Commit d5cb998e authored by Sean McGivern's avatar Sean McGivern

Merge branch '27988-fix-transient-failure-in-commits-api' into 'master'

Ensure dots in project and group ID are allowed in the API endpoints

Closes #27988

See merge request !9944
parents ac8beca4 63360ade
---
title: 'Add `requirements: { id: /.+/ }` for all projects and groups namespaced API
routes'
merge_request: 9944
author:
...@@ -10,7 +10,7 @@ module API ...@@ -10,7 +10,7 @@ module API
params do params do
requires :id, type: String, desc: "The #{source_type} ID" requires :id, type: String, desc: "The #{source_type} ID"
end end
resource source_type.pluralize do resource source_type.pluralize, requirements: { id: %r{[^/]+} } do
desc "Gets a list of access requests for a #{source_type}." do desc "Gets a list of access requests for a #{source_type}." do
detail 'This feature was introduced in GitLab 8.11.' detail 'This feature was introduced in GitLab 8.11.'
success Entities::AccessRequester success Entities::AccessRequester
......
...@@ -9,13 +9,15 @@ module API ...@@ -9,13 +9,15 @@ module API
{ type: 'snippet', find_by: :id } { type: 'snippet', find_by: :id }
].freeze ].freeze
resource :projects do params do
requires :id, type: String, desc: 'The ID of a project'
end
resource :projects, requirements: { id: %r{[^/]+} } do
AWARDABLES.each do |awardable_params| AWARDABLES.each do |awardable_params|
awardable_string = awardable_params[:type].pluralize awardable_string = awardable_params[:type].pluralize
awardable_id_string = "#{awardable_params[:type]}_#{awardable_params[:find_by]}" awardable_id_string = "#{awardable_params[:type]}_#{awardable_params[:find_by]}"
params do params do
requires :id, type: String, desc: 'The ID of a project'
requires :"#{awardable_id_string}", type: Integer, desc: "The ID of an Issue, Merge Request or Snippet" requires :"#{awardable_id_string}", type: Integer, desc: "The ID of an Issue, Merge Request or Snippet"
end end
......
...@@ -7,7 +7,7 @@ module API ...@@ -7,7 +7,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get all project boards' do desc 'Get all project boards' do
detail 'This feature was introduced in 8.13' detail 'This feature was introduced in 8.13'
success Entities::Board success Entities::Board
......
...@@ -10,7 +10,7 @@ module API ...@@ -10,7 +10,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get a project repository branches' do desc 'Get a project repository branches' do
success Entities::RepoBranch success Entities::RepoBranch
end end
......
...@@ -2,7 +2,10 @@ require 'mime/types' ...@@ -2,7 +2,10 @@ require 'mime/types'
module API module API
class CommitStatuses < Grape::API class CommitStatuses < Grape::API
resource :projects do params do
requires :id, type: String, desc: 'The ID of a project'
end
resource :projects, requirements: { id: %r{[^/]+} } do
include PaginationParams include PaginationParams
before { authenticate! } before { authenticate! }
...@@ -11,7 +14,6 @@ module API ...@@ -11,7 +14,6 @@ module API
success Entities::CommitStatus success Entities::CommitStatus
end end
params do params do
requires :id, type: String, desc: 'The ID of a project'
requires :sha, type: String, desc: 'The commit hash' requires :sha, type: String, desc: 'The commit hash'
optional :ref, type: String, desc: 'The ref' optional :ref, type: String, desc: 'The ref'
optional :stage, type: String, desc: 'The stage' optional :stage, type: String, desc: 'The stage'
...@@ -37,7 +39,6 @@ module API ...@@ -37,7 +39,6 @@ module API
success Entities::CommitStatus success Entities::CommitStatus
end end
params do params do
requires :id, type: String, desc: 'The ID of a project'
requires :sha, type: String, desc: 'The commit hash' requires :sha, type: String, desc: 'The commit hash'
requires :state, type: String, desc: 'The state of the status', requires :state, type: String, desc: 'The state of the status',
values: %w(pending running success failed canceled) values: %w(pending running success failed canceled)
......
...@@ -10,7 +10,7 @@ module API ...@@ -10,7 +10,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get a project repository commits' do desc 'Get a project repository commits' do
success Entities::RepoCommit success Entities::RepoCommit
end end
......
...@@ -17,7 +17,7 @@ module API ...@@ -17,7 +17,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of the project' requires :id, type: String, desc: 'The ID of the project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
before { authorize_admin_project } before { authorize_admin_project }
desc "Get a specific project's deploy keys" do desc "Get a specific project's deploy keys" do
......
...@@ -8,7 +8,7 @@ module API ...@@ -8,7 +8,7 @@ module API
params do params do
requires :id, type: String, desc: 'The project ID' requires :id, type: String, desc: 'The project ID'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get all deployments of the project' do desc 'Get all deployments of the project' do
detail 'This feature was introduced in GitLab 8.11.' detail 'This feature was introduced in GitLab 8.11.'
success Entities::Deployment success Entities::Deployment
......
...@@ -9,7 +9,7 @@ module API ...@@ -9,7 +9,7 @@ module API
params do params do
requires :id, type: String, desc: 'The project ID' requires :id, type: String, desc: 'The project ID'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get all environments of the project' do desc 'Get all environments of the project' do
detail 'This feature was introduced in GitLab 8.11.' detail 'This feature was introduced in GitLab 8.11.'
success Entities::Environment success Entities::Environment
......
...@@ -52,7 +52,7 @@ module API ...@@ -52,7 +52,7 @@ module API
params do params do
requires :id, type: String, desc: 'The project ID' requires :id, type: String, desc: 'The project ID'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get raw file contents from the repository' desc 'Get raw file contents from the repository'
params do params do
requires :file_path, type: String, desc: 'The url encoded path to the file. Ex. lib%2Fclass%2Erb' requires :file_path, type: String, desc: 'The url encoded path to the file. Ex. lib%2Fclass%2Erb'
......
...@@ -84,7 +84,7 @@ module API ...@@ -84,7 +84,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a group' requires :id, type: String, desc: 'The ID of a group'
end end
resource :groups do resource :groups, requirements: { id: %r{[^/]+} } do
desc 'Update a group. Available only for users who can administrate groups.' do desc 'Update a group. Available only for users who can administrate groups.' do
success Entities::Group success Entities::Group
end end
...@@ -154,7 +154,7 @@ module API ...@@ -154,7 +154,7 @@ module API
params do params do
requires :project_id, type: String, desc: 'The ID or path of the project' requires :project_id, type: String, desc: 'The ID or path of the project'
end end
post ":id/projects/:project_id" do post ":id/projects/:project_id", requirements: { project_id: /.+/ } do
authenticated_as_admin! authenticated_as_admin!
group = find_group!(params[:id]) group = find_group!(params[:id])
project = find_project!(params[:project_id]) project = find_project!(params[:project_id])
......
...@@ -58,7 +58,7 @@ module API ...@@ -58,7 +58,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a group' requires :id, type: String, desc: 'The ID of a group'
end end
resource :groups do resource :groups, requirements: { id: %r{[^/]+} } do
desc 'Get a list of group issues' do desc 'Get a list of group issues' do
success Entities::IssueBasic success Entities::IssueBasic
end end
...@@ -79,7 +79,7 @@ module API ...@@ -79,7 +79,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
include TimeTrackingEndpoints include TimeTrackingEndpoints
desc 'Get a list of project issues' do desc 'Get a list of project issues' do
......
...@@ -7,7 +7,7 @@ module API ...@@ -7,7 +7,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
helpers do helpers do
params :optional_scope do params :optional_scope do
optional :scope, types: [String, Array[String]], desc: 'The scope of builds to show', optional :scope, types: [String, Array[String]], desc: 'The scope of builds to show',
......
...@@ -7,7 +7,7 @@ module API ...@@ -7,7 +7,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get all labels of the project' do desc 'Get all labels of the project' do
success Entities::Label success Entities::Label
end end
......
...@@ -10,7 +10,7 @@ module API ...@@ -10,7 +10,7 @@ module API
params do params do
requires :id, type: String, desc: "The #{source_type} ID" requires :id, type: String, desc: "The #{source_type} ID"
end end
resource source_type.pluralize do resource source_type.pluralize, requirements: { id: %r{[^/]+} } do
desc 'Gets a list of group or project members viewable by the authenticated user.' do desc 'Gets a list of group or project members viewable by the authenticated user.' do
success Entities::Member success Entities::Member
end end
......
...@@ -5,14 +5,16 @@ module API ...@@ -5,14 +5,16 @@ module API
before { authenticate! } before { authenticate! }
resource :projects do params do
requires :id, type: String, desc: 'The ID of a project'
end
resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get a list of merge request diff versions' do desc 'Get a list of merge request diff versions' do
detail 'This feature was introduced in GitLab 8.12.' detail 'This feature was introduced in GitLab 8.12.'
success Entities::MergeRequestDiff success Entities::MergeRequestDiff
end end
params do params do
requires :id, type: String, desc: 'The ID of a project'
requires :merge_request_iid, type: Integer, desc: 'The IID of a merge request' requires :merge_request_iid, type: Integer, desc: 'The IID of a merge request'
use :pagination use :pagination
end end
...@@ -28,7 +30,6 @@ module API ...@@ -28,7 +30,6 @@ module API
end end
params do params do
requires :id, type: String, desc: 'The ID of a project'
requires :merge_request_iid, type: Integer, desc: 'The IID of a merge request' requires :merge_request_iid, type: Integer, desc: 'The IID of a merge request'
requires :version_id, type: Integer, desc: 'The ID of a merge request diff version' requires :version_id, type: Integer, desc: 'The ID of a merge request diff version'
end end
......
...@@ -7,7 +7,7 @@ module API ...@@ -7,7 +7,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
include TimeTrackingEndpoints include TimeTrackingEndpoints
helpers do helpers do
......
...@@ -23,7 +23,7 @@ module API ...@@ -23,7 +23,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get a list of project milestones' do desc 'Get a list of project milestones' do
success Entities::Milestone success Entities::Milestone
end end
......
...@@ -9,7 +9,7 @@ module API ...@@ -9,7 +9,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
NOTEABLE_TYPES.each do |noteable_type| NOTEABLE_TYPES.each do |noteable_type|
noteables_str = noteable_type.to_s.underscore.pluralize noteables_str = noteable_type.to_s.underscore.pluralize
......
...@@ -48,14 +48,14 @@ module API ...@@ -48,14 +48,14 @@ module API
end end
%w[group project].each do |source_type| %w[group project].each do |source_type|
resource source_type.pluralize do params do
requires :id, type: String, desc: "The #{source_type} ID"
end
resource source_type.pluralize, requirements: { id: %r{[^/]+} } do
desc "Get #{source_type} level notification level settings, defaults to Global" do desc "Get #{source_type} level notification level settings, defaults to Global" do
detail 'This feature was introduced in GitLab 8.12' detail 'This feature was introduced in GitLab 8.12'
success Entities::NotificationSetting success Entities::NotificationSetting
end end
params do
requires :id, type: String, desc: 'The group ID or project ID or project NAMESPACE/PROJECT_NAME'
end
get ":id/notification_settings" do get ":id/notification_settings" do
source = find_source(source_type, params[:id]) source = find_source(source_type, params[:id])
...@@ -69,7 +69,6 @@ module API ...@@ -69,7 +69,6 @@ module API
success Entities::NotificationSetting success Entities::NotificationSetting
end end
params do params do
requires :id, type: String, desc: 'The group ID or project ID or project NAMESPACE/PROJECT_NAME'
optional :level, type: String, desc: "The #{source_type} notification level" optional :level, type: String, desc: "The #{source_type} notification level"
NotificationSetting::EMAIL_EVENTS.each do |event| NotificationSetting::EMAIL_EVENTS.each do |event|
optional event, type: Boolean, desc: 'Enable/disable this notification' optional event, type: Boolean, desc: 'Enable/disable this notification'
......
...@@ -7,7 +7,7 @@ module API ...@@ -7,7 +7,7 @@ module API
params do params do
requires :id, type: String, desc: 'The project ID' requires :id, type: String, desc: 'The project ID'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get all Pipelines of the project' do desc 'Get all Pipelines of the project' do
detail 'This feature was introduced in GitLab 8.11.' detail 'This feature was introduced in GitLab 8.11.'
success Entities::PipelineBasic success Entities::PipelineBasic
......
...@@ -24,7 +24,7 @@ module API ...@@ -24,7 +24,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get project hooks' do desc 'Get project hooks' do
success Entities::ProjectHook success Entities::ProjectHook
end end
......
...@@ -7,7 +7,7 @@ module API ...@@ -7,7 +7,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
helpers do helpers do
def handle_project_member_errors(errors) def handle_project_member_errors(errors)
if errors[:project_access].any? if errors[:project_access].any?
......
...@@ -142,7 +142,7 @@ module API ...@@ -142,7 +142,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects, requirements: { id: /[^\/]+/ } do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get a single project' do desc 'Get a single project' do
success Entities::ProjectWithAccess success Entities::ProjectWithAccess
end end
......
...@@ -9,7 +9,7 @@ module API ...@@ -9,7 +9,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
helpers do helpers do
def handle_project_member_errors(errors) def handle_project_member_errors(errors)
if errors[:project_access].any? if errors[:project_access].any?
......
...@@ -86,7 +86,7 @@ module API ...@@ -86,7 +86,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
before { authorize_admin_project } before { authorize_admin_project }
desc 'Get runners available for project' do desc 'Get runners available for project' do
......
...@@ -604,7 +604,10 @@ module API ...@@ -604,7 +604,10 @@ module API
] ]
}.freeze }.freeze
resource :projects do params do
requires :id, type: String, desc: 'The ID of a project'
end
resource :projects, requirements: { id: %r{[^/]+} } do
before { authenticate! } before { authenticate! }
before { authorize_admin_project } before { authorize_admin_project }
...@@ -692,7 +695,7 @@ module API ...@@ -692,7 +695,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc "Trigger a slash command for #{service_slug}" do desc "Trigger a slash command for #{service_slug}" do
detail 'Added in GitLab 8.13' detail 'Added in GitLab 8.13'
end end
......
...@@ -12,7 +12,7 @@ module API ...@@ -12,7 +12,7 @@ module API
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
requires :subscribable_id, type: String, desc: 'The ID of a resource' requires :subscribable_id, type: String, desc: 'The ID of a resource'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
subscribable_types.each do |type, finder| subscribable_types.each do |type, finder|
type_singularized = type.singularize type_singularized = type.singularize
entity_class = Entities.const_get(type_singularized.camelcase) entity_class = Entities.const_get(type_singularized.camelcase)
......
...@@ -7,7 +7,7 @@ module API ...@@ -7,7 +7,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get a project repository tags' do desc 'Get a project repository tags' do
success Entities::RepoTag success Entities::RepoTag
end end
......
...@@ -12,7 +12,7 @@ module API ...@@ -12,7 +12,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
ISSUABLE_TYPES.each do |type, finder| ISSUABLE_TYPES.each do |type, finder|
type_id_str = "#{type.singularize}_iid".to_sym type_id_str = "#{type.singularize}_iid".to_sym
......
...@@ -5,7 +5,7 @@ module API ...@@ -5,7 +5,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Trigger a GitLab project pipeline' do desc 'Trigger a GitLab project pipeline' do
success Entities::Pipeline success Entities::Pipeline
end end
......
...@@ -6,7 +6,7 @@ module API ...@@ -6,7 +6,7 @@ module API
before { authenticate! } before { authenticate! }
AWARDABLES = %w[issue merge_request snippet].freeze AWARDABLES = %w[issue merge_request snippet].freeze
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
AWARDABLES.each do |awardable_type| AWARDABLES.each do |awardable_type|
awardable_string = awardable_type.pluralize awardable_string = awardable_type.pluralize
awardable_id_string = "#{awardable_type}_id" awardable_id_string = "#{awardable_type}_id"
......
...@@ -6,7 +6,7 @@ module API ...@@ -6,7 +6,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get all project boards' do desc 'Get all project boards' do
detail 'This feature was introduced in 8.13' detail 'This feature was introduced in 8.13'
success ::API::Entities::Board success ::API::Entities::Board
......
...@@ -9,7 +9,7 @@ module API ...@@ -9,7 +9,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get a project repository branches' do desc 'Get a project repository branches' do
success ::API::Entities::RepoBranch success ::API::Entities::RepoBranch
end end
......
...@@ -11,7 +11,7 @@ module API ...@@ -11,7 +11,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get a project repository commits' do desc 'Get a project repository commits' do
success ::API::Entities::RepoCommit success ::API::Entities::RepoCommit
end end
......
...@@ -13,7 +13,7 @@ module API ...@@ -13,7 +13,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of the project' requires :id, type: String, desc: 'The ID of the project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
before { authorize_admin_project } before { authorize_admin_project }
%w(keys deploy_keys).each do |path| %w(keys deploy_keys).each do |path|
......
...@@ -9,7 +9,7 @@ module API ...@@ -9,7 +9,7 @@ module API
params do params do
requires :id, type: String, desc: 'The project ID' requires :id, type: String, desc: 'The project ID'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get all deployments of the project' do desc 'Get all deployments of the project' do
detail 'This feature was introduced in GitLab 8.11.' detail 'This feature was introduced in GitLab 8.11.'
success ::API::V3::Deployments success ::API::V3::Deployments
......
...@@ -9,7 +9,7 @@ module API ...@@ -9,7 +9,7 @@ module API
params do params do
requires :id, type: String, desc: 'The project ID' requires :id, type: String, desc: 'The project ID'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get all environments of the project' do desc 'Get all environments of the project' do
detail 'This feature was introduced in GitLab 8.11.' detail 'This feature was introduced in GitLab 8.11.'
success Entities::Environment success Entities::Environment
......
...@@ -40,7 +40,7 @@ module API ...@@ -40,7 +40,7 @@ module API
params do params do
requires :id, type: String, desc: 'The project ID' requires :id, type: String, desc: 'The project ID'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get a file from repository' desc 'Get a file from repository'
params do params do
requires :file_path, type: String, desc: 'The path to the file. Ex. lib/class.rb' requires :file_path, type: String, desc: 'The path to the file. Ex. lib/class.rb'
......
...@@ -93,7 +93,7 @@ module API ...@@ -93,7 +93,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a group' requires :id, type: String, desc: 'The ID of a group'
end end
resource :groups do resource :groups, requirements: { id: %r{[^/]+} } do
desc 'Update a group. Available only for users who can administrate groups.' do desc 'Update a group. Available only for users who can administrate groups.' do
success Entities::Group success Entities::Group
end end
...@@ -163,7 +163,7 @@ module API ...@@ -163,7 +163,7 @@ module API
params do params do
requires :project_id, type: String, desc: 'The ID or path of the project' requires :project_id, type: String, desc: 'The ID or path of the project'
end end
post ":id/projects/:project_id" do post ":id/projects/:project_id", requirements: { project_id: /.+/ } do
authenticated_as_admin! authenticated_as_admin!
group = find_group!(params[:id]) group = find_group!(params[:id])
project = find_project!(params[:project_id]) project = find_project!(params[:project_id])
......
...@@ -68,7 +68,7 @@ module API ...@@ -68,7 +68,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a group' requires :id, type: String, desc: 'The ID of a group'
end end
resource :groups do resource :groups, requirements: { id: %r{[^/]+} } do
desc 'Get a list of group issues' do desc 'Get a list of group issues' do
success ::API::Entities::Issue success ::API::Entities::Issue
end end
...@@ -89,7 +89,7 @@ module API ...@@ -89,7 +89,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
include TimeTrackingEndpoints include TimeTrackingEndpoints
desc 'Get a list of project issues' do desc 'Get a list of project issues' do
......
...@@ -6,7 +6,7 @@ module API ...@@ -6,7 +6,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get all labels of the project' do desc 'Get all labels of the project' do
success ::API::Entities::Label success ::API::Entities::Label
end end
......
...@@ -11,7 +11,7 @@ module API ...@@ -11,7 +11,7 @@ module API
params do params do
requires :id, type: String, desc: "The #{source_type} ID" requires :id, type: String, desc: "The #{source_type} ID"
end end
resource source_type.pluralize do resource source_type.pluralize, requirements: { id: %r{[^/]+} } do
desc 'Gets a list of group or project members viewable by the authenticated user.' do desc 'Gets a list of group or project members viewable by the authenticated user.' do
success ::API::Entities::Member success ::API::Entities::Member
end end
......
...@@ -4,14 +4,16 @@ module API ...@@ -4,14 +4,16 @@ module API
class MergeRequestDiffs < Grape::API class MergeRequestDiffs < Grape::API
before { authenticate! } before { authenticate! }
resource :projects do params do
requires :id, type: String, desc: 'The ID of a project'
end
resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get a list of merge request diff versions' do desc 'Get a list of merge request diff versions' do
detail 'This feature was introduced in GitLab 8.12.' detail 'This feature was introduced in GitLab 8.12.'
success ::API::Entities::MergeRequestDiff success ::API::Entities::MergeRequestDiff
end end
params do params do
requires :id, type: String, desc: 'The ID of a project'
requires :merge_request_id, type: Integer, desc: 'The ID of a merge request' requires :merge_request_id, type: Integer, desc: 'The ID of a merge request'
end end
...@@ -27,7 +29,6 @@ module API ...@@ -27,7 +29,6 @@ module API
end end
params do params do
requires :id, type: String, desc: 'The ID of a project'
requires :merge_request_id, type: Integer, desc: 'The ID of a merge request' requires :merge_request_id, type: Integer, desc: 'The ID of a merge request'
requires :version_id, type: Integer, desc: 'The ID of a merge request diff version' requires :version_id, type: Integer, desc: 'The ID of a merge request diff version'
end end
......
...@@ -10,7 +10,7 @@ module API ...@@ -10,7 +10,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
include TimeTrackingEndpoints include TimeTrackingEndpoints
helpers do helpers do
......
...@@ -18,7 +18,7 @@ module API ...@@ -18,7 +18,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get a list of project milestones' do desc 'Get a list of project milestones' do
success ::API::Entities::Milestone success ::API::Entities::Milestone
end end
......
...@@ -10,7 +10,7 @@ module API ...@@ -10,7 +10,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
NOTEABLE_TYPES.each do |noteable_type| NOTEABLE_TYPES.each do |noteable_type|
noteables_str = noteable_type.to_s.underscore.pluralize noteables_str = noteable_type.to_s.underscore.pluralize
......
...@@ -8,7 +8,7 @@ module API ...@@ -8,7 +8,7 @@ module API
params do params do
requires :id, type: String, desc: 'The project ID' requires :id, type: String, desc: 'The project ID'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get all Pipelines of the project' do desc 'Get all Pipelines of the project' do
detail 'This feature was introduced in GitLab 8.11.' detail 'This feature was introduced in GitLab 8.11.'
success ::API::Entities::Pipeline success ::API::Entities::Pipeline
......
...@@ -25,7 +25,7 @@ module API ...@@ -25,7 +25,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get project hooks' do desc 'Get project hooks' do
success ::API::V3::Entities::ProjectHook success ::API::V3::Entities::ProjectHook
end end
......
...@@ -8,7 +8,7 @@ module API ...@@ -8,7 +8,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
helpers do helpers do
def handle_project_member_errors(errors) def handle_project_member_errors(errors)
if errors[:project_access].any? if errors[:project_access].any?
......
...@@ -234,7 +234,7 @@ module API ...@@ -234,7 +234,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects, requirements: { id: /[^\/]+/ } do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get a single project' do desc 'Get a single project' do
success ::API::V3::Entities::ProjectWithAccess success ::API::V3::Entities::ProjectWithAccess
end end
......
...@@ -8,7 +8,7 @@ module API ...@@ -8,7 +8,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
helpers do helpers do
def handle_project_member_errors(errors) def handle_project_member_errors(errors)
if errors[:project_access].any? if errors[:project_access].any?
......
...@@ -26,7 +26,7 @@ module API ...@@ -26,7 +26,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
before { authorize_admin_project } before { authorize_admin_project }
desc "Disable project's runner" do desc "Disable project's runner" do
......
...@@ -554,7 +554,10 @@ module API ...@@ -554,7 +554,10 @@ module API
] ]
}.freeze }.freeze
resource :projects do params do
requires :id, type: String, desc: 'The ID of a project'
end
resource :projects, requirements: { id: %r{[^/]+} } do
before { authenticate! } before { authenticate! }
before { authorize_admin_project } before { authorize_admin_project }
...@@ -609,7 +612,7 @@ module API ...@@ -609,7 +612,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc "Trigger a slash command for #{service_slug}" do desc "Trigger a slash command for #{service_slug}" do
detail 'Added in GitLab 8.13' detail 'Added in GitLab 8.13'
end end
......
...@@ -14,7 +14,7 @@ module API ...@@ -14,7 +14,7 @@ module API
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
requires :subscribable_id, type: String, desc: 'The ID of a resource' requires :subscribable_id, type: String, desc: 'The ID of a resource'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
subscribable_types.each do |type, finder| subscribable_types.each do |type, finder|
type_singularized = type.singularize type_singularized = type.singularize
entity_class = ::API::Entities.const_get(type_singularized.camelcase) entity_class = ::API::Entities.const_get(type_singularized.camelcase)
......
...@@ -6,7 +6,7 @@ module API ...@@ -6,7 +6,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get a project repository tags' do desc 'Get a project repository tags' do
success ::API::Entities::RepoTag success ::API::Entities::RepoTag
end end
......
...@@ -6,7 +6,7 @@ module API ...@@ -6,7 +6,7 @@ module API
params do params do
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Trigger a GitLab project build' do desc 'Trigger a GitLab project build' do
success ::API::V3::Entities::TriggerRequest success ::API::V3::Entities::TriggerRequest
end end
......
...@@ -10,7 +10,7 @@ module API ...@@ -10,7 +10,7 @@ module API
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Delete an existing variable from a project' do desc 'Delete an existing variable from a project' do
success ::API::Entities::Variable success ::API::Entities::Variable
end end
......
...@@ -9,7 +9,7 @@ module API ...@@ -9,7 +9,7 @@ module API
requires :id, type: String, desc: 'The ID of a project' requires :id, type: String, desc: 'The ID of a project'
end end
resource :projects do resource :projects, requirements: { id: %r{[^/]+} } do
desc 'Get project variables' do desc 'Get project variables' do
success Entities::Variable success Entities::Variable
end end
......
...@@ -178,7 +178,7 @@ describe API::Commits, api: true do ...@@ -178,7 +178,7 @@ describe API::Commits, api: true do
end end
end end
describe "Create a commit with multiple files and actions" do describe "POST /projects/:id/repository/commits" do
let!(:url) { "/projects/#{project.id}/repository/commits" } let!(:url) { "/projects/#{project.id}/repository/commits" }
it 'returns a 403 unauthorized for user without permissions' do it 'returns a 403 unauthorized for user without permissions' do
...@@ -193,7 +193,7 @@ describe API::Commits, api: true do ...@@ -193,7 +193,7 @@ describe API::Commits, api: true do
expect(response).to have_http_status(400) expect(response).to have_http_status(400)
end end
context :create do describe 'create' do
let(:message) { 'Created file' } let(:message) { 'Created file' }
let!(:invalid_c_params) do let!(:invalid_c_params) do
{ {
...@@ -237,8 +237,8 @@ describe API::Commits, api: true do ...@@ -237,8 +237,8 @@ describe API::Commits, api: true do
expect(response).to have_http_status(400) expect(response).to have_http_status(400)
end end
context 'with project path in URL' do context 'with project path containing a dot in URL' do
let(:url) { "/projects/#{project.full_path.gsub('/', '%2F')}/repository/commits" } let(:url) { "/projects/#{CGI.escape(project.full_path)}/repository/commits" }
it 'a new file in project repo' do it 'a new file in project repo' do
post api(url, user), valid_c_params post api(url, user), valid_c_params
...@@ -248,7 +248,7 @@ describe API::Commits, api: true do ...@@ -248,7 +248,7 @@ describe API::Commits, api: true do
end end
end end
context :delete do describe 'delete' do
let(:message) { 'Deleted file' } let(:message) { 'Deleted file' }
let!(:invalid_d_params) do let!(:invalid_d_params) do
{ {
...@@ -289,7 +289,7 @@ describe API::Commits, api: true do ...@@ -289,7 +289,7 @@ describe API::Commits, api: true do
end end
end end
context :move do describe 'move' do
let(:message) { 'Moved file' } let(:message) { 'Moved file' }
let!(:invalid_m_params) do let!(:invalid_m_params) do
{ {
...@@ -334,7 +334,7 @@ describe API::Commits, api: true do ...@@ -334,7 +334,7 @@ describe API::Commits, api: true do
end end
end end
context :update do describe 'update' do
let(:message) { 'Updated file' } let(:message) { 'Updated file' }
let!(:invalid_u_params) do let!(:invalid_u_params) do
{ {
...@@ -377,7 +377,7 @@ describe API::Commits, api: true do ...@@ -377,7 +377,7 @@ describe API::Commits, api: true do
end end
end end
context "multiple operations" do describe 'multiple operations' do
let(:message) { 'Multiple actions' } let(:message) { 'Multiple actions' }
let!(:invalid_mo_params) do let!(:invalid_mo_params) do
{ {
......
...@@ -88,7 +88,7 @@ describe API::V3::Commits, api: true do ...@@ -88,7 +88,7 @@ describe API::V3::Commits, api: true do
end end
end end
describe "Create a commit with multiple files and actions" do describe "POST /projects/:id/repository/commits" do
let!(:url) { "/projects/#{project.id}/repository/commits" } let!(:url) { "/projects/#{project.id}/repository/commits" }
it 'returns a 403 unauthorized for user without permissions' do it 'returns a 403 unauthorized for user without permissions' do
...@@ -103,7 +103,7 @@ describe API::V3::Commits, api: true do ...@@ -103,7 +103,7 @@ describe API::V3::Commits, api: true do
expect(response).to have_http_status(400) expect(response).to have_http_status(400)
end end
context :create do describe 'create' do
let(:message) { 'Created file' } let(:message) { 'Created file' }
let!(:invalid_c_params) do let!(:invalid_c_params) do
{ {
...@@ -147,8 +147,9 @@ describe API::V3::Commits, api: true do ...@@ -147,8 +147,9 @@ describe API::V3::Commits, api: true do
expect(response).to have_http_status(400) expect(response).to have_http_status(400)
end end
context 'with project path in URL' do context 'with project path containing a dot in URL' do
let(:url) { "/projects/#{project.full_path.gsub('/', '%2F')}/repository/commits" } let!(:user) { create(:user, username: 'foo.bar') }
let(:url) { "/projects/#{CGI.escape(project.full_path)}/repository/commits" }
it 'a new file in project repo' do it 'a new file in project repo' do
post v3_api(url, user), valid_c_params post v3_api(url, user), valid_c_params
...@@ -158,7 +159,7 @@ describe API::V3::Commits, api: true do ...@@ -158,7 +159,7 @@ describe API::V3::Commits, api: true do
end end
end end
context :delete do describe 'delete' do
let(:message) { 'Deleted file' } let(:message) { 'Deleted file' }
let!(:invalid_d_params) do let!(:invalid_d_params) do
{ {
...@@ -199,7 +200,7 @@ describe API::V3::Commits, api: true do ...@@ -199,7 +200,7 @@ describe API::V3::Commits, api: true do
end end
end end
context :move do describe 'move' do
let(:message) { 'Moved file' } let(:message) { 'Moved file' }
let!(:invalid_m_params) do let!(:invalid_m_params) do
{ {
...@@ -244,7 +245,7 @@ describe API::V3::Commits, api: true do ...@@ -244,7 +245,7 @@ describe API::V3::Commits, api: true do
end end
end end
context :update do describe 'update' do
let(:message) { 'Updated file' } let(:message) { 'Updated file' }
let!(:invalid_u_params) do let!(:invalid_u_params) do
{ {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment