Merge branch 'resolve-lib-differences' into 'master'

Resolve CE to EE differences in the lib/api directory

See merge request gitlab-org/gitlab-ce!25430

lib/api/discussions.rb

@@ -7,9 +7,7 @@ module API
 
     before { authenticate! }
 
-    NOTEABLE_TYPES = [Issue, Snippet, MergeRequest, Commit].freeze
-
-    NOTEABLE_TYPES.each do |noteable_type|
+    Helpers::DiscussionsHelpers.noteable_types.each do |noteable_type|
       parent_type = noteable_type.parent_class.to_s.underscore
       noteables_str = noteable_type.to_s.underscore.pluralize
       noteables_path = noteable_type == Commit ? "repository/#{noteables_str}" : noteables_str

lib/api/groups.rb

@@ -58,6 +58,22 @@ module API
       end
       # rubocop: enable CodeReuse/ActiveRecord
 
+      def create_group
+        # This is a separate method so that EE can extend its behaviour, without
+        # having to modify this code directly.
+        ::Groups::CreateService
+          .new(current_user, declared_params(include_missing: false))
+          .execute
+      end
+
+      def update_group(group)
+        # This is a separate method so that EE can extend its behaviour, without
+        # having to modify this code directly.
+        ::Groups::UpdateService
+          .new(group, current_user, declared_params(include_missing: false))
+          .execute
+      end
+
       def find_group_projects(params)
         group = find_group!(params[:id])
         options = {
@@ -127,7 +143,7 @@ module API
           authorize! :create_group
         end
 
-        group = ::Groups::CreateService.new(current_user, declared_params(include_missing: false)).execute
+        group = create_group
 
         if group.persisted?
           present group, with: Entities::GroupDetail, current_user: current_user
@@ -153,7 +169,7 @@ module API
         group = find_group!(params[:id])
         authorize! :admin_group, group
 
-        if ::Groups::UpdateService.new(group, current_user, declared_params(include_missing: false)).execute
+        if update_group(group)
           present group, with: Entities::GroupDetail, current_user: current_user
         else
           render_validation_error!(group)

lib/api/helpers/discussions_helpers.rb

+# frozen_string_literal: true
+
+module API
+  module Helpers
+    module DiscussionsHelpers
+      def self.noteable_types
+        # This is a method instead of a constant, allowing EE to more easily
+        # extend it.
+        [Issue, Snippet, MergeRequest, Commit]
+      end
+    end
+  end
+end

lib/api/helpers/notes_helpers.rb

@@ -3,6 +3,12 @@
 module API
   module Helpers
     module NotesHelpers
+      def self.noteable_types
+        # This is a method instead of a constant, allowing EE to more easily
+        # extend it.
+        [Issue, MergeRequest, Snippet]
+      end
+
       def update_note(noteable, note_id)
         note = noteable.notes.find(params[:note_id])
 

lib/api/helpers/resource_label_events_helpers.rb

+# frozen_string_literal: true
+
+module API
+  module Helpers
+    module ResourceLabelEventsHelpers
+      def self.eventable_types
+        # This is a method instead of a constant, allowing EE to more easily
+        # extend it.
+        [Issue, MergeRequest]
+      end
+    end
+  end
+end

lib/api/helpers/search_helpers.rb

+# frozen_string_literal: true
+
+module API
+  module Helpers
+    module SearchHelpers
+      def self.global_search_scopes
+        # This is a separate method so that EE can redefine it.
+        %w(projects issues merge_requests milestones snippet_titles snippet_blobs)
+      end
+
+      def self.group_search_scopes
+        # This is a separate method so that EE can redefine it.
+        %w(projects issues merge_requests milestones)
+      end
+
+      def self.project_search_scopes
+        # This is a separate method so that EE can redefine it.
+        %w(issues merge_requests milestones notes wiki_blobs commits blobs)
+      end
+    end
+  end
+end

lib/api/internal.rb

@@ -15,6 +15,12 @@ module API
         status code
         { status: success, message: message }.merge(extra_options).compact
       end
+
+      def lfs_authentication_url(project)
+        # This is a separate method so that EE can alter its behaviour more
+        # easily.
+        project.http_url_to_repo
+      end
     end
 
     namespace 'internal' do
@@ -113,7 +119,9 @@ module API
           raise ActiveRecord::RecordNotFound.new("No key_id or user_id passed!")
         end
 
-        Gitlab::LfsToken.new(actor).authentication_payload(project.http_url_to_repo)
+        Gitlab::LfsToken
+          .new(actor)
+          .authentication_payload(lfs_authentication_url(project))
       end
       # rubocop: enable CodeReuse/ActiveRecord
 

lib/api/notes.rb

@@ -7,9 +7,7 @@ module API
 
     before { authenticate! }
 
-    NOTEABLE_TYPES = [Issue, MergeRequest, Snippet].freeze
-
-    NOTEABLE_TYPES.each do |noteable_type|
+    Helpers::NotesHelpers.noteable_types.each do |noteable_type|
       parent_type = noteable_type.parent_class.to_s.underscore
       noteables_str = noteable_type.to_s.underscore.pluralize
 

lib/api/resource_label_events.rb

@@ -7,9 +7,7 @@ module API
 
     before { authenticate! }
 
-    EVENTABLE_TYPES = [Issue, MergeRequest].freeze
-
-    EVENTABLE_TYPES.each do |eventable_type|
+    Helpers::ResourceLabelEventsHelpers.eventable_types.each do |eventable_type|
       parent_type = eventable_type.parent_class.to_s.underscore
       eventables_str = eventable_type.to_s.underscore.pluralize
 

lib/api/search.rb

@@ -45,6 +45,12 @@ module API
       def entity
         SCOPE_ENTITY[params[:scope].to_sym]
       end
+
+      def verify_search_scope!
+        # In EE we have additional validation requirements for searches.
+        # Defining this method here as a noop allows us to easily extend it in
+        # EE, without having to modify this file directly.
+      end
     end
 
     resource :search do
@@ -55,12 +61,13 @@ module API
         requires :search, type: String, desc: 'The expression it should be searched for'
         requires :scope,
           type: String,
-          desc: 'The scope of search, available scopes:
-            projects, issues, merge_requests, milestones, snippet_titles, snippet_blobs',
-          values: %w(projects issues merge_requests milestones snippet_titles snippet_blobs)
+          desc: 'The scope of the search',
+          values: Helpers::SearchHelpers.global_search_scopes
         use :pagination
       end
       get do
+        verify_search_scope!
+
         present search, with: entity
       end
     end
@@ -74,12 +81,13 @@ module API
         requires :search, type: String, desc: 'The expression it should be searched for'
         requires :scope,
           type: String,
-          desc: 'The scope of search, available scopes:
-            projects, issues, merge_requests, milestones',
-          values: %w(projects issues merge_requests milestones)
+          desc: 'The scope of the search',
+          values: Helpers::SearchHelpers.group_search_scopes
         use :pagination
       end
       get ':id/(-/)search' do
+        verify_search_scope!
+
         present search(group_id: user_group.id), with: entity
       end
     end
@@ -93,9 +101,8 @@ module API
         requires :search, type: String, desc: 'The expression it should be searched for'
         requires :scope,
           type: String,
-          desc: 'The scope of search, available scopes:
-            issues, merge_requests, milestones, notes, wiki_blobs, commits, blobs',
-          values: %w(issues merge_requests milestones notes wiki_blobs commits blobs)
+          desc: 'The scope of the search',
+          values: Helpers::SearchHelpers.project_search_scopes
         use :pagination
       end
       get ':id/(-/)search' do

lib/api/settings.rb

@@ -9,6 +9,11 @@ module API
         @current_setting ||=
           (ApplicationSetting.current_without_cache || ApplicationSetting.create_from_defaults)
       end
+
+      def filter_attributes_using_license(attrs)
+        # This method will be redefined in EE.
+        attrs
+      end
     end
 
     desc 'Get the current application settings' do
@@ -156,6 +161,8 @@ module API
         attrs[:password_authentication_enabled_for_web] = attrs.delete(:password_authentication_enabled)
       end
 
+      attrs = filter_attributes_using_license(attrs)
+
       if ApplicationSettings::UpdateService.new(current_settings, current_user, attrs).execute
         present current_settings, with: Entities::ApplicationSetting
       else

lib/api/triggers.rb

@@ -13,7 +13,7 @@ module API
       end
       params do
         requires :ref, type: String, desc: 'The commit sha or name of a branch or tag', allow_blank: false
-        requires :token, type: String, desc: 'The unique token of trigger'
+        requires :token, type: String, desc: 'The unique token of trigger or job token'
         optional :variables, type: Hash, desc: 'The list of variables to be injected into build'
       end
       post ":id/(ref/:ref/)trigger/pipeline", requirements: { ref: /.+/ } do

lib/api/variables.rb

@@ -7,6 +7,14 @@ module API
     before { authenticate! }
     before { authorize! :admin_build, user_project }
 
+    helpers do
+      def filter_variable_parameters(params)
+        # This method exists so that EE can more easily filter out certain
+        # parameters, without having to modify the source code directly.
+        params
+      end
+    end
+
     params do
       requires :id, type: String, desc: 'The ID of a project'
     end
@@ -50,6 +58,7 @@ module API
       end
       post ':id/variables' do
         variable_params = declared_params(include_missing: false)
+        variable_params = filter_variable_parameters(variable_params)
 
         variable = user_project.variables.create(variable_params)
 
@@ -75,6 +84,7 @@ module API
         break not_found!('Variable') unless variable
 
         variable_params = declared_params(include_missing: false).except(:key)
+        variable_params = filter_variable_parameters(variable_params)
 
         if variable.update(variable_params)
           present variable, with: Entities::Variable