refactors documentation and personal access tokens form to not allow admins to generate non impersionation tokens

author: Tiago Botelho <tiagonbotelho@hotmail.com> 2017-02-09 15:21:09 +0000
committer: Tiago Botelho <tiagonbotelho@hotmail.com> 2017-02-28 22:15:40 +0000
commit: f0ea7130f7bf0e7a3702d863b4d246f524b6c14a (patch)
tree: ec626d2d42c7942fa1cbc1505275ed7d4de52fa5 /lib/api
parent: c2b1cdef7e8cdaec35bd0844301ce8f06ed742b7 (diff)
download: gitlab-ce-f0ea7130f7bf0e7a3702d863b4d246f524b6c14a.tar.gz
2 files changed, 103 insertions, 54 deletions
diff --git a/lib/api/personal_access_tokens.rb b/lib/api/personal_access_tokens.rb
index 56797ddcf74..7afb8eec14c 100644
--- a/lib/api/personal_access_tokens.rb
+++ b/lib/api/personal_access_tokens.rb
@@ -3,7 +3,10 @@ module API
     before { authenticate! }
 
     resource :personal_access_tokens do
-      desc 'Retrieve personal access tokens'
+      desc 'Retrieve personal access tokens' do
+        detail 'This feature was introduced in GitLab 9.0'
+        success Entities::BasicPersonalAccessToken
+      end
       params do
         optional :state, type: String, default: 'all', values: %w[all active inactive], desc: 'Filters (all|active|inactive) personal_access_tokens'
       end
@@ -20,7 +23,24 @@ module API
         present personal_access_tokens, with: Entities::BasicPersonalAccessToken
       end
 
-      desc 'Create a personal access token'
+      desc 'Retrieve personal access token' do
+        detail 'This feature was introduced in GitLab 9.0'
+        success Entities::BasicPersonalAccessToken
+      end
+      params do
+        requires :personal_access_token_id, type: Integer, desc: 'The ID of the personal access token'
+      end
+      get ':personal_access_token_id' do
+        personal_access_token = PersonalAccessToken.find_by(id: params[:personal_access_token_id], user_id: current_user.id)
+        not_found!('PersonalAccessToken') unless personal_access_token
+
+        present personal_access_token, with: Entities::BasicPersonalAccessToken
+      end
+
+      desc 'Create a personal access token' do
+        detail 'This feature was introduced in GitLab 9.0'
+        success Entities::BasicPersonalAccessToken
+      end
       params do
         requires :name, type: String, desc: 'The name of the personal access token'
         optional :expires_at, type: Date, desc: 'The expiration date in the format YEAR-MONTH-DAY of the personal access token'
@@ -39,7 +59,10 @@ module API
         end
       end
 
-      desc 'Revoke a personal access token'
+      desc 'Revoke a personal access token' do
+        detail 'This feature was introduced in GitLab 9.0'
+        success Entities::BasicPersonalAccessToken
+      end
       params do
         requires :personal_access_token_id, type: Integer, desc: 'The ID of the personal access token'
       end
@@ -49,7 +72,7 @@ module API
 
         personal_access_token.revoke!
 
-        present personal_access_token, with: Entities::BasicPersonalAccessToken
+        no_content!
       end
     end
   end
diff --git a/lib/api/users.rb b/lib/api/users.rb
index 2b48da6ea99..c302a6dd690 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -363,71 +363,97 @@ module API
         present paginate(events), with: Entities::Event
       end
 
-      desc 'Retrieve personal access tokens. Available only for admins.'
       params do
-        requires :user_id, type: Integer
-        optional :state, type: String, default: 'all', values: %w[all active inactive], desc: 'Filters (all|active|inactive) personal_access_tokens'
-        optional :impersonation, type: Boolean, default: false, desc: 'Filters only impersonation personal_access_token'
+        requires :user_id, type: Integer, desc: 'The ID of the user'
       end
-      get ':user_id/personal_access_tokens' do
-        authenticated_as_admin!
+      segment ':user_id' do
+        resource :personal_access_tokens do
+          before { authenticated_as_admin! }
 
-        user = User.find_by(id: params[:user_id])
-        not_found!('User') unless user
+          desc 'Retrieve personal access tokens. Available only for admins.' do
+            detail 'This feature was introduced in GitLab 9.0'
+            success Entities::PersonalAccessToken
+          end
+          params do
+            optional :state, type: String, default: 'all', values: %w[all active inactive], desc: 'Filters (all|active|inactive) personal_access_tokens'
+            optional :impersonation, type: Boolean, default: false, desc: 'Filters only impersonation personal_access_tokens'
+          end
+          get do
+            user = User.find_by(id: params[:user_id])
+            not_found!('User') unless user
 
-        personal_access_tokens = PersonalAccessToken.and_impersonation_tokens.where(user_id: user.id)
-        personal_access_tokens = personal_access_tokens.impersonation if params[:impersonation]
+            personal_access_tokens = PersonalAccessToken.and_impersonation_tokens.where(user_id: user.id)
+            personal_access_tokens = personal_access_tokens.impersonation if params[:impersonation]
 
-        case params[:state]
-        when "active"
-          personal_access_tokens = personal_access_tokens.active
-        when "inactive"
-          personal_access_tokens = personal_access_tokens.inactive
-        end
+            case params[:state]
+            when "active"
+              personal_access_tokens = personal_access_tokens.active
+            when "inactive"
+              personal_access_tokens = personal_access_tokens.inactive
+            end
 
-        present personal_access_tokens, with: Entities::PersonalAccessToken
-      end
+            present personal_access_tokens, with: Entities::PersonalAccessToken
+          end
 
-      desc 'Create a personal access token. Available only for admins.'
-      params do
-        requires :user_id, type: Integer, desc: 'The ID of the user'
-        requires :name, type: String, desc: 'The name of the personal access token'
-        optional :expires_at, type: Date, desc: 'The expiration date in the format YEAR-MONTH-DAY of the personal access token'
-        optional :scopes, type: Array, desc: 'The array of scopes of the personal access token'
-        optional :impersonation, type: Boolean, default: false, desc: 'The impersonation flag of the personal access token'
-      end
-      post ':user_id/personal_access_tokens' do
-        authenticated_as_admin!
+          desc 'Create a personal access token. Available only for admins.' do
+            detail 'This feature was introduced in GitLab 9.0'
+            success Entities::PersonalAccessToken
+          end
+          params do
+            requires :name, type: String, desc: 'The name of the personal access token'
+            optional :expires_at, type: Date, desc: 'The expiration date in the format YEAR-MONTH-DAY of the personal access token'
+            optional :scopes, type: Array, desc: 'The array of scopes of the personal access token'
+            optional :impersonation, type: Boolean, default: false, desc: 'The impersonation flag of the personal access token'
+          end
+          post do
+            user = User.find_by(id: params[:user_id])
+            not_found!('User') unless user
 
-        user = User.find_by(id: params[:user_id])
-        not_found!('User') unless user
+            personal_access_token = PersonalAccessToken.generate(declared_params(include_missing: false, include_parent_namespaces: true))
+
+            if personal_access_token.save
+              present personal_access_token, with: Entities::PersonalAccessToken
+            else
+              render_validation_error!(personal_access_token)
+            end
+          end
 
-        personal_access_token = PersonalAccessToken.generate(declared_params(include_missing: false))
+          desc 'Retrieve personal access token. Available only for admins.' do
+            detail 'This feature was introduced in GitLab 9.0'
+            success Entities::PersonalAccessToken
+          end
+          params do
+            requires :personal_access_token_id, type: Integer, desc: 'The ID of the personal access token'
+          end
+          get '/:personal_access_token_id' do
+            user = User.find_by(id: params[:user_id])
+            not_found!('User') unless user
 
-        if personal_access_token.save
-          present personal_access_token, with: Entities::PersonalAccessToken
-        else
-          render_validation_error!(personal_access_token)
-        end
-      end
+            personal_access_token = PersonalAccessToken.and_impersonation_tokens.find_by(user_id: user.id, id: params[:personal_access_token_id])
+            not_found!('PersonalAccessToken') unless personal_access_token
 
-      desc 'Revoke a personal access token. Available only for admins.'
-      params do
-        requires :user_id, type: Integer, desc: 'The ID of the user'
-        requires :personal_access_token_id, type: Integer, desc: 'The ID of the personal access token'
-      end
-      delete ':user_id/personal_access_tokens/:personal_access_token_id' do
-        authenticated_as_admin!
+            present personal_access_token, with: Entities::PersonalAccessToken
+          end
 
-        user = User.find_by(id: params[:user_id])
-        not_found!('User') unless user
+          desc 'Revoke a personal access token. Available only for admins.' do
+            detail 'This feature was introduced in GitLab 9.0'
+            success Entities::PersonalAccessToken
+          end
+          params do
+            requires :personal_access_token_id, type: Integer, desc: 'The ID of the personal access token'
+          end
+          delete '/:personal_access_token_id' do
+            user = User.find_by(id: params[:user_id])
+            not_found!('User') unless user
 
-        personal_access_token = PersonalAccessToken.and_impersonation_tokens.find_by(user_id: user.id, id: params[:personal_access_token_id])
-        not_found!('PersonalAccessToken') unless personal_access_token
+            personal_access_token = PersonalAccessToken.and_impersonation_tokens.find_by(user_id: user.id, id: params[:personal_access_token_id])
+            not_found!('PersonalAccessToken') unless personal_access_token
 
-        personal_access_token.revoke!
+            personal_access_token.revoke!
 
-        present personal_access_token, with: Entities::PersonalAccessToken
+            no_content!
+          end
+        end
       end
     end
author	Tiago Botelho <tiagonbotelho@hotmail.com>	2017-02-09 15:21:09 +0000
committer	Tiago Botelho <tiagonbotelho@hotmail.com>	2017-02-28 22:15:40 +0000
commit	f0ea7130f7bf0e7a3702d863b4d246f524b6c14a (patch)
tree	ec626d2d42c7942fa1cbc1505275ed7d4de52fa5 /lib/api
parent	c2b1cdef7e8cdaec35bd0844301ce8f06ed742b7 (diff)
download	gitlab-ce-f0ea7130f7bf0e7a3702d863b4d246f524b6c14a.tar.gz