diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-09 12:07:45 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-09 12:07:45 +0000 |
commit | ac1dca43baa7b3b1ac7d60d89ad60fdeefed0b80 (patch) | |
tree | 33aa23ddf7f18ddbfba3d006041c460de88583b7 /lib | |
parent | f4186a753b86625a83e8499af14b5badd63a2ac2 (diff) | |
download | gitlab-ce-ac1dca43baa7b3b1ac7d60d89ad60fdeefed0b80.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib')
-rw-r--r-- | lib/api/entities/remote_mirror.rb | 3 | ||||
-rw-r--r-- | lib/api/helpers.rb | 20 | ||||
-rw-r--r-- | lib/api/internal/base.rb | 4 | ||||
-rw-r--r-- | lib/api/projects.rb | 18 | ||||
-rw-r--r-- | lib/api/remote_mirrors.rb | 5 | ||||
-rw-r--r-- | lib/gitlab/git_access_snippet.rb | 5 |
6 files changed, 40 insertions, 15 deletions
diff --git a/lib/api/entities/remote_mirror.rb b/lib/api/entities/remote_mirror.rb index dde3e9dea99..18d51726bab 100644 --- a/lib/api/entities/remote_mirror.rb +++ b/lib/api/entities/remote_mirror.rb @@ -12,6 +12,9 @@ module API expose :last_successful_update_at expose :last_error expose :only_protected_branches + expose :keep_divergent_refs, if: -> (mirror, _options) do + ::Feature.enabled?(:keep_divergent_refs, mirror.project) + end end end end diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 6c3b8cb8dd8..c3b5654e217 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -142,6 +142,12 @@ module API end end + def check_namespace_access(namespace) + return namespace if can?(current_user, :read_namespace, namespace) + + not_found!('Namespace') + end + # rubocop: disable CodeReuse/ActiveRecord def find_namespace(id) if id.to_s =~ /^\d+$/ @@ -153,13 +159,15 @@ module API # rubocop: enable CodeReuse/ActiveRecord def find_namespace!(id) - namespace = find_namespace(id) + check_namespace_access(find_namespace(id)) + end - if can?(current_user, :read_namespace, namespace) - namespace - else - not_found!('Namespace') - end + def find_namespace_by_path(path) + Namespace.find_by_full_path(path) + end + + def find_namespace_by_path!(path) + check_namespace_access(find_namespace_by_path(path)) end def find_branch!(branch_name) diff --git a/lib/api/internal/base.rb b/lib/api/internal/base.rb index 2e1891ac656..cca037b0705 100644 --- a/lib/api/internal/base.rb +++ b/lib/api/internal/base.rb @@ -108,6 +108,10 @@ module API # check_ip - optional, only in EE version, may limit access to # group resources based on its IP restrictions post "/allowed" do + if repo_type.snippet? && Feature.disabled?(:version_snippets, actor.user) + break response_with_status(code: 404, success: false, message: 'The project you were looking for could not be found.') + end + # It was moved to a separate method so that EE can alter its behaviour more # easily. check_allowed(params) diff --git a/lib/api/projects.rb b/lib/api/projects.rb index ca55e6ac010..3717e25d997 100644 --- a/lib/api/projects.rb +++ b/lib/api/projects.rb @@ -263,7 +263,9 @@ module API success Entities::Project end params do - optional :namespace, type: String, desc: 'The ID or name of the namespace that the project will be forked into' + optional :namespace, type: String, desc: '(deprecated) The ID or name of the namespace that the project will be forked into' + optional :namespace_id, type: Integer, desc: 'The ID of the namespace that the project will be forked into' + optional :namespace_path, type: String, desc: 'The path of the namespace that the project will be forked into' optional :path, type: String, desc: 'The path that will be assigned to the fork' optional :name, type: String, desc: 'The name that will be assigned to the fork' end @@ -273,7 +275,15 @@ module API not_found! unless can?(current_user, :fork_project, user_project) fork_params = declared_params(include_missing: false) - fork_params[:namespace] = find_namespace!(fork_params[:namespace]) if fork_params[:namespace].present? + + fork_params[:namespace] = + if fork_params[:namespace_id].present? + find_namespace!(fork_params[:namespace_id]) + elsif fork_params[:namespace_path].present? + find_namespace_by_path!(fork_params[:namespace_path]) + elsif fork_params[:namespace].present? + find_namespace!(fork_params[:namespace]) + end service = ::Projects::ForkService.new(user_project, current_user, fork_params) @@ -285,8 +295,8 @@ module API conflict!(forked_project.errors.messages) else present forked_project, with: Entities::Project, - user_can_admin_project: can?(current_user, :admin_project, forked_project), - current_user: current_user + user_can_admin_project: can?(current_user, :admin_project, forked_project), + current_user: current_user end end diff --git a/lib/api/remote_mirrors.rb b/lib/api/remote_mirrors.rb index bdaec67108d..cb8383ff08a 100644 --- a/lib/api/remote_mirrors.rb +++ b/lib/api/remote_mirrors.rb @@ -33,9 +33,11 @@ module API requires :url, type: String, desc: 'The URL for a remote mirror' optional :enabled, type: Boolean, desc: 'Determines if the mirror is enabled' optional :only_protected_branches, type: Boolean, desc: 'Determines if only protected branches are mirrored' + optional :keep_divergent_refs, type: Boolean, desc: 'Determines if divergent refs are kept on the target' end post ':id/remote_mirrors' do create_params = declared_params(include_missing: false) + create_params.delete(:keep_divergent_refs) unless ::Feature.enabled?(:keep_divergent_refs, user_project) new_mirror = user_project.remote_mirrors.create(create_params) @@ -53,12 +55,15 @@ module API requires :mirror_id, type: String, desc: 'The ID of a remote mirror' optional :enabled, type: Boolean, desc: 'Determines if the mirror is enabled' optional :only_protected_branches, type: Boolean, desc: 'Determines if only protected branches are mirrored' + optional :keep_divergent_refs, type: Boolean, desc: 'Determines if divergent refs are kept on the target' end put ':id/remote_mirrors/:mirror_id' do mirror = user_project.remote_mirrors.find(params[:mirror_id]) mirror_params = declared_params(include_missing: false) mirror_params[:id] = mirror_params.delete(:mirror_id) + mirror_params.delete(:keep_divergent_refs) unless ::Feature.enabled?(:keep_divergent_refs, user_project) + update_params = { remote_mirrors_attributes: mirror_params } result = ::Projects::UpdateService diff --git a/lib/gitlab/git_access_snippet.rb b/lib/gitlab/git_access_snippet.rb index 3956fc8a483..5817b17164e 100644 --- a/lib/gitlab/git_access_snippet.rb +++ b/lib/gitlab/git_access_snippet.rb @@ -8,7 +8,6 @@ module Gitlab authentication_mechanism: 'The authentication mechanism is not supported.', read_snippet: 'You are not allowed to read this snippet.', update_snippet: 'You are not allowed to update this snippet.', - project_not_found: 'The project you were looking for could not be found.', snippet_not_found: 'The snippet you were looking for could not be found.', repository_not_found: 'The snippet repository you were looking for could not be found.' }.freeze @@ -31,10 +30,6 @@ module Gitlab raise ForbiddenError, ERROR_MESSAGES[:authentication_mechanism] end - unless Feature.enabled?(:version_snippets, user) - raise NotFoundError, ERROR_MESSAGES[:project_not_found] - end - check_snippet_accessibility! super |