients_helpers.rb
@@ -23,7 +23,7 @@ module API
return unless token
- ::Ci::Build.find_by_token(token)
+ ::Ci::AuthJobFinder.new(token: token).execute
end
def find_deploy_token_from_http_basic_auth