summaryrefslogtreecommitdiff
path: root/lib/api/helpers.rb
Commit message (Collapse)AuthorAgeFilesLines
* Restore back-compatibility for current members API endpointsRémy Coutable2016-08-101-1/+0
| | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* New AccessRequests API endpoints for Group & ProjectRémy Coutable2016-08-101-19/+6
| | | | | | | | Also, mutualize AccessRequests and Members endpoints for Group & Project. New API documentation for the AccessRequests endpoints. Signed-off-by: Rémy Coutable <remy@rymai.me>
* Replace parse_boolean with to_booleanRobert Schilling2016-07-201-5/+1
|
* API: Expose 'developers_can_push' for branchesRobert Schilling2016-07-191-0/+7
|
* Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' ""Rémy Coutable2016-07-181-1/+1
| | | | | | | | This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
* Revert "Merge branch '18193-developers-can-merge' into 'master' "Robert Speicher2016-07-131-1/+1
| | | | | This reverts commit 9ca633eb4c62231e4ddff5466c723cf8e2bdb25d, reversing changes made to fb229bbf7970ba908962b837b270adf56f14098f.
* Refactor `Gitlab::GitAccess`Timothy Andrew2016-07-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Don't use case statements for dispatch anymore. This leads to a lot of duplication, and makes the logic harder to follow. 2. Remove duplicated logic. - For example, the `can_push_to_branch?` exists, but we also have a different way of checking the same condition within `change_access_check`. - This kind of duplication is removed, and the `can_push_to_branch?` method is used in both places. 3. Move checks returning true/false to `UserAccess`. - All public methods in `GitAccess` now return an instance of `GitAccessStatus`. Previously, some methods would return true/false as well, which was confusing. - It makes sense for these kinds of checks to be at the level of a user, so the `UserAccess` class was repurposed for this. The prior `UserAccess.allowed?` classmethod is converted into an instance method. - All external uses of these checks have been migrated to use the `UserAccess` class 4. Move the "change_access_check" into a separate class. - Create the `GitAccess::ChangeAccessCheck` class to run these checks, which are quite substantial. - `ChangeAccessCheck` returns an instance of `GitAccessStatus` as well. 5. Break out the boolean logic in `ChangeAccessCheck` into `if/else` chains - this seems more readable. 6. I can understand that this might look like overkill for !4892, but I think this is a good opportunity to clean it up. - http://martinfowler.com/bliki/OpportunisticRefactoring.html
* Implement @DouweM's feedback.Timothy Andrew2016-06-161-11/+3
| | | | | | | | | | | | | - Extract a duplicated `redirect_to` - Fix a typo: "token", not "certificate" - Have the "Expires at" datepicker be attached to a text field, not inline - Have both private tokens and personal access tokens verified in a single "authenticate_from_private_token" method, both in the application and API. Move relevant logic to `User#find_by_personal_access_token` - Remove unnecessary constants relating to API auth. We don't need a separate constant for personal access tokens since the param is the same as for private tokens.
* Merge remote-tracking branch 'origin/master' into 2979-personal-access-tokensTimothy Andrew2016-06-141-0/+18
|\
| * Fix Error 500 when using closes_issues API with an external issue trackerStan Hu2016-06-111-0/+8
| | | | | | | | Closes #18484
| * Satisfy Rubocopworkhorse-helpersDouwe Maan2016-06-101-2/+2
| |
| * Add workhorse controller and API helpersDouwe Maan2016-06-061-0/+10
| |
* | Merge remote-tracking branch 'origin/master' into 2979-personal-access-tokensTimothy Andrew2016-06-031-2/+13
|\ \ | |/
| * Enable Style/DefWithParentheses cop and fix single offenseRobert Speicher2016-05-231-1/+1
| |
| * Codestyle: make sure we have space around operatorsGabriel Mazetto2016-05-131-1/+1
| |
| * Add API endpoints for un/subscribing from/to a labelAhmad Sherif2016-05-121-0/+11
| | | | | | | | Closes #15638
* | Reuse the private token param and header for personal access tokens.Timothy Andrew2016-05-111-2/+2
| | | | | | | | | | | | | | | | - https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3749#note_11626427 - Personal access tokens are still a separate entity as far as the codebase is concerned - they just happen to use the same entry point as private tokens. - Update tests and documentation to reflect this change
* | Merge remote-tracking branch 'origin/master' into 2979-personal-access-tokensTimothy Andrew2016-05-111-0/+16
|\ \ | |/
| * API support for the 'since' and 'until' operators on commit requestsPaco Guzman2016-04-291-0/+16
| | | | | | - Parameter validation as ISO8601 format
* | Combine `API::Helpers::Core` and `API::Helpers::Authentication` back into ↵Timothy Andrew2016-04-281-0/+397
| | | | | | | | | | | | | | `API::Helpers` - Makes the MR easier to read; this can go in a separate MR - This is a (sort of) revert of 99bea01
* | Refactor `API::Helpers` into `API::Helpers::Core` and ↵Timothy Andrew2016-04-281-385/+0
|/ | | | `API::Helpers::Authentication`
* Merge branch 'api-star-project' into 'master' Rémy Coutable2016-04-131-0/+4
|\ | | | | | | | | | | | | | | | | | | API: Star and unstar a project Add two new endpoints `POST /projects/:id/star` and `POST /projects/:id/unstar` to star and unstar a project. * Closes #12739 See merge request !3578
| * Styling changes to code and docsRobert Schilling2016-04-131-1/+1
| |
| * API: Star and unstar a projectRobert Schilling2016-04-131-0/+4
| |
* | API: Return 404 if user does not have access to groupRobert Schilling2016-04-131-2/+1
|/
* minor improvements and fixed specsZeger-Jan van de Weg2016-03-191-3/+1
|
* Fix add_pagination_headers to keep request parameters in Link headerMichi3022016-02-021-5/+15
|
* Fix CI runner version not being properly updated when asking for a buildfix-ci-runners-version-updateKamil Trzcinski2016-01-271-2/+3
| | | | | | Due to broken implementation of attribute_for_keys the runner information was not updated correctly. This MR adds test to check that such scenario will never happen again.
* Change 'public' flag to more robust 'visibility' query.Josh Frye2016-01-191-2/+2
|
* Add public params to GET /projects api. Closes #3788Josh Frye2016-01-191-0/+4
|
* Merge branch 'master' of https://gitlab.com/gitlab-org/gitlab-ce into ↵Rémy Coutable2016-01-141-1/+3
|\ | | | | | | add-pagination-headers-to-api
| * Refactor build artifacts upload API endpointGrzegorz Bizon2016-01-141-1/+3
| |
* | Add pagination headers to already paginated API resourcesadd-pagination-headers-to-apiRémy Coutable2016-01-141-11/+19
|/
* Migrate CI::Project to ProjectKamil Trzcinski2015-12-111-6/+1
|
* Use normal file upload mechanism to upload artifactsKamil Trzcinski2015-11-101-6/+10
|
* Move tmp artifacts to shared/artifacts/tmp/. Check for GitLab-Workhorse nowKamil Trzcinski2015-11-101-1/+1
|
* Implement Build ArtifactsKamil Trzcinski2015-11-101-0/+44
| | | | | | | - Offloads uploading to GitLab Workhorse - Use /authorize request for fast uploading - Added backup recipes for artifacts - Support download acceleration using X-Sendfile
* Fix API::APIHelpers -> API::Helpers;Jason Lee2015-10-231-1/+1
| | | | Rails Autoload find file to require is use , APIHelpers -> api_helpers.rb, not helpers.rb;
* Fix rubocop warnings in libGuilherme Garnier2015-10-031-3/+2
|
* fix specs. Stage 3Valery Sizov2015-09-151-0/+38
|
* fix specs. Stage 2Valery Sizov2015-09-141-3/+2
|
* Drone CI serviceKirilll Zaitsev2015-09-021-0/+26
|
* Allow to configure gitlab_shell_secret locationJakub Jirutka2015-05-161-1/+1
|
* Query issues, merge requests and milestones with their IID through APIjubianchi2015-05-021-0/+4
|
* Enable more rubocop style checksDmitriy Zaporozhets2015-03-241-2/+2
|
* Merge branch 'master' into fix-restricted-visibilityVinnie Okada2015-03-141-1/+4
|\ | | | | | | | | Conflicts: db/schema.rb
| * use constant-time string compare for internal api authenticationJörg Thalheim2015-03-061-1/+4
| | | | | | | | | | | | | | Ruby str_equal uses memcmp internally to compare String. Memcmp is vunerable to timing attacks because it returns early on mismatch (on most x32 platforms memcmp uses a bytewise comparision). Devise.secure_compare implements a constant time comparision instead.
* | Allow admins to override restricted visibilityVinnie Okada2015-03-081-1/+1
|/ | | | | Allow admins to use restricted visibility levels when creating or updating projects.
* Improve broadcast message APIDmitriy Zaporozhets2015-02-181-2/+2
|
* Edit group members via APIVinnie Okada2015-02-111-0/+5
| | | | | Add an API endpoint to update the access level of an existing group member.
View Lorry Controller Status