Commit 3a0c6dd9 authored by Stan Hu's avatar Stan Hu

Upgrade to Grape v1.3.3

This brings back many of the changes in
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/27276. This was
reverted due to some failures in the QA tests with nil parameters.

Grape v1.3.3 brings in Ruby 2.7 support and a number of fixes:
https://github.com/ruby-grape/grape/blob/master/CHANGELOG.md

1. Move all inherited `Grape::API` -> `Grape::API::Instance`
2. Remove use of Virtus since this has been removed from Grape.
3. Extract `Rack::Response` from API error
4. Grape v1.2.3 pulled in a fix used in `SafeFile`:
https://github.com/ruby-grape/grape/pull/1844, so we no longer need
to maintain our custom type.
5. Adapt `WorkhorseFile` with the latest changes to make custom types
work with Grape and dry-types.
6. Ensure `Array[String]` is coerced properly.

The change from Virtus to dry-types now requires all strings to be
coerced to arrays. Before this was done within Virtus.

7. Coerce `Array[Integer]` types to arrays of integers

8. Use a new helper, `coerce_nil_params_to_array!`, that coerces nil
Array inputs to empty arrays to preserve previous behavior.

If you have a parameter of type `Array[String]`, for example, Grape used
to coerce a provided `nil` value to `[]`. Grape no longer does this for
us, so we need a helper method that will automatically do this if the
parameter is present.

This merge request also introduces two Rubocop rules for Grape v1.3:

1. `Grape::API::Instance` instead of `Grape::API` is required, unless we
solve https://gitlab.com/gitlab-org/gitlab/-/issues/215230.

2. Grape parameters defined with `Array` types (e.g. `Array[String]`,
`Array[Integer]`) must have a `coerce_with` block or they will fail to
parse properly. See
https://github.com/ruby-grape/grape/blob/master/UPGRADING.md for more
details.
parent d997e1e1
...@@ -308,6 +308,18 @@ Gitlab/Union: ...@@ -308,6 +308,18 @@ Gitlab/Union:
- 'spec/**/*' - 'spec/**/*'
- 'ee/spec/**/*' - 'ee/spec/**/*'
API/GrapeAPIInstance:
Enabled: true
Include:
- 'lib/**/api/**/*.rb'
- 'ee/**/api/**/*.rb'
API/GrapeArrayMissingCoerce:
Enabled: true
Include:
- 'lib/**/api/**/*.rb'
- 'ee/**/api/**/*.rb'
Cop/SidekiqOptionsQueue: Cop/SidekiqOptionsQueue:
Enabled: true Enabled: true
Exclude: Exclude:
......
...@@ -19,7 +19,7 @@ gem 'default_value_for', '~> 3.3.0' ...@@ -19,7 +19,7 @@ gem 'default_value_for', '~> 3.3.0'
gem 'pg', '~> 1.1' gem 'pg', '~> 1.1'
gem 'rugged', '~> 0.28' gem 'rugged', '~> 0.28'
gem 'grape-path-helpers', '~> 1.2' gem 'grape-path-helpers', '~> 1.3'
gem 'faraday', '~> 0.12' gem 'faraday', '~> 0.12'
gem 'marginalia', '~> 1.8.0' gem 'marginalia', '~> 1.8.0'
...@@ -81,7 +81,7 @@ gem 'gitlab_omniauth-ldap', '~> 2.1.1', require: 'omniauth-ldap' ...@@ -81,7 +81,7 @@ gem 'gitlab_omniauth-ldap', '~> 2.1.1', require: 'omniauth-ldap'
gem 'net-ldap' gem 'net-ldap'
# API # API
gem 'grape', '~> 1.1.0' gem 'grape', '~> 1.3.3'
gem 'grape-entity', '~> 0.7.1' gem 'grape-entity', '~> 0.7.1'
gem 'rack-cors', '~> 1.0.6', require: 'rack/cors' gem 'rack-cors', '~> 1.0.6', require: 'rack/cors'
......
...@@ -103,10 +103,6 @@ GEM ...@@ -103,10 +103,6 @@ GEM
aws-sdk-core (= 2.11.374) aws-sdk-core (= 2.11.374)
aws-sigv4 (1.1.0) aws-sigv4 (1.1.0)
aws-eventstream (~> 1.0, >= 1.0.2) aws-eventstream (~> 1.0, >= 1.0.2)
axiom-types (0.1.1)
descendants_tracker (~> 0.0.4)
ice_nine (~> 0.11.0)
thread_safe (~> 0.3, >= 0.3.1)
babosa (1.0.2) babosa (1.0.2)
base32 (0.3.2) base32 (0.3.2)
batch-loader (1.4.0) batch-loader (1.4.0)
...@@ -164,8 +160,6 @@ GEM ...@@ -164,8 +160,6 @@ GEM
nap nap
open4 (~> 1.3) open4 (~> 1.3)
coderay (1.1.2) coderay (1.1.2)
coercible (1.0.0)
descendants_tracker (~> 0.0.1)
colored2 (3.1.2) colored2 (3.1.2)
commonmarker (0.20.1) commonmarker (0.20.1)
ruby-enum (~> 0.5) ruby-enum (~> 0.5)
...@@ -221,8 +215,6 @@ GEM ...@@ -221,8 +215,6 @@ GEM
ruby-statistics (>= 2.1) ruby-statistics (>= 2.1)
thor (>= 0.19, < 2) thor (>= 0.19, < 2)
unicode_plot (>= 0.0.4, < 1.0.0) unicode_plot (>= 0.0.4, < 1.0.0)
descendants_tracker (0.0.4)
thread_safe (~> 0.3, >= 0.3.1)
device_detector (1.0.0) device_detector (1.0.0)
devise (4.7.1) devise (4.7.1)
bcrypt (~> 3.0) bcrypt (~> 3.0)
...@@ -249,6 +241,28 @@ GEM ...@@ -249,6 +241,28 @@ GEM
doorkeeper-openid_connect (1.6.3) doorkeeper-openid_connect (1.6.3)
doorkeeper (>= 5.0, < 5.2) doorkeeper (>= 5.0, < 5.2)
json-jwt (~> 1.6) json-jwt (~> 1.6)
dry-configurable (0.11.5)
concurrent-ruby (~> 1.0)
dry-core (~> 0.4, >= 0.4.7)
dry-equalizer (~> 0.2)
dry-container (0.7.2)
concurrent-ruby (~> 1.0)
dry-configurable (~> 0.1, >= 0.1.3)
dry-core (0.4.9)
concurrent-ruby (~> 1.0)
dry-equalizer (0.3.0)
dry-inflector (0.2.0)
dry-logic (1.0.6)
concurrent-ruby (~> 1.0)
dry-core (~> 0.2)
dry-equalizer (~> 0.2)
dry-types (1.4.0)
concurrent-ruby (~> 1.0)
dry-container (~> 0.3)
dry-core (~> 0.4, >= 0.4.4)
dry-equalizer (~> 0.3)
dry-inflector (~> 0.1, >= 0.1.2)
dry-logic (~> 1.0, >= 1.0.2)
ed25519 (1.2.4) ed25519 (1.2.4)
elasticsearch (6.8.0) elasticsearch (6.8.0)
elasticsearch-api (= 6.8.0) elasticsearch-api (= 6.8.0)
...@@ -439,19 +453,19 @@ GEM ...@@ -439,19 +453,19 @@ GEM
signet (~> 0.14) signet (~> 0.14)
gpgme (2.0.20) gpgme (2.0.20)
mini_portile2 (~> 2.3) mini_portile2 (~> 2.3)
grape (1.1.0) grape (1.3.3)
activesupport activesupport
builder builder
dry-types (>= 1.1)
mustermann-grape (~> 1.0.0) mustermann-grape (~> 1.0.0)
rack (>= 1.3.0) rack (>= 1.3.0)
rack-accept rack-accept
virtus (>= 1.0.0)
grape-entity (0.7.1) grape-entity (0.7.1)
activesupport (>= 4.0) activesupport (>= 4.0)
multi_json (>= 1.3.2) multi_json (>= 1.3.2)
grape-path-helpers (1.2.0) grape-path-helpers (1.3.0)
activesupport activesupport
grape (~> 1.0) grape (~> 1.3)
rake (~> 12) rake (~> 12)
grape_logging (1.8.3) grape_logging (1.8.3)
grape grape
...@@ -642,9 +656,10 @@ GEM ...@@ -642,9 +656,10 @@ GEM
multi_xml (0.6.0) multi_xml (0.6.0)
multipart-post (2.1.1) multipart-post (2.1.1)
murmurhash3 (0.1.6) murmurhash3 (0.1.6)
mustermann (1.0.3) mustermann (1.1.1)
mustermann-grape (1.0.0) ruby2_keywords (~> 0.0.1)
mustermann (~> 1.0.0) mustermann-grape (1.0.1)
mustermann (>= 1.0.0)
nakayoshi_fork (0.0.4) nakayoshi_fork (0.0.4)
nap (1.1.0) nap (1.1.0)
nenv (0.3.0) nenv (0.3.0)
...@@ -959,6 +974,7 @@ GEM ...@@ -959,6 +974,7 @@ GEM
ruby-saml (1.7.2) ruby-saml (1.7.2)
nokogiri (>= 1.5.10) nokogiri (>= 1.5.10)
ruby-statistics (2.1.2) ruby-statistics (2.1.2)
ruby2_keywords (0.0.2)
ruby_dep (1.5.0) ruby_dep (1.5.0)
ruby_parser (3.13.1) ruby_parser (3.13.1)
sexp_processor (~> 4.9) sexp_processor (~> 4.9)
...@@ -1122,11 +1138,6 @@ GEM ...@@ -1122,11 +1138,6 @@ GEM
activerecord (>= 3.0) activerecord (>= 3.0)
activesupport (>= 3.0) activesupport (>= 3.0)
version_sorter (2.2.4) version_sorter (2.2.4)
virtus (1.0.5)
axiom-types (~> 0.1)
coercible (~> 1.0)
descendants_tracker (~> 0.0, >= 0.0.3)
equalizer (~> 0.0, >= 0.0.9)
vmstat (2.3.0) vmstat (2.3.0)
warden (1.2.8) warden (1.2.8)
rack (>= 2.0.6) rack (>= 2.0.6)
...@@ -1257,9 +1268,9 @@ DEPENDENCIES ...@@ -1257,9 +1268,9 @@ DEPENDENCIES
google-api-client (~> 0.33) google-api-client (~> 0.33)
google-protobuf (~> 3.8.0) google-protobuf (~> 3.8.0)
gpgme (~> 2.0.19) gpgme (~> 2.0.19)
grape (~> 1.1.0) grape (~> 1.3.3)
grape-entity (~> 0.7.1) grape-entity (~> 0.7.1)
grape-path-helpers (~> 1.2) grape-path-helpers (~> 1.3)
grape_logging (~> 1.7) grape_logging (~> 1.7)
graphiql-rails (~> 1.4.10) graphiql-rails (~> 1.4.10)
graphql (~> 1.10.5) graphql (~> 1.10.5)
......
---
title: Upgrade Grape v1.1.0 to v1.3.3
merge_request: 33450
author:
type: other
...@@ -98,6 +98,46 @@ For instance: ...@@ -98,6 +98,46 @@ For instance:
Model.create(foo: params[:foo]) Model.create(foo: params[:foo])
``` ```
## Array types
With Grape v1.3+, Array types must be defined with a `coerce_with`
block, or parameters will fail to validate when passed a string from an
API request. See the [Grape upgrading
documentation](https://github.com/ruby-grape/grape/blob/master/UPGRADING.md#ensure-that-array-types-have-explicit-coercions)
for more details.
### Automatic coercion of nil inputs
Prior to Grape v1.3.3, Array parameters with `nil` values would
automatically be coerced to an empty Array. However, due to [this pull
request in v1.3.3](https://github.com/ruby-grape/grape/pull/2040), this
is no longer the case. For example, suppose you define a PUT `/test`
request that has an optional parameter:
```ruby
optional :user_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The user ids for this rule'
```
Normally, a request to PUT `/test?user_ids` would cause Grape to pass
`params` of `{ user_ids: nil }`.
This may introduce errors with endpoints that expect a blank array and
do not handle `nil` inputs properly. To preserve the previous behavior,
there is a helper method `coerce_nil_params_to_array!` that is used
in the `before` block of all API calls:
```ruby
before do
coerce_nil_params_to_array!
end
```
With this change, a request to PUT `/test?user_ids` will cause Grape to
pass `params` to be `{ user_ids: [] }`.
There is [an open issue in the Grape tracker](https://github.com/ruby-grape/grape/issues/2068)
to make this easier.
## Using HTTP status helpers ## Using HTTP status helpers
For non-200 HTTP responses, use the provided helpers in `lib/api/helpers.rb` to ensure correct behavior (`not_found!`, `no_content!` etc.). These will `throw` inside Grape and abort the execution of your endpoint. For non-200 HTTP responses, use the provided helpers in `lib/api/helpers.rb` to ensure correct behavior (`not_found!`, `no_content!` etc.). These will `throw` inside Grape and abort the execution of your endpoint.
......
...@@ -512,12 +512,12 @@ do that, so we'll follow regular object-oriented practices that we define the ...@@ -512,12 +512,12 @@ do that, so we'll follow regular object-oriented practices that we define the
interface first here. interface first here.
For example, suppose we have a few more optional parameters for EE. We can move the For example, suppose we have a few more optional parameters for EE. We can move the
parameters out of the `Grape::API` class to a helper module, so we can inject it parameters out of the `Grape::API::Instance` class to a helper module, so we can inject it
before it would be used in the class. before it would be used in the class.
```ruby ```ruby
module API module API
class Projects < Grape::API class Projects < Grape::API::Instance
helpers Helpers::ProjectsHelpers helpers Helpers::ProjectsHelpers
end end
end end
...@@ -578,7 +578,7 @@ class definition to make it easy and clear: ...@@ -578,7 +578,7 @@ class definition to make it easy and clear:
```ruby ```ruby
module API module API
class JobArtifacts < Grape::API class JobArtifacts < Grape::API::Instance
# EE::API::JobArtifacts would override the following helpers # EE::API::JobArtifacts would override the following helpers
helpers do helpers do
def authorize_download_artifacts! def authorize_download_artifacts!
...@@ -622,7 +622,7 @@ route. Something like this: ...@@ -622,7 +622,7 @@ route. Something like this:
```ruby ```ruby
module API module API
class MergeRequests < Grape::API class MergeRequests < Grape::API::Instance
helpers do helpers do
# EE::API::MergeRequests would override the following helpers # EE::API::MergeRequests would override the following helpers
def update_merge_request_ee(merge_request) def update_merge_request_ee(merge_request)
...@@ -691,7 +691,7 @@ least argument. We would approach this as follows: ...@@ -691,7 +691,7 @@ least argument. We would approach this as follows:
```ruby ```ruby
# api/merge_requests/parameters.rb # api/merge_requests/parameters.rb
module API module API
class MergeRequests < Grape::API class MergeRequests < Grape::API::Instance
module Parameters module Parameters
def self.update_params_at_least_one_of def self.update_params_at_least_one_of
%i[ %i[
...@@ -707,7 +707,7 @@ API::MergeRequests::Parameters.prepend_if_ee('EE::API::MergeRequests::Parameters ...@@ -707,7 +707,7 @@ API::MergeRequests::Parameters.prepend_if_ee('EE::API::MergeRequests::Parameters
# api/merge_requests.rb # api/merge_requests.rb
module API module API
class MergeRequests < Grape::API class MergeRequests < Grape::API::Instance
params do params do
at_least_one_of(*Parameters.update_params_at_least_one_of) at_least_one_of(*Parameters.update_params_at_least_one_of)
end end
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
module API module API
module Analytics module Analytics
class CodeReviewAnalytics < Grape::API class CodeReviewAnalytics < Grape::API::Instance
include PaginationParams include PaginationParams
helpers do helpers do
...@@ -24,7 +24,7 @@ module API ...@@ -24,7 +24,7 @@ module API
end end
params :negatable_params do params :negatable_params do
optional :label_name, type: Array, desc: 'Array of label names to filter by' optional :label_name, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'Array of label names to filter by'
optional :milestone_title, type: String, desc: 'Milestone title to filter by' optional :milestone_title, type: String, desc: 'Milestone title to filter by'
end end
end end
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
module API module API
module Analytics module Analytics
class GroupActivityAnalytics < Grape::API class GroupActivityAnalytics < Grape::API::Instance
DESCRIPTION_DETAIL = DESCRIPTION_DETAIL =
'This feature is gated by the `:group_activity_analytics`'\ 'This feature is gated by the `:group_activity_analytics`'\
' feature flag, introduced in GitLab 12.9.' ' feature flag, introduced in GitLab 12.9.'
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class AuditEvents < ::Grape::API class AuditEvents < ::Grape::API::Instance
include ::API::PaginationParams include ::API::PaginationParams
before do before do
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
# PHP composer support (https://getcomposer.org/) # PHP composer support (https://getcomposer.org/)
module API module API
class ComposerPackages < Grape::API class ComposerPackages < Grape::API::Instance
helpers ::API::Helpers::PackagesManagerClientsHelpers helpers ::API::Helpers::PackagesManagerClientsHelpers
helpers ::API::Helpers::RelatedResourcesHelpers helpers ::API::Helpers::RelatedResourcesHelpers
helpers ::API::Helpers::Packages::BasicAuthHelpers helpers ::API::Helpers::Packages::BasicAuthHelpers
......
...@@ -9,7 +9,7 @@ ...@@ -9,7 +9,7 @@
# #
# Technical debt: https://gitlab.com/gitlab-org/gitlab/issues/35798 # Technical debt: https://gitlab.com/gitlab-org/gitlab/issues/35798
module API module API
class ConanPackages < Grape::API class ConanPackages < Grape::API::Instance
helpers ::API::Helpers::PackagesManagerClientsHelpers helpers ::API::Helpers::PackagesManagerClientsHelpers
PACKAGE_REQUIREMENTS = { PACKAGE_REQUIREMENTS = {
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Dependencies < Grape::API class Dependencies < Grape::API::Instance
helpers do helpers do
def dependencies_by(params) def dependencies_by(params)
pipeline = ::Security::ReportFetchService.new(user_project, ::Ci::JobArtifact.dependency_list_reports).pipeline pipeline = ::Security::ReportFetchService.new(user_project, ::Ci::JobArtifact.dependency_list_reports).pipeline
...@@ -12,9 +12,7 @@ module API ...@@ -12,9 +12,7 @@ module API
end end
end end
before do before { authenticate! }
authenticate!
end
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
...@@ -28,6 +26,7 @@ module API ...@@ -28,6 +26,7 @@ module API
params do params do
optional :package_manager, optional :package_manager,
type: Array[String], type: Array[String],
coerce_with: Validations::Types::CommaSeparatedToArray.coerce,
desc: "Returns dependencies belonging to specified package managers: #{::Security::DependencyListService::FILTER_PACKAGE_MANAGERS_VALUES.join(', ')}.", desc: "Returns dependencies belonging to specified package managers: #{::Security::DependencyListService::FILTER_PACKAGE_MANAGERS_VALUES.join(', ')}.",
values: ::Security::DependencyListService::FILTER_PACKAGE_MANAGERS_VALUES values: ::Security::DependencyListService::FILTER_PACKAGE_MANAGERS_VALUES
end end
...@@ -37,7 +36,8 @@ module API ...@@ -37,7 +36,8 @@ module API
track_event('view_dependencies') track_event('view_dependencies')
dependencies = dependencies_by(declared_params.merge(project: user_project)) dependency_params = declared_params(include_missing: false).merge(project: user_project)
dependencies = dependencies_by(dependency_params)
present dependencies, with: ::EE::API::Entities::Dependency, user: current_user, project: user_project present dependencies, with: ::EE::API::Entities::Dependency, user: current_user, project: user_project
end end
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class DependencyProxy < Grape::API class DependencyProxy < Grape::API::Instance
helpers ::API::Helpers::PackagesHelpers helpers ::API::Helpers::PackagesHelpers
helpers do helpers do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class ElasticsearchIndexedNamespaces < Grape::API class ElasticsearchIndexedNamespaces < Grape::API::Instance
before { authenticated_as_admin! } before { authenticated_as_admin! }
resource :elasticsearch_indexed_namespaces do resource :elasticsearch_indexed_namespaces do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class EpicIssues < Grape::API class EpicIssues < Grape::API::Instance
before do before do
authenticate! authenticate!
authorize_epics_feature! authorize_epics_feature!
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class EpicLinks < Grape::API class EpicLinks < Grape::API::Instance
include ::Gitlab::Utils::StrongMemoize include ::Gitlab::Utils::StrongMemoize
before do before do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Epics < Grape::API class Epics < Grape::API::Instance
include PaginationParams include PaginationParams
before do before do
...@@ -28,7 +28,7 @@ module API ...@@ -28,7 +28,7 @@ module API
optional :state, type: String, values: %w[opened closed all], default: 'all', optional :state, type: String, values: %w[opened closed all], default: 'all',
desc: 'Return opened, closed, or all epics' desc: 'Return opened, closed, or all epics'
optional :author_id, type: Integer, desc: 'Return epics which are authored by the user with the given ID' optional :author_id, type: Integer, desc: 'Return epics which are authored by the user with the given ID'
optional :labels, type: Array[String], coerce_with: Validations::Types::LabelsList.coerce, desc: 'Comma-separated list of label names' optional :labels, type: Array[String], coerce_with: Validations::Types::CommaSeparatedToArray.coerce, desc: 'Comma-separated list of label names'
optional :with_labels_details, type: Boolean, desc: 'Return titles of labels and other details', default: false optional :with_labels_details, type: Boolean, desc: 'Return titles of labels and other details', default: false
optional :created_after, type: DateTime, desc: 'Return epics created after the specified time' optional :created_after, type: DateTime, desc: 'Return epics created after the specified time'
optional :created_before, type: DateTime, desc: 'Return epics created before the specified time' optional :created_before, type: DateTime, desc: 'Return epics created before the specified time'
...@@ -70,7 +70,7 @@ module API ...@@ -70,7 +70,7 @@ module API
optional :start_date_is_fixed, type: Boolean, desc: 'Indicates start date should be sourced from start_date_fixed field not the issue milestones' optional :start_date_is_fixed, type: Boolean, desc: 'Indicates start date should be sourced from start_date_fixed field not the issue milestones'
optional :end_date, as: :due_date_fixed, type: String, desc: 'The due date of an epic' optional :end_date, as: :due_date_fixed, type: String, desc: 'The due date of an epic'
optional :due_date_is_fixed, type: Boolean, desc: 'Indicates due date should be sourced from due_date_fixed field not the issue milestones' optional :due_date_is_fixed, type: Boolean, desc: 'Indicates due date should be sourced from due_date_fixed field not the issue milestones'
optional :labels, type: Array[String], coerce_with: Validations::Types::LabelsList.coerce, desc: 'Comma-separated list of label names' optional :labels, type: Array[String], coerce_with: Validations::Types::CommaSeparatedToArray.coerce, desc: 'Comma-separated list of label names'
optional :parent_id, type: Integer, desc: 'The id of a parent epic' optional :parent_id, type: Integer, desc: 'The id of a parent epic'
end end
post ':id/(-/)epics' do post ':id/(-/)epics' do
...@@ -96,7 +96,7 @@ module API ...@@ -96,7 +96,7 @@ module API
optional :start_date_is_fixed, type: Boolean, desc: 'Indicates start date should be sourced from start_date_fixed field not the issue milestones' optional :start_date_is_fixed, type: Boolean, desc: 'Indicates start date should be sourced from start_date_fixed field not the issue milestones'
optional :end_date, as: :due_date_fixed, type: String, desc: 'The due date of an epic' optional :end_date, as: :due_date_fixed, type: String, desc: 'The due date of an epic'
optional :due_date_is_fixed, type: Boolean, desc: 'Indicates due date should be sourced from due_date_fixed field not the issue milestones' optional :due_date_is_fixed, type: Boolean, desc: 'Indicates due date should be sourced from due_date_fixed field not the issue milestones'
optional :labels, type: Array[String], coerce_with: Validations::Types::LabelsList.coerce, desc: 'Comma-separated list of label names' optional :labels, type: Array[String], coerce_with: Validations::Types::CommaSeparatedToArray.coerce, desc: 'Comma-separated list of label names'
optional :state_event, type: String, values: %w[reopen close], desc: 'State event for an epic' optional :state_event, type: String, values: %w[reopen close], desc: 'State event for an epic'
at_least_one_of :title, :description, :start_date_fixed, :start_date_is_fixed, :due_date_fixed, :due_date_is_fixed, :labels, :state_event, :confidential at_least_one_of :title, :description, :start_date_fixed, :start_date_is_fixed, :due_date_fixed, :due_date_is_fixed, :labels, :state_event, :confidential
end end
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class FeatureFlagScopes < Grape::API class FeatureFlagScopes < Grape::API::Instance
include PaginationParams include PaginationParams
ENVIRONMENT_SCOPE_ENDPOINT_REQUIREMENTS = FeatureFlags::FEATURE_FLAG_ENDPOINT_REQUIREMENTS ENVIRONMENT_SCOPE_ENDPOINT_REQUIREMENTS = FeatureFlags::FEATURE_FLAG_ENDPOINT_REQUIREMENTS
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class FeatureFlags < Grape::API class FeatureFlags < Grape::API::Instance
include PaginationParams include PaginationParams
FEATURE_FLAG_ENDPOINT_REQUIREMENTS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS FEATURE_FLAG_ENDPOINT_REQUIREMENTS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class FeatureFlagsUserLists < Grape::API class FeatureFlagsUserLists < Grape::API::Instance
include PaginationParams include PaginationParams
error_formatter :json, -> (message, _backtrace, _options, _env, _original_exception) { error_formatter :json, -> (message, _backtrace, _options, _env, _original_exception) {
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
require 'base64' require 'base64'
module API module API
class Geo < Grape::API class Geo < Grape::API::Instance
resource :geo do resource :geo do
helpers do helpers do
def sanitized_node_status_params def sanitized_node_status_params
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class GeoNodes < Grape::API class GeoNodes < Grape::API::Instance
include PaginationParams include PaginationParams
include APIGuard include APIGuard
include ::Gitlab::Utils::StrongMemoize include ::Gitlab::Utils::StrongMemoize
before { authenticate_admin_or_geo_node! } before do
authenticate_admin_or_geo_node!
end
helpers do helpers do
def authenticate_admin_or_geo_node! def authenticate_admin_or_geo_node!
...@@ -45,8 +47,8 @@ module API ...@@ -45,8 +47,8 @@ module API
optional :container_repositories_max_capacity, type: Integer, desc: 'Control the maximum concurrency of container repository sync for this node. Defaults to 10.' optional :container_repositories_max_capacity, type: Integer, desc: 'Control the maximum concurrency of container repository sync for this node. Defaults to 10.'
optional :sync_object_storage, type: Boolean, desc: 'Flag indicating if the secondary Geo node will replicate blobs in Object Storage. Defaults to false.' optional :sync_object_storage, type: Boolean, desc: 'Flag indicating if the secondary Geo node will replicate blobs in Object Storage. Defaults to false.'
optional :selective_sync_type, type: String, desc: 'Limit syncing to only specific groups, or shards. Valid values: `"namespaces"`, `"shards"`, or `null`' optional :selective_sync_type, type: String, desc: 'Limit syncing to only specific groups, or shards. Valid values: `"namespaces"`, `"shards"`, or `null`'
optional :selective_sync_shards, type: Array, desc: 'The repository storages whose projects should be synced, if `selective_sync_type` == `shards`' optional :selective_sync_shards, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'The repository storages whose projects should be synced, if `selective_sync_type` == `shards`'
optional :selective_sync_namespace_ids, as: :namespace_ids, type: Array, desc: 'The IDs of groups that should be synced, if `selective_sync_type` == `namespaces`' optional :selective_sync_namespace_ids, as: :namespace_ids, type: Array[Integer], coerce_with: Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The IDs of groups that should be synced, if `selective_sync_type` == `namespaces`'
optional :minimum_reverification_interval, type: Integer, desc: 'The interval (in days) in which the repository verification is valid. Once expired, it will be reverified. This has no effect when set on a secondary node.' optional :minimum_reverification_interval, type: Integer, desc: 'The interval (in days) in which the repository verification is valid. Once expired, it will be reverified. This has no effect when set on a secondary node.'
end end
post do post do
...@@ -201,8 +203,8 @@ module API ...@@ -201,8 +203,8 @@ module API
optional :container_repositories_max_capacity, type: Integer, desc: 'Control the maximum concurrency of container repository sync for this node' optional :container_repositories_max_capacity, type: Integer, desc: 'Control the maximum concurrency of container repository sync for this node'
optional :sync_object_storage, type: Boolean, desc: 'Flag indicating if the secondary Geo node will replicate blobs in Object Storage' optional :sync_object_storage, type: Boolean, desc: 'Flag indicating if the secondary Geo node will replicate blobs in Object Storage'
optional :selective_sync_type, type: String, desc: 'Limit syncing to only specific groups, or shards. Valid values: `"namespaces"`, `"shards"`, or `null`' optional :selective_sync_type, type: String, desc: 'Limit syncing to only specific groups, or shards. Valid values: `"namespaces"`, `"shards"`, or `null`'
optional :selective_sync_shards, type: Array, desc: 'The repository storages whose projects should be synced, if `selective_sync_type` == `shards`' optional :selective_sync_shards, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'The repository storages whose projects should be synced, if `selective_sync_type` == `shards`'
optional :selective_sync_namespace_ids, as: :namespace_ids, type: Array, desc: 'The IDs of groups that should be synced, if `selective_sync_type` == `namespaces`' optional :selective_sync_namespace_ids, as: :namespace_ids, type: Array[Integer], coerce_with: Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The IDs of groups that should be synced, if `selective_sync_type` == `namespaces`'
optional :minimum_reverification_interval, type: Integer, desc: 'The interval (in days) in which the repository verification is valid. Once expired, it will be reverified. This has no effect when set on a secondary node.' optional :minimum_reverification_interval, type: Integer, desc: 'The interval (in days) in which the repository verification is valid. Once expired, it will be reverified. This has no effect when set on a secondary node.'
end end
put do put do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class GeoReplication < Grape::API class GeoReplication < Grape::API::Instance
include PaginationParams include PaginationParams
include APIGuard include APIGuard
include ::Gitlab::Utils::StrongMemoize include ::Gitlab::Utils::StrongMemoize
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class GoProxy < Grape::API class GoProxy < Grape::API::Instance
helpers Gitlab::Golang helpers Gitlab::Golang
helpers ::API::Helpers::PackagesHelpers helpers ::API::Helpers::PackagesHelpers
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class GroupHooks < Grape::API class GroupHooks < Grape::API::Instance
include ::API::PaginationParams include ::API::PaginationParams
before { authenticate! } before { authenticate! }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class GroupPackages < Grape::API class GroupPackages < Grape::API::Instance
include PaginationParams include PaginationParams
before do before do
......
...@@ -5,24 +5,22 @@ module API ...@@ -5,24 +5,22 @@ module API
module ProjectApprovalRulesHelpers module ProjectApprovalRulesHelpers
extend Grape::API::Helpers extend Grape::API::Helpers
ARRAY_COERCION_LAMBDA = ->(val) { val.empty? ? [] : Array.wrap(val) }
params :create_project_approval_rule do params :create_project_approval_rule do
requires :name, type: String, desc: 'The name of the approval rule' requires :name, type: String, desc: 'The name of the approval rule'
requires :approvals_required, type: Integer, desc: 'The number of required approvals for this rule' requires :approvals_required, type: Integer, desc: 'The number of required approvals for this rule'
optional :rule_type, type: String, desc: 'The type of approval rule' optional :rule_type, type: String, desc: 'The type of approval rule'
optional :users, as: :user_ids, type: Array, coerce_with: ARRAY_COERCION_LAMBDA, desc: 'The user ids for this rule' optional :users, as: :user_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The user ids for this rule'
optional :groups, as: :group_ids, type: Array, coerce_with: ARRAY_COERCION_LAMBDA, desc: 'The group ids for this rule' optional :groups, as: :group_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The group ids for this rule'
optional :protected_branch_ids, type: Array, coerce_with: ARRAY_COERCION_LAMBDA, desc: 'The protected branch ids for this rule' optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule'
end end
params :update_project_approval_rule do params :update_project_approval_rule do
requires :approval_rule_id, type: Integer, desc: 'The ID of an approval_rule' requires :approval_rule_id, type: Integer, desc: 'The ID of an approval_rule'
optional :name, type: String, desc: 'The name of the approval rule' optional :name, type: String, desc: 'The name of the approval rule'
optional :approvals_required, type: Integer, desc: 'The number of required approvals for this rule' optional :approvals_required, type: Integer, desc: 'The number of required approvals for this rule'
optional :users, as: :user_ids, type: Array, coerce_with: ARRAY_COERCION_LAMBDA, desc: 'The user ids for this rule' optional :users, as: :user_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The user ids for this rule'
optional :groups, as: :group_ids, type: Array, coerce_with: ARRAY_COERCION_LAMBDA, desc: 'The group ids for this rule' optional :groups, as: :group_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The group ids for this rule'
optional :protected_branch_ids, type: Array, coerce_with: ARRAY_COERCION_LAMBDA, desc: 'The protected branch ids for this rule' optional :protected_branch_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The protected branch ids for this rule'
optional :remove_hidden_groups, type: Boolean, desc: 'Whether hidden groups should be removed' optional :remove_hidden_groups, type: Boolean, desc: 'Whether hidden groups should be removed'
end end
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class IssueLinks < Grape::API class IssueLinks < Grape::API::Instance
include PaginationParams include PaginationParams
before { authenticate! } before { authenticate! }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Ldap < Grape::API class Ldap < Grape::API::Instance
# Admin users by default should be able to access these API endpoints. # Admin users by default should be able to access these API endpoints.
# However, non-admin users can access these endpoints if the "Allow group # However, non-admin users can access these endpoints if the "Allow group
# owners to manage LDAP-related group settings" is enabled, and they own a # owners to manage LDAP-related group settings" is enabled, and they own a
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class LdapGroupLinks < Grape::API class LdapGroupLinks < Grape::API::Instance
before { authenticate! } before { authenticate! }
params do params do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class License < Grape::API class License < Grape::API::Instance
before { authenticated_as_admin! } before { authenticated_as_admin! }
resource :license do resource :license do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class ManagedLicenses < Grape::API class ManagedLicenses < Grape::API::Instance
include PaginationParams include PaginationParams
before { authenticate! unless route.settings[:skip_authentication] } before { authenticate! unless route.settings[:skip_authentication] }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class MavenPackages < Grape::API class MavenPackages < Grape::API::Instance
MAVEN_ENDPOINT_REQUIREMENTS = { MAVEN_ENDPOINT_REQUIREMENTS = {
file_name: API::NO_SLASH_URL_PART_REGEX file_name: API::NO_SLASH_URL_PART_REGEX
}.freeze }.freeze
......
...@@ -4,8 +4,6 @@ module API ...@@ -4,8 +4,6 @@ module API
class MergeRequestApprovalRules < ::Grape::API class MergeRequestApprovalRules < ::Grape::API
before { authenticate_non_get! } before { authenticate_non_get! }
ARRAY_COERCION_LAMBDA = ->(val) { val.empty? ? [] : Array.wrap(val) }
helpers do helpers do
def find_merge_request_approval_rule(merge_request, id) def find_merge_request_approval_rule(merge_request, id)
merge_request.approval_rules.find_by_id!(id) merge_request.approval_rules.find_by_id!(id)
...@@ -34,8 +32,8 @@ module API ...@@ -34,8 +32,8 @@ module API
requires :name, type: String, desc: 'The name of the approval rule' requires :name, type: String, desc: 'The name of the approval rule'
requires :approvals_required, type: Integer, desc: 'The number of required approvals for this rule' requires :approvals_required, type: Integer, desc: 'The number of required approvals for this rule'
optional :approval_project_rule_id, type: Integer, desc: 'The ID of a project-level approval rule' optional :approval_project_rule_id, type: Integer, desc: 'The ID of a project-level approval rule'
optional :user_ids, type: Array, coerce_with: ARRAY_COERCION_LAMBDA, desc: 'The user ids for this rule' optional :user_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The user ids for this rule'
optional :group_ids, type: Array, coerce_with: ARRAY_COERCION_LAMBDA, desc: 'The group ids for this rule' optional :group_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The group ids for this rule'
end end
post do post do
merge_request = find_merge_request_with_access(params[:merge_request_iid], :update_approvers) merge_request = find_merge_request_with_access(params[:merge_request_iid], :update_approvers)
...@@ -56,8 +54,8 @@ module API ...@@ -56,8 +54,8 @@ module API
requires :approval_rule_id, type: Integer, desc: 'The ID of an approval rule' requires :approval_rule_id, type: Integer, desc: 'The ID of an approval rule'
optional :name, type: String, desc: 'The name of the approval rule' optional :name, type: String, desc: 'The name of the approval rule'
optional :approvals_required, type: Integer, desc: 'The number of required approvals for this rule' optional :approvals_required, type: Integer, desc: 'The number of required approvals for this rule'
optional :user_ids, type: Array, coerce_with: ARRAY_COERCION_LAMBDA, desc: 'The user ids for this rule' optional :user_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The user ids for this rule'
optional :group_ids, type: Array, coerce_with: ARRAY_COERCION_LAMBDA, desc: 'The group ids for this rule' optional :group_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The group ids for this rule'
optional :remove_hidden_groups, type: Boolean, desc: 'Whether hidden groups should be removed' optional :remove_hidden_groups, type: Boolean, desc: 'Whether hidden groups should be removed'
end end
put do put do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class MergeRequestApprovals < ::Grape::API class MergeRequestApprovals < ::Grape::API::Instance
before { authenticate_non_get! } before { authenticate_non_get! }
ARRAY_COERCION_LAMBDA = ->(val) { val.empty? ? [] : Array.wrap(val) }
helpers do helpers do
def present_approval(merge_request) def present_approval(merge_request)
present merge_request.approval_state, with: ::EE::API::Entities::ApprovalState, current_user: current_user present merge_request.approval_state, with: ::EE::API::Entities::ApprovalState, current_user: current_user
...@@ -109,8 +107,10 @@ module API ...@@ -109,8 +107,10 @@ module API
success ::EE::API::Entities::ApprovalState success ::EE::API::Entities::ApprovalState
end end
params do params do
requires :approver_ids, type: Array[String], coerce_with: ARRAY_COERCION_LAMBDA, desc: 'Array of User IDs to set as approvers.' requires :approver_ids, type: Array[Integer], coerce_with: Validations::Types::CommaSeparatedToIntegerArray.coerce,
requires :approver_group_ids, type: Array[String], coerce_with: ARRAY_COERCION_LAMBDA, desc: 'Array of Group IDs to set as approvers.' desc: 'Array of User IDs to set as approvers.'
requires :approver_group_ids, type: Array[Integer], coerce_with: Validations::Types::CommaSeparatedToIntegerArray.coerce,
desc: 'Array of Group IDs to set as approvers.'
end end
put 'approvers' do put 'approvers' do
Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab/issues/8883') Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab/issues/8883')
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class MergeTrains < ::Grape::API class MergeTrains < ::Grape::API::Instance
include PaginationParams include PaginationParams
before do before do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class NpmPackages < Grape::API class NpmPackages < Grape::API::Instance
helpers ::API::Helpers::PackagesHelpers helpers ::API::Helpers::PackagesHelpers
helpers ::API::Helpers::Packages::DependencyProxyHelpers helpers ::API::Helpers::Packages::DependencyProxyHelpers
......
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
# called by the NuGet package manager client when users run commands # called by the NuGet package manager client when users run commands
# like `nuget install` or `nuget push`. # like `nuget install` or `nuget push`.
module API module API
class NugetPackages < Grape::API class NugetPackages < Grape::API::Instance
helpers ::API::Helpers::PackagesManagerClientsHelpers helpers ::API::Helpers::PackagesManagerClientsHelpers
helpers ::API::Helpers::Packages::BasicAuthHelpers helpers ::API::Helpers::Packages::BasicAuthHelpers
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class PackageFiles < Grape::API class PackageFiles < Grape::API::Instance
include PaginationParams include PaginationParams
before do before do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class ProjectAliases < Grape::API class ProjectAliases < Grape::API::Instance
include PaginationParams include PaginationParams
before { check_feature_availability } before { check_feature_availability }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class ProjectApprovalRules < ::Grape::API class ProjectApprovalRules < ::Grape::API::Instance
before { authenticate! } before { authenticate! }
helpers ::API::Helpers::ProjectApprovalRulesHelpers helpers ::API::Helpers::ProjectApprovalRulesHelpers
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class ProjectApprovalSettings < ::Grape::API class ProjectApprovalSettings < ::Grape::API::Instance
before { authenticate! } before { authenticate! }
helpers ::API::Helpers::ProjectApprovalRulesHelpers helpers ::API::Helpers::ProjectApprovalRulesHelpers
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class ProjectApprovals < ::Grape::API class ProjectApprovals < ::Grape::API::Instance
before { authenticate! } before { authenticate! }
before { authorize! :update_approvers, user_project } before { authorize! :update_approvers, user_project }
ARRAY_COERCION_LAMBDA = ->(val) { val.empty? ? [] : Array.wrap(val) }
helpers do helpers do
def filter_forbidden_param!(permission, param) def filter_forbidden_param!(permission, param)
unless can?(current_user, permission, user_project) unless can?(current_user, permission, user_project)
...@@ -67,8 +65,8 @@ module API ...@@ -67,8 +65,8 @@ module API
success EE::API::Entities::ApprovalSettings success EE::API::Entities::ApprovalSettings
end end
params do params do
requires :approver_ids, type: Array[String], coerce_with: ARRAY_COERCION_LAMBDA, desc: 'Array of User IDs to set as approvers.' requires :approver_ids, type: Array[Integer], coerce_with: Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'Array of User IDs to set as approvers.'
requires :approver_group_ids, type: Array[String], coerce_with: ARRAY_COERCION_LAMBDA, desc: 'Array of Group IDs to set as approvers.' requires :approver_group_ids, type: Array[Integer], coerce_with: Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'Array of Group IDs to set as approvers.'
end end
put ':id/approvers' do put ':id/approvers' do
result = ::Projects::UpdateService.new(user_project, current_user, declared(params, include_parent_namespaces: false).merge(remove_old_approvers: true)).execute result = ::Projects::UpdateService.new(user_project, current_user, declared(params, include_parent_namespaces: false).merge(remove_old_approvers: true)).execute
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
require_dependency 'declarative_policy' require_dependency 'declarative_policy'
module API module API
class ProjectMirror < Grape::API class ProjectMirror < Grape::API::Instance
helpers do helpers do
def github_webhook_signature def github_webhook_signature
@github_webhook_signature ||= headers['X-Hub-Signature'] @github_webhook_signature ||= headers['X-Hub-Signature']
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class ProjectPackages < Grape::API class ProjectPackages < Grape::API::Instance
include PaginationParams include PaginationParams
before do before do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class ProjectPushRule < Grape::API class ProjectPushRule < Grape::API::Instance
before { authenticate! } before { authenticate! }
before { authorize_admin_project } before { authorize_admin_project }
before { check_project_feature_available!(:push_rules) } before { check_project_feature_available!(:push_rules) }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class ProtectedEnvironments < Grape::API class ProtectedEnvironments < Grape::API::Instance
include PaginationParams include PaginationParams
ENVIRONMENT_ENDPOINT_REQUIREMENTS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS.merge(name: API::NO_SLASH_URL_PART_REGEX) ENVIRONMENT_ENDPOINT_REQUIREMENTS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS.merge(name: API::NO_SLASH_URL_PART_REGEX)
......
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
# called by the PyPI package manager client when users run commands # called by the PyPI package manager client when users run commands
# like `pip install` or `twine upload`. # like `pip install` or `twine upload`.
module API module API
class PypiPackages < Grape::API class PypiPackages < Grape::API::Instance
helpers ::API::Helpers::PackagesManagerClientsHelpers helpers ::API::Helpers::PackagesManagerClientsHelpers
helpers ::API::Helpers::RelatedResourcesHelpers helpers ::API::Helpers::RelatedResourcesHelpers
helpers ::API::Helpers::Packages::BasicAuthHelpers helpers ::API::Helpers::Packages::BasicAuthHelpers
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class ResourceWeightEvents < Grape::API class ResourceWeightEvents < Grape::API::Instance
include PaginationParams include PaginationParams
helpers ::API::Helpers::NotesHelpers helpers ::API::Helpers::NotesHelpers
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Scim < Grape::API class Scim < Grape::API::Instance
include ::Gitlab::Utils::StrongMemoize include ::Gitlab::Utils::StrongMemoize
prefix 'api/scim' prefix 'api/scim'
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Unleash < Grape::API class Unleash < Grape::API::Instance
include PaginationParams include PaginationParams
namespace :feature_flags do namespace :feature_flags do
......
...@@ -7,7 +7,7 @@ ...@@ -7,7 +7,7 @@
# #
module API module API
module V3 module V3
class Github < Grape::API class Github < Grape::API::Instance
JIRA_DEV_PANEL_FEATURE = :jira_dev_panel_integration.freeze JIRA_DEV_PANEL_FEATURE = :jira_dev_panel_integration.freeze
NO_SLASH_URL_PART_REGEX = %r{[^/]+}.freeze NO_SLASH_URL_PART_REGEX = %r{[^/]+}.freeze
ENDPOINT_REQUIREMENTS = { ENDPOINT_REQUIREMENTS = {
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class VisualReviewDiscussions < Grape::API class VisualReviewDiscussions < Grape::API::Instance
include PaginationParams include PaginationParams
helpers ::API::Helpers::NotesHelpers helpers ::API::Helpers::NotesHelpers
helpers ::RendersNotes helpers ::RendersNotes
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Vulnerabilities < Grape::API class Vulnerabilities < Grape::API::Instance
include ::API::Helpers::VulnerabilitiesHooks include ::API::Helpers::VulnerabilitiesHooks
include PaginationParams include PaginationParams
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class VulnerabilityExports < Grape::API class VulnerabilityExports < Grape::API::Instance
include ::API::Helpers::VulnerabilitiesHooks include ::API::Helpers::VulnerabilitiesHooks
include ::Gitlab::Utils::StrongMemoize include ::Gitlab::Utils::StrongMemoize
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class VulnerabilityFindings < Grape::API class VulnerabilityFindings < Grape::API::Instance
include PaginationParams include PaginationParams
include ::Gitlab::Utils::StrongMemoize include ::Gitlab::Utils::StrongMemoize
...@@ -33,19 +33,23 @@ module API ...@@ -33,19 +33,23 @@ module API
end end
resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
params do params do
optional :report_type, type: Array[String], desc: 'The type of report vulnerability belongs to', optional :report_type, type: Array[String],
coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce,
desc: 'The type of report vulnerability belongs to',
values: ::Vulnerabilities::Occurrence.report_types.keys, values: ::Vulnerabilities::Occurrence.report_types.keys,
default: ::Vulnerabilities::Occurrence.report_types.keys default: ::Vulnerabilities::Occurrence.report_types.keys
optional :scope, type: String, desc: 'Return vulnerabilities for the given scope: `dismissed` or `all`', optional :scope, type: String, desc: 'Return vulnerabilities for the given scope: `dismissed` or `all`',
default: 'dismissed', values: %w[all dismissed] default: 'dismissed', values: %w[all dismissed]
optional :severity, optional :severity,
type: Array[String], type: Array[String],
coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce,
desc: 'Returns vulnerabilities belonging to specified severity level: '\ desc: 'Returns vulnerabilities belonging to specified severity level: '\
'`info`, `unknown`, `low`, `medium`, `high`, or `critical`. Defaults to all', '`info`, `unknown`, `low`, `medium`, `high`, or `critical`. Defaults to all',
values: ::Vulnerabilities::Occurrence.severities.keys, values: ::Vulnerabilities::Occurrence.severities.keys,
default: ::Vulnerabilities::Occurrence.severities.keys default: ::Vulnerabilities::Occurrence.severities.keys
optional :confidence, optional :confidence,
type: Array[String], type: Array[String],
coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce,
desc: 'Returns vulnerabilities belonging to specified confidence level: '\ desc: 'Returns vulnerabilities belonging to specified confidence level: '\
'`ignore`, `unknown`, `experimental`, `low`, `medium`, `high`, or `confirmed`. '\ '`ignore`, `unknown`, `experimental`, `low`, `medium`, `high`, or `confirmed`. '\
'Defaults to all', 'Defaults to all',
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class VulnerabilityIssueLinks < Grape::API class VulnerabilityIssueLinks < Grape::API::Instance
include ::API::Helpers::VulnerabilitiesHooks include ::API::Helpers::VulnerabilitiesHooks
helpers ::API::Helpers::VulnerabilitiesHelpers helpers ::API::Helpers::VulnerabilitiesHelpers
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
module EE module EE
module API module API
class Boards < ::Grape::API class Boards < ::Grape::API::Instance
include ::API::PaginationParams include ::API::PaginationParams
include ::API::BoardsResponses include ::API::BoardsResponses
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
module EE module EE
module API module API
class GroupBoards < ::Grape::API class GroupBoards < ::Grape::API::Instance
include ::API::PaginationParams include ::API::PaginationParams
include ::API::BoardsResponses include ::API::BoardsResponses
......
...@@ -26,8 +26,8 @@ module EE ...@@ -26,8 +26,8 @@ module EE
end end
given elasticsearch_limit_indexing: ->(val) { val } do given elasticsearch_limit_indexing: ->(val) { val } do
optional :elasticsearch_namespace_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::LabelsList.coerce, desc: 'The namespace ids to index with Elasticsearch.' optional :elasticsearch_namespace_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The namespace ids to index with Elasticsearch.'
optional :elasticsearch_project_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::LabelsList.coerce, desc: 'The project ids to index with Elasticsearch.' optional :elasticsearch_project_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The project ids to index with Elasticsearch.'
end end
optional :email_additional_text, type: String, desc: 'Additional text added to the bottom of every email for legal/auditing/compliance reasons' optional :email_additional_text, type: String, desc: 'Additional text added to the bottom of every email for legal/auditing/compliance reasons'
...@@ -36,7 +36,7 @@ module EE ...@@ -36,7 +36,7 @@ module EE
optional :help_text, type: String, desc: 'GitLab server administrator information' optional :help_text, type: String, desc: 'GitLab server administrator information'
optional :repository_size_limit, type: Integer, desc: 'Size limit per repository (MB)' optional :repository_size_limit, type: Integer, desc: 'Size limit per repository (MB)'
optional :file_template_project_id, type: Integer, desc: 'ID of project where instance-level file templates are stored.' optional :file_template_project_id, type: Integer, desc: 'ID of project where instance-level file templates are stored.'
optional :repository_storages, type: Array[String], desc: 'A list of names of enabled storage paths, taken from `gitlab.yml`. New projects will be created in one of these stores, chosen at random.' optional :repository_storages, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'A list of names of enabled storage paths, taken from `gitlab.yml`. New projects will be created in one of these stores, chosen at random.'
optional :usage_ping_enabled, type: Grape::API::Boolean, desc: 'Every week GitLab will report license usage back to GitLab, Inc.' optional :usage_ping_enabled, type: Grape::API::Boolean, desc: 'Every week GitLab will report license usage back to GitLab, Inc.'
optional :updating_name_disabled_for_users, type: Grape::API::Boolean, desc: 'Flag indicating if users are permitted to update their profile name' optional :updating_name_disabled_for_users, type: Grape::API::Boolean, desc: 'Flag indicating if users are permitted to update their profile name'
optional :disable_overriding_approvers_per_merge_request, type: Grape::API::Boolean, desc: 'Disable Users ability to overwrite approvers in merge requests.' optional :disable_overriding_approvers_per_merge_request, type: Grape::API::Boolean, desc: 'Disable Users ability to overwrite approvers in merge requests.'
......
...@@ -6,7 +6,7 @@ RSpec.describe EE::API::Helpers do ...@@ -6,7 +6,7 @@ RSpec.describe EE::API::Helpers do
include Rack::Test::Methods include Rack::Test::Methods
let(:helper) do let(:helper) do
Class.new(Grape::API) do Class.new(Grape::API::Instance) do
helpers EE::API::Helpers helpers EE::API::Helpers
helpers API::APIGuard::HelperMethods helpers API::APIGuard::HelperMethods
helpers API::Helpers helpers API::Helpers
......
...@@ -33,7 +33,7 @@ RSpec.describe API::GeoNodes, :request_store, :geo_fdw, :prometheus, api: true d ...@@ -33,7 +33,7 @@ RSpec.describe API::GeoNodes, :request_store, :geo_fdw, :prometheus, api: true d
url: 'http://example.com', url: 'http://example.com',
selective_sync_type: "shards", selective_sync_type: "shards",
selective_sync_shards: %w[shard1 shard2], selective_sync_shards: %w[shard1 shard2],
selective_sync_namespace_ids: [group_to_sync.id], selective_sync_namespace_ids: group_to_sync.id,
minimum_reverification_interval: 10 minimum_reverification_interval: 10
} }
expect_any_instance_of(Geo::NodeCreateService).to receive(:execute).once.and_call_original expect_any_instance_of(Geo::NodeCreateService).to receive(:execute).once.and_call_original
......
...@@ -144,7 +144,9 @@ RSpec.describe API::MergeRequestApprovalRules do ...@@ -144,7 +144,9 @@ RSpec.describe API::MergeRequestApprovalRules do
let(:current_user) { user } let(:current_user) { user }
let(:url) { "/projects/#{project.id}/merge_requests/#{merge_request.iid}/approval_rules" } let(:url) { "/projects/#{project.id}/merge_requests/#{merge_request.iid}/approval_rules" }
let(:approver) { create(:user) } let(:approver) { create(:user) }
let(:other_approver) { create(:user) }
let(:group) { create(:group) } let(:group) { create(:group) }
let(:other_group) { create(:group) }
let(:approval_project_rule_id) { nil } let(:approval_project_rule_id) { nil }
let(:approver_params) do let(:approver_params) do
{ {
...@@ -171,7 +173,9 @@ RSpec.describe API::MergeRequestApprovalRules do ...@@ -171,7 +173,9 @@ RSpec.describe API::MergeRequestApprovalRules do
before do before do
project.update!(disable_overriding_approvers_per_merge_request: false) project.update!(disable_overriding_approvers_per_merge_request: false)
project.add_developer(approver) project.add_developer(approver)
project.add_developer(other_approver)
group.add_developer(approver) group.add_developer(approver)
other_group.add_developer(other_approver)
action action
end end
...@@ -184,7 +188,7 @@ RSpec.describe API::MergeRequestApprovalRules do ...@@ -184,7 +188,7 @@ RSpec.describe API::MergeRequestApprovalRules do
expect(rule['name']).to eq(params[:name]) expect(rule['name']).to eq(params[:name])
expect(rule['approvals_required']).to eq(params[:approvals_required]) expect(rule['approvals_required']).to eq(params[:approvals_required])
expect(rule['rule_type']).to eq('regular') expect(rule['rule_type']).to eq('any_approver')
expect(rule['contains_hidden_groups']).to eq(false) expect(rule['contains_hidden_groups']).to eq(false)
expect(rule['source_rule']).to be_nil expect(rule['source_rule']).to be_nil
expect(rule['eligible_approvers']).to be_empty expect(rule['eligible_approvers']).to be_empty
...@@ -193,24 +197,24 @@ RSpec.describe API::MergeRequestApprovalRules do ...@@ -193,24 +197,24 @@ RSpec.describe API::MergeRequestApprovalRules do
end end
context 'users are passed' do context 'users are passed' do
let(:user_ids) { [approver.id] } let(:user_ids) { "#{approver.id},#{other_approver.id}" }
it 'includes users' do it 'includes users' do
rule = json_response rule = json_response
expect(rule['eligible_approvers']).to match([hash_including('id' => approver.id)]) expect(rule['eligible_approvers'].map { |approver| approver['id'] }).to contain_exactly(approver.id, other_approver.id)
expect(rule['users']).to match([hash_including('id' => approver.id)]) expect(rule['users'].map { |user| user['id'] }).to contain_exactly(approver.id, other_approver.id)
end end
end end
context 'groups are passed' do context 'groups are passed' do
let(:group_ids) { [group.id] } let(:group_ids) { "#{group.id},#{other_group.id}" }
it 'includes groups' do it 'includes groups' do
rule = json_response rule = json_response
expect(rule['eligible_approvers']).to match([hash_including('id' => approver.id)]) expect(rule['eligible_approvers'].map { |approver| approver['id'] }).to contain_exactly(approver.id, other_approver.id)
expect(rule['groups']).to match([hash_including('id' => group.id)]) expect(rule['groups'].map { |group| group['id'] }).to contain_exactly(group.id, other_group.id)
end end
end end
...@@ -279,6 +283,8 @@ RSpec.describe API::MergeRequestApprovalRules do ...@@ -279,6 +283,8 @@ RSpec.describe API::MergeRequestApprovalRules do
let(:user_ids) { [] } let(:user_ids) { [] }
let(:group_ids) { [] } let(:group_ids) { [] }
let(:remove_hidden_groups) { nil } let(:remove_hidden_groups) { nil }
let(:other_approver) { create(:user) }
let(:other_group) { create(:group) }
let(:params) do let(:params) do
{ {
...@@ -299,8 +305,10 @@ RSpec.describe API::MergeRequestApprovalRules do ...@@ -299,8 +305,10 @@ RSpec.describe API::MergeRequestApprovalRules do
project.update!(disable_overriding_approvers_per_merge_request: false) project.update!(disable_overriding_approvers_per_merge_request: false)
project.add_developer(existing_approver) project.add_developer(existing_approver)
project.add_developer(new_approver) project.add_developer(new_approver)
project.add_developer(other_approver)
existing_group.add_developer(existing_approver) existing_group.add_developer(existing_approver)
new_group.add_developer(new_approver) new_group.add_developer(new_approver)
other_group.add_developer(other_approver)
action action
end end
...@@ -324,24 +332,24 @@ RSpec.describe API::MergeRequestApprovalRules do ...@@ -324,24 +332,24 @@ RSpec.describe API::MergeRequestApprovalRules do
end end
context 'users are passed' do context 'users are passed' do
let(:user_ids) { [new_approver.id] } let(:user_ids) { "#{new_approver.id},#{existing_approver.id}" }
it 'changes users' do it 'changes users' do
rule = json_response rule = json_response
expect(rule['eligible_approvers']).to match([hash_including('id' => new_approver.id)]) expect(rule['eligible_approvers'].map { |approver| approver['id'] }).to contain_exactly(new_approver.id, existing_approver.id)
expect(rule['users']).to match([hash_including('id' => new_approver.id)]) expect(rule['users'].map { |user| user['id'] }).to contain_exactly(new_approver.id, existing_approver.id)
end end
end end
context 'groups are passed' do context 'groups are passed' do
let(:group_ids) { [new_group.id] } let(:group_ids) { "#{new_group.id},#{other_group.id}" }
it 'changes groups' do it 'changes groups' do
rule = json_response rule = json_response
expect(rule['eligible_approvers']).to match([hash_including('id' => new_approver.id)]) expect(rule['eligible_approvers'].map { |approver| approver['id'] }).to contain_exactly(new_approver.id, other_approver.id)
expect(rule['groups']).to match([hash_including('id' => new_group.id)]) expect(rule['groups'].map { |group| group['id'] }).to contain_exactly(new_group.id, other_group.id)
end end
end end
......
...@@ -342,7 +342,7 @@ RSpec.describe API::MergeRequestApprovals do ...@@ -342,7 +342,7 @@ RSpec.describe API::MergeRequestApprovals do
it 'does not allow overriding approvers' do it 'does not allow overriding approvers' do
expect do expect do
put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/approvers", current_user), put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/approvers", current_user),
params: { approver_ids: [approver.id], approver_group_ids: [group.id] } params: { approver_ids: approver.id.to_s, approver_group_ids: group.id.to_s }
end.to not_change { merge_request.approvers.count }.and not_change { merge_request.approver_groups.count } end.to not_change { merge_request.approvers.count }.and not_change { merge_request.approver_groups.count }
end end
end end
...@@ -355,12 +355,12 @@ RSpec.describe API::MergeRequestApprovals do ...@@ -355,12 +355,12 @@ RSpec.describe API::MergeRequestApprovals do
it 'allows overriding approvers' do it 'allows overriding approvers' do
expect do expect do
put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/approvers", current_user), put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/approvers", current_user),
params: { approver_ids: [approver.id], approver_group_ids: [group.id] } params: { approver_ids: "#{approver.id},#{user2.id}", approver_group_ids: "#{group.id}" }
end.to change { merge_request.approvers.count }.from(0).to(1) end.to change { merge_request.approvers.count }.from(0).to(2)
.and change { merge_request.approver_groups.count }.from(0).to(1) .and change { merge_request.approver_groups.count }.from(0).to(1)
expect(response).to have_gitlab_http_status(:ok) expect(response).to have_gitlab_http_status(:ok)
expect(json_response['approvers'][0]['user']['username']).to eq(approver.username) expect(json_response['approvers'].map { |approver| approver['user'] }.map { |user| user['username'] }).to contain_exactly(approver.username, user2.username)
expect(json_response['approver_groups'][0]['group']['name']).to eq(group.name) expect(json_response['approver_groups'][0]['group']['name']).to eq(group.name)
end end
...@@ -370,7 +370,7 @@ RSpec.describe API::MergeRequestApprovals do ...@@ -370,7 +370,7 @@ RSpec.describe API::MergeRequestApprovals do
expect do expect do
put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/approvers", current_user), put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/approvers", current_user),
params: { approver_ids: [], approver_group_ids: [] }.to_json, headers: { CONTENT_TYPE: 'application/json' } params: { approver_ids: '', approver_group_ids: '' }.to_json, headers: { CONTENT_TYPE: 'application/json' }
end.to change { merge_request.approvers.count }.from(1).to(0) end.to change { merge_request.approvers.count }.from(1).to(0)
.and change { merge_request.approver_groups.count }.from(1).to(0) .and change { merge_request.approver_groups.count }.from(1).to(0)
......
...@@ -9,6 +9,7 @@ RSpec.describe API::ProjectApprovalRules do ...@@ -9,6 +9,7 @@ RSpec.describe API::ProjectApprovalRules do
let_it_be(:admin) { create(:user, :admin) } let_it_be(:admin) { create(:user, :admin) }
let_it_be(:project) { create(:project, :public, :repository, creator: user, namespace: user.namespace, only_allow_merge_if_pipeline_succeeds: false) } let_it_be(:project) { create(:project, :public, :repository, creator: user, namespace: user.namespace, only_allow_merge_if_pipeline_succeeds: false) }
let_it_be(:approver) { create(:user) } let_it_be(:approver) { create(:user) }
let_it_be(:other_approver) { create(:user) }
describe 'GET /projects/:id/approval_rules' do describe 'GET /projects/:id/approval_rules' do
let(:url) { "/projects/#{project.id}/approval_rules" } let(:url) { "/projects/#{project.id}/approval_rules" }
......
...@@ -9,6 +9,7 @@ RSpec.describe API::ProjectApprovalSettings do ...@@ -9,6 +9,7 @@ RSpec.describe API::ProjectApprovalSettings do
let_it_be(:admin) { create(:user, :admin) } let_it_be(:admin) { create(:user, :admin) }
let_it_be(:project) { create(:project, :public, :repository, creator: user, namespace: user.namespace, only_allow_merge_if_pipeline_succeeds: false) } let_it_be(:project) { create(:project, :public, :repository, creator: user, namespace: user.namespace, only_allow_merge_if_pipeline_succeeds: false) }
let_it_be(:approver) { create(:user) } let_it_be(:approver) { create(:user) }
let_it_be(:other_approver) { create(:user) }
describe 'GET /projects/:id/approval_settings' do describe 'GET /projects/:id/approval_settings' do
let(:url) { "/projects/#{project.id}/approval_settings" } let(:url) { "/projects/#{project.id}/approval_settings" }
......
...@@ -79,6 +79,7 @@ RSpec.shared_examples 'an API endpoint for updating project approval rule' do ...@@ -79,6 +79,7 @@ RSpec.shared_examples 'an API endpoint for updating project approval rule' do
shared_examples 'a user with access' do shared_examples 'a user with access' do
before do before do
project.add_developer(approver) project.add_developer(approver)
project.add_developer(other_approver)
end end
context 'when protected_branch_ids param is present' do context 'when protected_branch_ids param is present' do
...@@ -117,10 +118,10 @@ RSpec.shared_examples 'an API endpoint for updating project approval rule' do ...@@ -117,10 +118,10 @@ RSpec.shared_examples 'an API endpoint for updating project approval rule' do
it 'sets approvers' do it 'sets approvers' do
expect do expect do
put api(url, current_user), params: { users: [approver.id] } put api(url, current_user), params: { users: "#{approver.id},#{other_approver.id}" }
end.to change { approval_rule.users.count }.from(0).to(1) end.to change { approval_rule.users.count }.from(0).to(2)
expect(approval_rule.users).to contain_exactly(approver) expect(approval_rule.users).to contain_exactly(approver, other_approver)
expect(approval_rule.groups).to be_empty expect(approval_rule.groups).to be_empty
expect(response).to have_gitlab_http_status(:ok) expect(response).to have_gitlab_http_status(:ok)
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class AccessRequests < Grape::API class AccessRequests < Grape::API::Instance
include PaginationParams include PaginationParams
before { authenticate! } before { authenticate! }
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
module API module API
module Admin module Admin
module Ci module Ci
class Variables < Grape::API class Variables < Grape::API::Instance
include PaginationParams include PaginationParams
before { authenticated_as_admin! } before { authenticated_as_admin! }
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
module API module API
module Admin module Admin
class Sidekiq < Grape::API class Sidekiq < Grape::API::Instance
before { authenticated_as_admin! } before { authenticated_as_admin! }
namespace 'admin' do namespace 'admin' do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class API < Grape::API class API < Grape::API::Instance
include APIGuard include APIGuard
LOG_FILENAME = Rails.root.join("log", "api_json.log") LOG_FILENAME = Rails.root.join("log", "api_json.log")
...@@ -46,6 +46,8 @@ module API ...@@ -46,6 +46,8 @@ module API
end end
before do before do
coerce_nil_params_to_array!
Gitlab::ApplicationContext.push( Gitlab::ApplicationContext.push(
user: -> { @current_user }, user: -> { @current_user },
project: -> { @project }, project: -> { @project },
......
...@@ -153,7 +153,16 @@ module API ...@@ -153,7 +153,16 @@ module API
{ scope: e.scopes }) { scope: e.scopes })
end end
response.finish finished_response = nil
response.finish do |rack_response|
# Grape expects a Rack::Response
# (https://github.com/ruby-grape/grape/commit/c117bff7d22971675f4b34367d3a98bc31c8fc02),
# and we need to retrieve it here:
# https://github.com/nov/rack-oauth2/blob/40c9a99fd80486ccb8de0e4869ae384547c0d703/lib/rack/oauth2/server/abstract/error.rb#L28
finished_response = rack_response
end
finished_response
end end
end end
end end
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Appearance < Grape::API class Appearance < Grape::API::Instance
before { authenticated_as_admin! } before { authenticated_as_admin! }
helpers do helpers do
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
module API module API
# External applications API # External applications API
class Applications < Grape::API class Applications < Grape::API::Instance
before { authenticated_as_admin! } before { authenticated_as_admin! }
resource :applications do resource :applications do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Avatar < Grape::API class Avatar < Grape::API::Instance
resource :avatar do resource :avatar do
desc 'Return avatar url for a user' do desc 'Return avatar url for a user' do
success Entities::Avatar success Entities::Avatar
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class AwardEmoji < Grape::API class AwardEmoji < Grape::API::Instance
include PaginationParams include PaginationParams
before { authenticate! } before { authenticate! }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Badges < Grape::API class Badges < Grape::API::Instance
include PaginationParams include PaginationParams
before { authenticate_non_get! } before { authenticate_non_get! }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Boards < Grape::API class Boards < Grape::API::Instance
include BoardsResponses include BoardsResponses
include PaginationParams include PaginationParams
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
require 'mime/types' require 'mime/types'
module API module API
class Branches < Grape::API class Branches < Grape::API::Instance
include PaginationParams include PaginationParams
BRANCH_ENDPOINT_REQUIREMENTS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS.merge(branch: API::NO_SLASH_URL_PART_REGEX) BRANCH_ENDPOINT_REQUIREMENTS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS.merge(branch: API::NO_SLASH_URL_PART_REGEX)
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class BroadcastMessages < Grape::API class BroadcastMessages < Grape::API::Instance
include PaginationParams include PaginationParams
resource :broadcast_messages do resource :broadcast_messages do
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
module API module API
module Ci module Ci
class Runner < Grape::API class Runner < Grape::API::Instance
helpers ::API::Helpers::Runner helpers ::API::Helpers::Runner
resource :runners do resource :runners do
...@@ -19,7 +19,7 @@ module API ...@@ -19,7 +19,7 @@ module API
optional :access_level, type: String, values: ::Ci::Runner.access_levels.keys, optional :access_level, type: String, values: ::Ci::Runner.access_levels.keys,
desc: 'The access_level of the runner' desc: 'The access_level of the runner'
optional :run_untagged, type: Boolean, desc: 'Should Runner handle untagged jobs' optional :run_untagged, type: Boolean, desc: 'Should Runner handle untagged jobs'
optional :tag_list, type: Array[String], desc: %q(List of Runner's tags) optional :tag_list, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: %q(List of Runner's tags)
optional :maximum_timeout, type: Integer, desc: 'Maximum timeout set when this Runner will handle the job' optional :maximum_timeout, type: Integer, desc: 'Maximum timeout set when this Runner will handle the job'
end end
post '/' do post '/' do
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
module API module API
module Ci module Ci
class Runners < Grape::API class Runners < Grape::API::Instance
include PaginationParams include PaginationParams
before { authenticate! } before { authenticate! }
...@@ -18,7 +18,7 @@ module API ...@@ -18,7 +18,7 @@ module API
desc: 'The type of the runners to show' desc: 'The type of the runners to show'
optional :status, type: String, values: ::Ci::Runner::AVAILABLE_STATUSES, optional :status, type: String, values: ::Ci::Runner::AVAILABLE_STATUSES,
desc: 'The status of the runners to show' desc: 'The status of the runners to show'
optional :tag_list, type: Array[String], desc: 'The tags of the runners to show' optional :tag_list, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'The tags of the runners to show'
use :pagination use :pagination
end end
get do get do
...@@ -41,7 +41,7 @@ module API ...@@ -41,7 +41,7 @@ module API
desc: 'The type of the runners to show' desc: 'The type of the runners to show'
optional :status, type: String, values: ::Ci::Runner::AVAILABLE_STATUSES, optional :status, type: String, values: ::Ci::Runner::AVAILABLE_STATUSES,
desc: 'The status of the runners to show' desc: 'The status of the runners to show'
optional :tag_list, type: Array[String], desc: 'The tags of the runners to show' optional :tag_list, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'The tags of the runners to show'
use :pagination use :pagination
end end
get 'all' do get 'all' do
...@@ -76,7 +76,7 @@ module API ...@@ -76,7 +76,7 @@ module API
requires :id, type: Integer, desc: 'The ID of the runner' requires :id, type: Integer, desc: 'The ID of the runner'
optional :description, type: String, desc: 'The description of the runner' optional :description, type: String, desc: 'The description of the runner'
optional :active, type: Boolean, desc: 'The state of a runner' optional :active, type: Boolean, desc: 'The state of a runner'
optional :tag_list, type: Array[String], desc: 'The list of tags for a runner' optional :tag_list, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'The list of tags for a runner'
optional :run_untagged, type: Boolean, desc: 'Flag indicating the runner can execute untagged jobs' optional :run_untagged, type: Boolean, desc: 'Flag indicating the runner can execute untagged jobs'
optional :locked, type: Boolean, desc: 'Flag indicating the runner is locked' optional :locked, type: Boolean, desc: 'Flag indicating the runner is locked'
optional :access_level, type: String, values: ::Ci::Runner.access_levels.keys, optional :access_level, type: String, values: ::Ci::Runner.access_levels.keys,
...@@ -146,7 +146,7 @@ module API ...@@ -146,7 +146,7 @@ module API
desc: 'The type of the runners to show' desc: 'The type of the runners to show'
optional :status, type: String, values: ::Ci::Runner::AVAILABLE_STATUSES, optional :status, type: String, values: ::Ci::Runner::AVAILABLE_STATUSES,
desc: 'The status of the runners to show' desc: 'The status of the runners to show'
optional :tag_list, type: Array[String], desc: 'The tags of the runners to show' optional :tag_list, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'The tags of the runners to show'
use :pagination use :pagination
end end
get ':id/runners' do get ':id/runners' do
...@@ -209,7 +209,7 @@ module API ...@@ -209,7 +209,7 @@ module API
desc: 'The type of the runners to show' desc: 'The type of the runners to show'
optional :status, type: String, values: ::Ci::Runner::AVAILABLE_STATUSES, optional :status, type: String, values: ::Ci::Runner::AVAILABLE_STATUSES,
desc: 'The status of the runners to show' desc: 'The status of the runners to show'
optional :tag_list, type: Array[String], desc: 'The tags of the runners to show' optional :tag_list, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'The tags of the runners to show'
use :pagination use :pagination
end end
get ':id/runners' do get ':id/runners' do
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
require 'mime/types' require 'mime/types'
module API module API
class CommitStatuses < Grape::API class CommitStatuses < Grape::API::Instance
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
require 'mime/types' require 'mime/types'
module API module API
class Commits < Grape::API class Commits < Grape::API::Instance
include PaginationParams include PaginationParams
before do before do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class ContainerRegistryEvent < Grape::API class ContainerRegistryEvent < Grape::API::Instance
DOCKER_DISTRIBUTION_EVENTS_V1_JSON = 'application/vnd.docker.distribution.events.v1+json' DOCKER_DISTRIBUTION_EVENTS_V1_JSON = 'application/vnd.docker.distribution.events.v1+json'
before { authenticate_registry_notification! } before { authenticate_registry_notification! }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class DeployKeys < Grape::API class DeployKeys < Grape::API::Instance
include PaginationParams include PaginationParams
before { authenticate! } before { authenticate! }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class DeployTokens < Grape::API class DeployTokens < Grape::API::Instance
include PaginationParams include PaginationParams
helpers do helpers do
...@@ -56,7 +56,7 @@ module API ...@@ -56,7 +56,7 @@ module API
params do params do
requires :name, type: String, desc: "New deploy token's name" requires :name, type: String, desc: "New deploy token's name"
requires :scopes, type: Array[String], values: ::DeployToken::AVAILABLE_SCOPES.map(&:to_s), requires :scopes, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, values: ::DeployToken::AVAILABLE_SCOPES.map(&:to_s),
desc: 'Indicates the deploy token scopes. Must be at least one of "read_repository", "read_registry", "write_registry", "read_package_registry", or "write_package_registry".' desc: 'Indicates the deploy token scopes. Must be at least one of "read_repository", "read_registry", "write_registry", "read_package_registry", or "write_package_registry".'
optional :expires_at, type: DateTime, desc: 'Expiration date for the deploy token. Does not expire if no value is provided.' optional :expires_at, type: DateTime, desc: 'Expiration date for the deploy token. Does not expire if no value is provided.'
optional :username, type: String, desc: 'Username for deploy token. Default is `gitlab+deploy-token-{n}`' optional :username, type: String, desc: 'Username for deploy token. Default is `gitlab+deploy-token-{n}`'
...@@ -119,7 +119,7 @@ module API ...@@ -119,7 +119,7 @@ module API
params do params do
requires :name, type: String, desc: 'The name of the deploy token' requires :name, type: String, desc: 'The name of the deploy token'
requires :scopes, type: Array[String], values: ::DeployToken::AVAILABLE_SCOPES.map(&:to_s), requires :scopes, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, values: ::DeployToken::AVAILABLE_SCOPES.map(&:to_s),
desc: 'Indicates the deploy token scopes. Must be at least one of "read_repository", "read_registry", "write_registry", "read_package_registry", or "write_package_registry".' desc: 'Indicates the deploy token scopes. Must be at least one of "read_repository", "read_registry", "write_registry", "read_package_registry", or "write_package_registry".'
optional :expires_at, type: DateTime, desc: 'Expiration date for the deploy token. Does not expire if no value is provided.' optional :expires_at, type: DateTime, desc: 'Expiration date for the deploy token. Does not expire if no value is provided.'
optional :username, type: String, desc: 'Username for deploy token. Default is `gitlab+deploy-token-{n}`' optional :username, type: String, desc: 'Username for deploy token. Default is `gitlab+deploy-token-{n}`'
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
module API module API
# Deployments RESTful API endpoints # Deployments RESTful API endpoints
class Deployments < Grape::API class Deployments < Grape::API::Instance
include PaginationParams include PaginationParams
before { authenticate! } before { authenticate! }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Discussions < Grape::API class Discussions < Grape::API::Instance
include PaginationParams include PaginationParams
helpers ::API::Helpers::NotesHelpers helpers ::API::Helpers::NotesHelpers
helpers ::RendersNotes helpers ::RendersNotes
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
module API module API
# Environments RESTfull API endpoints # Environments RESTfull API endpoints
class Environments < Grape::API class Environments < Grape::API::Instance
include PaginationParams include PaginationParams
before { authenticate! } before { authenticate! }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class ErrorTracking < Grape::API class ErrorTracking < Grape::API::Instance
before { authenticate! } before { authenticate! }
params do params do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Events < Grape::API class Events < Grape::API::Instance
include PaginationParams include PaginationParams
include APIGuard include APIGuard
helpers ::API::Helpers::EventsHelpers helpers ::API::Helpers::EventsHelpers
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Features < Grape::API class Features < Grape::API::Instance
before { authenticated_as_admin! } before { authenticated_as_admin! }
helpers do helpers do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class Files < Grape::API class Files < Grape::API::Instance
include APIGuard include APIGuard
FILE_ENDPOINT_REQUIREMENTS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS.merge(file_path: API::NO_SLASH_URL_PART_REGEX) FILE_ENDPOINT_REQUIREMENTS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS.merge(file_path: API::NO_SLASH_URL_PART_REGEX)
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class FreezePeriods < Grape::API class FreezePeriods < Grape::API::Instance
include PaginationParams include PaginationParams
before { authenticate! } before { authenticate! }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class GroupBoards < Grape::API class GroupBoards < Grape::API::Instance
include BoardsResponses include BoardsResponses
include PaginationParams include PaginationParams
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class GroupClusters < Grape::API class GroupClusters < Grape::API::Instance
include PaginationParams include PaginationParams
before { authenticate! } before { authenticate! }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class GroupContainerRepositories < Grape::API class GroupContainerRepositories < Grape::API::Instance
include PaginationParams include PaginationParams
before { authorize_read_group_container_images! } before { authorize_read_group_container_images! }
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class GroupExport < Grape::API class GroupExport < Grape::API::Instance
helpers Helpers::RateLimiter helpers Helpers::RateLimiter
before do before do
......
# frozen_string_literal: true # frozen_string_literal: true
module API module API
class GroupImport < Grape::API class GroupImport < Grape::API::Instance
helpers Helpers::FileUploadHelpers helpers Helpers::FileUploadHelpers
helpers do helpers do
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment