1 files changed, 86 insertions, 4 deletions

diff --git a/lib/api/generic_packages.rb b/lib/api/generic_packages.rb
index 98b8a40c7c9..a0c33ab65b9 100644
--- a/lib/api/generic_packages.rb
+++ b/lib/api/generic_packages.rb
@@ -1,7 +1,12 @@
 # frozen_string_literal: true
 
 module API
-  class GenericPackages < Grape::API::Instance
+  class GenericPackages < ::API::Base
+    GENERIC_PACKAGES_REQUIREMENTS = {
+      package_name: API::NO_SLASH_URL_PART_REGEX,
+      file_name: API::NO_SLASH_URL_PART_REGEX
+    }.freeze
+
     before do
       require_packages_enabled!
       authenticate!
@@ -17,17 +22,94 @@ module API
       route_setting :authentication, job_token_allowed: true
 
       namespace ':id/packages/generic' do
-        get 'ping' do
-          :pong
+        namespace ':package_name/*package_version/:file_name', requirements: GENERIC_PACKAGES_REQUIREMENTS do
+          desc 'Workhorse authorize generic package file' do
+            detail 'This feature was introduced in GitLab 13.5'
+          end
+
+          route_setting :authentication, job_token_allowed: true
+
+          params do
+            requires :package_name, type: String, desc: 'Package name', regexp: Gitlab::Regex.generic_package_name_regex, file_path: true
+            requires :package_version, type: String, desc: 'Package version', regexp: Gitlab::Regex.generic_package_version_regex
+            requires :file_name, type: String, desc: 'Package file name', regexp: Gitlab::Regex.generic_package_file_name_regex, file_path: true
+          end
+
+          put 'authorize' do
+            authorize_workhorse!(subject: project, maximum_size: project.actual_limits.generic_packages_max_file_size)
+          end
+
+          desc 'Upload package file' do
+            detail 'This feature was introduced in GitLab 13.5'
+          end
+
+          params do
+            requires :package_name, type: String, desc: 'Package name', regexp: Gitlab::Regex.generic_package_name_regex, file_path: true
+            requires :package_version, type: String, desc: 'Package version', regexp: Gitlab::Regex.generic_package_version_regex
+            requires :file_name, type: String, desc: 'Package file name', regexp: Gitlab::Regex.generic_package_file_name_regex, file_path: true
+            requires :file, type: ::API::Validations::Types::WorkhorseFile, desc: 'The package file to be published (generated by Multipart middleware)'
+          end
+
+          route_setting :authentication, job_token_allowed: true
+
+          put do
+            authorize_upload!(project)
+            bad_request!('File is too large') if max_file_size_exceeded?
+
+            track_event('push_package')
+
+            create_package_file_params = declared_params.merge(build: current_authenticated_job)
+            ::Packages::Generic::CreatePackageFileService
+              .new(project, current_user, create_package_file_params)
+              .execute
+
+            created!
+          rescue ObjectStorage::RemoteStoreError => e
+            Gitlab::ErrorTracking.track_exception(e, extra: { file_name: params[:file_name], project_id: project.id })
+
+            forbidden!
+          end
+
+          desc 'Download package file' do
+            detail 'This feature was introduced in GitLab 13.5'
+          end
+
+          params do
+            requires :package_name, type: String, desc: 'Package name', regexp: Gitlab::Regex.generic_package_name_regex, file_path: true
+            requires :package_version, type: String, desc: 'Package version', regexp: Gitlab::Regex.generic_package_version_regex
+            requires :file_name, type: String, desc: 'Package file name', regexp: Gitlab::Regex.generic_package_file_name_regex, file_path: true
+          end
+
+          route_setting :authentication, job_token_allowed: true
+
+          get do
+            authorize_read_package!(project)
+
+            package = ::Packages::Generic::PackageFinder.new(project).execute!(params[:package_name], params[:package_version])
+            package_file = ::Packages::PackageFileFinder.new(package, params[:file_name]).execute!
+
+            track_event('pull_package')
+
+            present_carrierwave_file!(package_file.file)
+          end
         end
       end
     end
 
     helpers do
       include ::API::Helpers::PackagesHelpers
+      include ::API::Helpers::Packages::BasicAuthHelpers
 
       def require_generic_packages_available!
-        not_found! unless Feature.enabled?(:generic_packages, user_project)
+        not_found! unless Feature.enabled?(:generic_packages, project, default_enabled: true)
+      end
+
+      def project
+        authorized_user_project
+      end
+
+      def max_file_size_exceeded?
+        project.actual_limits.exceeded?(:generic_packages_max_file_size, params[:file].size)
       end
     end
   end