1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
|
module API
# groups API
class Groups < Grape::API
before { authenticate! }
resource :groups do
helpers do
def find_group(id)
group = Group.find(id)
if can?(current_user, :read_group, group)
group
else
render_api_error!("403 Forbidden - #{current_user.username} lacks sufficient access to #{group.name}", 403)
end
end
def validate_access_level?(level)
Gitlab::Access.options_with_owner.values.include? level.to_i
end
end
# Get a groups list
#
# Example Request:
# GET /groups
get do
if current_user.admin
@groups = paginate Group
else
@groups = paginate current_user.groups
end
present @groups, with: Entities::Group
end
# Create group. Available only for admin
#
# Parameters:
# name (required) - The name of the group
# path (required) - The path of the group
# Example Request:
# POST /groups
post do
authenticated_as_admin!
required_attributes! [:name, :path]
attrs = attributes_for_keys [:name, :path]
@group = Group.new(attrs)
@group.owner = current_user
if @group.save
present @group, with: Entities::Group
else
not_found!
end
end
# Get a single group, with containing projects
#
# Parameters:
# id (required) - The ID of a group
# Example Request:
# GET /groups/:id
get ":id" do
group = find_group(params[:id])
present group, with: Entities::GroupDetail
end
# Remove group
#
# Parameters:
# id (required) - The ID of a group
# Example Request:
# DELETE /groups/:id
delete ":id" do
group = find_group(params[:id])
authorize! :manage_group, group
group.destroy
end
# Transfer a project to the Group namespace
#
# Parameters:
# id - group id
# project_id - project id
# Example Request:
# POST /groups/:id/projects/:project_id
post ":id/projects/:project_id" do
authenticated_as_admin!
group = Group.find(params[:id])
project = Project.find(params[:project_id])
result = ::Projects::TransferService.new(project, current_user, namespace_id: group.id).execute
if result
present group
else
not_found!
end
end
# Get a list of group members viewable by the authenticated user.
#
# Example Request:
# GET /groups/:id/members
get ":id/members" do
group = find_group(params[:id])
members = group.users_groups
users = (paginate members).collect(&:user)
present users, with: Entities::GroupMember, group: group
end
# Add a user to the list of group members
#
# Parameters:
# id (required) - group id
# user_id (required) - the users id
# access_level (required) - Project access level
# Example Request:
# POST /groups/:id/members
post ":id/members" do
required_attributes! [:user_id, :access_level]
unless validate_access_level?(params[:access_level])
render_api_error!("Wrong access level", 422)
end
group = find_group(params[:id])
if group.users_groups.find_by(user_id: params[:user_id])
render_api_error!("Already exists", 409)
end
group.add_users([params[:user_id]], params[:access_level])
member = group.users_groups.find_by(user_id: params[:user_id])
present member.user, with: Entities::GroupMember, group: group
end
# Remove member.
#
# Parameters:
# id (required) - group id
# user_id (required) - the users id
#
# Example Request:
# DELETE /groups/:id/members/:user_id
delete ":id/members/:user_id" do
group = find_group(params[:id])
member = group.users_groups.find_by(user_id: params[:user_id])
if member.nil?
render_api_error!("404 Not Found - user_id:#{params[:user_id]} not a member of group #{group.name}",404)
else
member.destroy
end
end
end
end
end
|
