1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
# frozen_string_literal: true
module API
class RpmProjectPackages < ::API::Base
helpers ::API::Helpers::PackagesHelpers
helpers ::API::Helpers::Packages::BasicAuthHelpers
include ::API::Helpers::Authentication
feature_category :package_registry
before do
require_packages_enabled!
not_found! unless ::Feature.enabled?(:rpm_packages, authorized_user_project)
authorize_read_package!(authorized_user_project)
end
authenticate_with do |accept|
accept.token_types(:personal_access_token_with_username, :deploy_token_with_username, :job_token_with_username)
.sent_through(:http_basic_auth)
end
params do
requires :id, types: [String, Integer], desc: 'The ID or URL-encoded path of the project'
end
resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
namespace ':id/packages/rpm' do
desc 'Download repository metadata files' do
detail 'This feature was introduced in GitLab 15.7'
success code: 200
failure [
{ code: 401, message: 'Unauthorized' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[rpm_packages]
end
params do
requires :file_name, type: String, desc: 'Repository metadata file name'
end
get 'repodata/*file_name', requirements: { file_name: API::NO_SLASH_URL_PART_REGEX } do
authorize_read_package!(authorized_user_project)
repository_file = Packages::Rpm::RepositoryFile.find_by_project_id_and_file_name!(
authorized_user_project.id,
"#{params['file_name']}.#{params['format']}"
)
present_carrierwave_file!(repository_file.file)
end
desc 'Download RPM package files' do
detail 'This feature was introduced in GitLab 15.7'
failure [
{ code: 401, message: 'Unauthorized' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[rpm_packages]
end
params do
requires :package_file_id, type: Integer, desc: 'RPM package file id'
requires :file_name, type: String, desc: 'RPM package file name'
end
get '*package_file_id/*file_name', requirements: { file_name: API::NO_SLASH_URL_PART_REGEX } do
track_package_event(
'pull_package',
:rpm,
category: self.class.name,
project: authorized_user_project,
namespace: authorized_user_project.namespace
)
not_found!
end
desc 'Upload a RPM package' do
detail 'This feature was introduced in GitLab 15.7'
failure [
{ code: 400, message: 'Bad Request' },
{ code: 401, message: 'Unauthorized' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[rpm_packages]
end
post do
authorize_create_package!(authorized_user_project)
if authorized_user_project.actual_limits.exceeded?(:rpm_max_file_size, params[:file].size)
bad_request!('File is too large')
end
if Packages::Rpm::RepositoryFile.has_oversized_filelists?(project_id: authorized_user_project.id)
bad_request!('Repository packages limit exceeded')
end
track_package_event(
'push_package',
:rpm,
user: current_user,
category: self.class.name,
project: authorized_user_project,
namespace: authorized_user_project.namespace
)
not_found!
end
desc 'Authorize package upload from workhorse' do
detail 'This feature was introduced in GitLab 15.7'
failure [
{ code: 401, message: 'Unauthorized' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[rpm_packages]
end
post 'authorize' do
not_found!
end
end
end
end
end
|
