summaryrefslogtreecommitdiff
path: root/lib/api/events.rb
blob: 6e0b508be1993ee0118323922113b2745ccece25 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
# frozen_string_literal: true

module API
  class Events < Grape::API
    include PaginationParams
    include APIGuard

    helpers do
      params :event_filter_params do
        optional :action, type: String, values: Event.actions, desc: 'Event action to filter on'
        optional :target_type, type: String, values: Event.target_types, desc: 'Event target type to filter on'
        optional :before, type: Date, desc: 'Include only events created before this date'
        optional :after, type: Date, desc: 'Include only events created after this date'
      end

      params :sort_params do
        optional :sort, type: String, values: %w[asc desc], default: 'desc',
                        desc: 'Return events sorted in ascending and descending order'
      end

      RedactedEvent = OpenStruct.new(target_title: 'Confidential event').freeze

      def redact_events(events)
        events.map do |event|
          if event.visible_to_user?(current_user)
            event
          else
            RedactedEvent
          end
        end
      end

      # rubocop: disable CodeReuse/ActiveRecord
      def present_events(events, redact: true)
        events = events.reorder(created_at: params[:sort])
                 .with_associations

        events = paginate(events)
        events = redact_events(events) if redact

        present events, with: Entities::Event
      end
      # rubocop: enable CodeReuse/ActiveRecord
    end

    resource :events do
      allow_access_with_scope :read_user, if: -> (request) { request.get? }

      desc "List currently authenticated user's events" do
        detail 'This feature was introduced in GitLab 9.3.'
        success Entities::Event
      end
      params do
        use :pagination
        use :event_filter_params
        use :sort_params
      end
      # rubocop: disable CodeReuse/ActiveRecord
      get do
        authenticate!

        events = EventsFinder.new(params.merge(source: current_user, current_user: current_user)).execute.preload(:author, :target)

        # Since we're viewing our own events, redaction is unnecessary
        present_events(events, redact: false)
      end
      # rubocop: enable CodeReuse/ActiveRecord
    end

    params do
      requires :id, type: String, desc: 'The ID or Username of the user'
    end
    resource :users do
      allow_access_with_scope :read_user, if: -> (request) { request.get? }

      desc 'Get the contribution events of a specified user' do
        detail 'This feature was introduced in GitLab 8.13.'
        success Entities::Event
      end
      params do
        use :pagination
        use :event_filter_params
        use :sort_params
      end
      # rubocop: disable CodeReuse/ActiveRecord
      get ':id/events' do
        user = find_user(params[:id])
        not_found!('User') unless user

        events = EventsFinder.new(params.merge(source: user, current_user: current_user)).execute.preload(:author, :target)

        present_events(events)
      end
      # rubocop: enable CodeReuse/ActiveRecord
    end

    params do
      requires :id, type: String, desc: 'The ID of a project'
    end
    resource :projects, requirements: API::PROJECT_ENDPOINT_REQUIREMENTS do
      desc "List a Project's visible events" do
        success Entities::Event
      end
      params do
        use :pagination
        use :event_filter_params
        use :sort_params
      end
      # rubocop: disable CodeReuse/ActiveRecord
      get ":id/events" do
        events = EventsFinder.new(params.merge(source: user_project, current_user: current_user)).execute.preload(:author, :target)

        present_events(events)
      end
      # rubocop: enable CodeReuse/ActiveRecord
    end
  end
end