diff options
Diffstat (limited to 'lib/api/project_snippets.rb')
-rw-r--r-- | lib/api/project_snippets.rb | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/lib/api/project_snippets.rb b/lib/api/project_snippets.rb index f6e87fece89..b4de260fe49 100644 --- a/lib/api/project_snippets.rb +++ b/lib/api/project_snippets.rb @@ -1,10 +1,9 @@ # frozen_string_literal: true module API - class ProjectSnippets < Grape::API::Instance + class ProjectSnippets < ::API::Base include PaginationParams - before { authenticate! } before { check_snippets_enabled } params do @@ -37,6 +36,8 @@ module API use :pagination end get ":id/snippets" do + authenticate! + present paginate(snippets_for_current_user), with: Entities::ProjectSnippet, current_user: current_user end @@ -48,6 +49,9 @@ module API end get ":id/snippets/:snippet_id" do snippet = snippets_for_current_user.find(params[:snippet_id]) + + not_found!('Snippet') unless snippet + present snippet, with: Entities::ProjectSnippet, current_user: current_user end @@ -63,6 +67,8 @@ module API use :create_file_params end post ":id/snippets" do + authenticate! + authorize! :create_snippet, user_project snippet_params = process_create_params(declared_params(include_missing: false)) @@ -97,6 +103,8 @@ module API end # rubocop: disable CodeReuse/ActiveRecord put ":id/snippets/:snippet_id" do + authenticate! + snippet = snippets_for_current_user.find_by(id: params.delete(:snippet_id)) not_found!('Snippet') unless snippet @@ -125,6 +133,8 @@ module API end # rubocop: disable CodeReuse/ActiveRecord delete ":id/snippets/:snippet_id" do + authenticate! + snippet = snippets_for_current_user.find_by(id: params[:snippet_id]) not_found!('Snippet') unless snippet |