Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
b565f334
Commit
b565f334
authored
Sep 10, 2012
by
randx
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Auth for API
parent
80685596
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
27 additions
and
0 deletions
+27
-0
lib/api/helpers.rb
lib/api/helpers.rb
+16
-0
lib/api/issues.rb
lib/api/issues.rb
+2
-0
lib/api/milestones.rb
lib/api/milestones.rb
+2
-0
lib/api/projects.rb
lib/api/projects.rb
+7
-0
No files found.
lib/api/helpers.rb
View file @
b565f334
...
@@ -21,5 +21,21 @@ module Gitlab
...
@@ -21,5 +21,21 @@ module Gitlab
def
authenticate!
def
authenticate!
error!
({
'message'
=>
'401 Unauthorized'
},
401
)
unless
current_user
error!
({
'message'
=>
'401 Unauthorized'
},
401
)
unless
current_user
end
end
def
authorize!
action
,
subject
unless
abilities
.
allowed?
(
current_user
,
action
,
subject
)
error!
({
'message'
=>
'403 Forbidden'
},
403
)
end
end
private
def
abilities
@abilities
||=
begin
abilities
=
Six
.
new
abilities
<<
Ability
abilities
end
end
end
end
end
end
lib/api/issues.rb
View file @
b565f334
...
@@ -79,6 +79,8 @@ module Gitlab
...
@@ -79,6 +79,8 @@ module Gitlab
# PUT /projects/:id/issues/:issue_id
# PUT /projects/:id/issues/:issue_id
put
":id/issues/:issue_id"
do
put
":id/issues/:issue_id"
do
@issue
=
user_project
.
issues
.
find
(
params
[
:issue_id
])
@issue
=
user_project
.
issues
.
find
(
params
[
:issue_id
])
authorize!
:modify_issue
,
@issue
parameters
=
{
parameters
=
{
title:
(
params
[
:title
]
||
@issue
.
title
),
title:
(
params
[
:title
]
||
@issue
.
title
),
description:
(
params
[
:description
]
||
@issue
.
description
),
description:
(
params
[
:description
]
||
@issue
.
description
),
...
...
lib/api/milestones.rb
View file @
b565f334
...
@@ -61,6 +61,8 @@ module Gitlab
...
@@ -61,6 +61,8 @@ module Gitlab
# Example Request:
# Example Request:
# PUT /projects/:id/milestones/:milestone_id
# PUT /projects/:id/milestones/:milestone_id
put
":id/milestones/:milestone_id"
do
put
":id/milestones/:milestone_id"
do
authorize!
:admin_milestone
,
user_project
@milestone
=
user_project
.
milestones
.
find
(
params
[
:milestone_id
])
@milestone
=
user_project
.
milestones
.
find
(
params
[
:milestone_id
])
parameters
=
{
parameters
=
{
title:
(
params
[
:title
]
||
@milestone
.
title
),
title:
(
params
[
:title
]
||
@milestone
.
title
),
...
...
lib/api/projects.rb
View file @
b565f334
...
@@ -74,6 +74,7 @@ module Gitlab
...
@@ -74,6 +74,7 @@ module Gitlab
# Example Request:
# Example Request:
# POST /projects/:id/users
# POST /projects/:id/users
post
":id/users"
do
post
":id/users"
do
authorize!
:admin_project
,
user_project
user_project
.
add_users_ids_to_team
(
params
[
:user_ids
].
values
,
params
[
:project_access
])
user_project
.
add_users_ids_to_team
(
params
[
:user_ids
].
values
,
params
[
:project_access
])
nil
nil
end
end
...
@@ -87,6 +88,7 @@ module Gitlab
...
@@ -87,6 +88,7 @@ module Gitlab
# Example Request:
# Example Request:
# PUT /projects/:id/add_users
# PUT /projects/:id/add_users
put
":id/users"
do
put
":id/users"
do
authorize!
:admin_project
,
user_project
user_project
.
update_users_ids_to_role
(
params
[
:user_ids
].
values
,
params
[
:project_access
])
user_project
.
update_users_ids_to_role
(
params
[
:user_ids
].
values
,
params
[
:project_access
])
nil
nil
end
end
...
@@ -99,6 +101,7 @@ module Gitlab
...
@@ -99,6 +101,7 @@ module Gitlab
# Example Request:
# Example Request:
# DELETE /projects/:id/users
# DELETE /projects/:id/users
delete
":id/users"
do
delete
":id/users"
do
authorize!
:admin_project
,
user_project
user_project
.
delete_users_ids_from_team
(
params
[
:user_ids
].
values
)
user_project
.
delete_users_ids_from_team
(
params
[
:user_ids
].
values
)
nil
nil
end
end
...
@@ -186,6 +189,8 @@ module Gitlab
...
@@ -186,6 +189,8 @@ module Gitlab
# PUT /projects/:id/snippets/:snippet_id
# PUT /projects/:id/snippets/:snippet_id
put
":id/snippets/:snippet_id"
do
put
":id/snippets/:snippet_id"
do
@snippet
=
user_project
.
snippets
.
find
(
params
[
:snippet_id
])
@snippet
=
user_project
.
snippets
.
find
(
params
[
:snippet_id
])
authorize!
:modify_snippet
,
@snippet
parameters
=
{
parameters
=
{
title:
(
params
[
:title
]
||
@snippet
.
title
),
title:
(
params
[
:title
]
||
@snippet
.
title
),
file_name:
(
params
[
:file_name
]
||
@snippet
.
file_name
),
file_name:
(
params
[
:file_name
]
||
@snippet
.
file_name
),
...
@@ -209,6 +214,8 @@ module Gitlab
...
@@ -209,6 +214,8 @@ module Gitlab
# DELETE /projects/:id/snippets/:snippet_id
# DELETE /projects/:id/snippets/:snippet_id
delete
":id/snippets/:snippet_id"
do
delete
":id/snippets/:snippet_id"
do
@snippet
=
user_project
.
snippets
.
find
(
params
[
:snippet_id
])
@snippet
=
user_project
.
snippets
.
find
(
params
[
:snippet_id
])
authorize!
:modify_snippet
,
@snippet
@snippet
.
destroy
@snippet
.
destroy
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment