Update API endpoints for raw files

changelogs/unreleased/issue_16834.yml

+---
+title: Update API endpoints for raw files
+merge_request:
+author:

doc/api/repositories.md

@@ -72,10 +72,11 @@ Parameters:
 ]
 ```
 
-## Raw file content
+## Get file from repository
 
-Get the raw file contents for a file by commit SHA and path. This endpoint can
-be accessed without authentication if the repository is publicly accessible.
+Allows you to receive information about file in repository like size and
+content. Note that file content is Base64 encoded. This endpoint can be accessed
+without authentication if the repository is publicly accessible.
 
 ```
 GET /projects/:id/repository/blobs/:sha
@@ -85,7 +86,6 @@ Parameters:
 
 - `id` (required) - The ID of a project
 - `sha` (required) - The commit or branch name
-- `filepath` (required) - The path the file
 
 ## Raw blob content
 
@@ -93,7 +93,7 @@ Get the raw file contents for a blob by blob SHA. This endpoint can be accessed
 without authentication if the repository is publicly accessible.
 
 ```
-GET /projects/:id/repository/raw_blobs/:sha
+GET /projects/:id/repository/blobs/:sha/raw
 ```
 
 Parameters:

doc/api/repository_files.md

@@ -11,11 +11,11 @@ content. Note that file content is Base64 encoded. This endpoint can be accessed
 without authentication if the repository is publicly accessible.
 
 ```
-GET /projects/:id/repository/files
+GET /projects/:id/repository/files/:file_path
 ```
 
 ```bash
-curl --request GET --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' 'https://gitlab.example.com/api/v4/projects/13083/repository/files?file_path=app/models/key.rb&ref=master'
+curl --request GET --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' 'https://gitlab.example.com/api/v4/projects/13083/repository/files/app%2Fmodels%2Fkey%2Erb?ref=master'
 ```
 
 Example response:
@@ -36,17 +36,32 @@ Example response:
 
 Parameters:
 
-- `file_path` (required) - Full path to new file. Ex. lib/class.rb
+- `file_path` (required) - Url encoded full path to new file. Ex. lib%2Fclass%2Erb
+- `ref` (required) - The name of branch, tag or commit
+
+## Get raw file from repository
+
+```
+GET /projects/:id/repository/files/:file_path/raw
+```
+
+```bash
+curl --request GET --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' 'https://gitlab.example.com/api/v4/projects/13083/repository/files/app%2Fmodels%2Fkey%2Erb/raw?ref=master'
+```
+
+Parameters:
+
+- `file_path` (required) - Url encoded full path to new file. Ex. lib%2Fclass%2Erb
 - `ref` (required) - The name of branch, tag or commit
 
 ## Create new file in repository
 
 ```
-POST /projects/:id/repository/files
+POST /projects/:id/repository/files/:file_path
 ```
 
 ```bash
-curl --request POST --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' 'https://gitlab.example.com/api/v4/projects/13083/repository/files?file_path=app/project.rb&branch=master&author_email=author%40example.com&author_name=Firstname%20Lastname&content=some%20content&commit_message=create%20a%20new%20file'
+curl --request POST --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' 'https://gitlab.example.com/api/v4/projects/13083/repository/app%2Fprojectrb%2E?branch=master&author_email=author%40example.com&author_name=Firstname%20Lastname&content=some%20content&commit_message=create%20a%20new%20file'
 ```
 
 Example response:
@@ -60,7 +75,7 @@ Example response:
 
 Parameters:
 
-- `file_path` (required) - Full path to new file. Ex. lib/class.rb
+- `file_path` (required) - Url encoded full path to new file. Ex. lib%2Fclass%2Erb
 - `branch` (required) - The name of branch
 - `encoding` (optional) - Change encoding to 'base64'. Default is text.
 - `author_email` (optional) - Specify the commit author's email address
@@ -71,11 +86,11 @@ Parameters:
 ## Update existing file in repository
 
 ```
-PUT /projects/:id/repository/files
+PUT /projects/:id/repository/files/:file_path
 ```
 
 ```bash
-curl --request PUT --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' 'https://gitlab.example.com/api/v4/projects/13083/repository/files?file_path=app/project.rb&branch=master&author_email=author%40example.com&author_name=Firstname%20Lastname&content=some%20other%20content&commit_message=update%20file'
+curl --request PUT --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' 'https://gitlab.example.com/api/v4/projects/13083/repository/app%2Fproject%2Erb?branch=master&author_email=author%40example.com&author_name=Firstname%20Lastname&content=some%20other%20content&commit_message=update%20file'
 ```
 
 Example response:
@@ -89,7 +104,7 @@ Example response:
 
 Parameters:
 
-- `file_path` (required) - Full path to file. Ex. lib/class.rb
+- `file_path` (required) - Url encoded full path to new file. Ex. lib%2Fclass%2Erb
 - `branch` (required) - The name of branch
 - `encoding` (optional) - Change encoding to 'base64'. Default is text.
 - `author_email` (optional) - Specify the commit author's email address
@@ -109,11 +124,11 @@ Currently gitlab-shell has a boolean return code, preventing GitLab from specify
 ## Delete existing file in repository
 
 ```
-DELETE /projects/:id/repository/files
+DELETE /projects/:id/repository/files/:file_path
 ```
 
 ```bash
-curl --request DELETE --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' 'https://gitlab.example.com/api/v4/projects/13083/repository/files?file_path=app/project.rb&branch=master&author_email=author%40example.com&author_name=Firstname%20Lastname&commit_message=delete%20file'
+curl --request DELETE --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' 'https://gitlab.example.com/api/v4/projects/13083/repository/app%2Fproject%2Erb?branch=master&author_email=author%40example.com&author_name=Firstname%20Lastname&commit_message=delete%20file'
 ```
 
 Example response:
@@ -127,7 +142,7 @@ Example response:
 
 Parameters:
 
-- `file_path` (required) - Full path to file. Ex. lib/class.rb
+- `file_path` (required) - Url encoded full path to new file. Ex. lib%2Fclass%2Erb
 - `branch` (required) - The name of branch
 - `author_email` (optional) - Specify the commit author's email address
 - `author_name` (optional) - Specify the commit author's name

doc/api/v3_to_v4.md

@@ -71,3 +71,7 @@ changes are in V4:
 - Simplify project payload exposed on Environment endpoints [!9675](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9675)
 - API uses merge request `IID`s (internal ID, as in the web UI) rather than `ID`s. This affects the merge requests, award emoji, todos, and time tracking APIs. [!9530](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9530)
 - API uses issue `IID`s (internal ID, as in the web UI) rather than `ID`s. This affects the issues, award emoji, todos, and time tracking APIs. [!9530](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9530)
+- Update endpoints for repository files [!9637](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9637)
+  - Moved `/projects/:id/repository/files` to `/projects/:id/repository/files/:filepath` (`:filepath` should be URL-encoded)
+  - Moved `/projects/:id/repository/blobs/:sha` to `/projects/:id/repository/files/:filepath/raw`
+  - Moved `/projects/:id/repository/raw_blobs/:sha` to `/projects/:id/repository/blobs/:sha/raw`

lib/api/files.rb

@@ -14,6 +14,19 @@ module API
         }
       end
 
+      def assign_file_vars!
+        @commit = user_project.commit(params[:ref])
+        not_found!('Commit') unless @commit
+
+        @repo      = user_project.repository
+        @file_path = params[:file_path]
+        @file_path = [params[:file_path], params[:format]].join('.') if params[:format].present?
+        @blob      = @repo.blob_at(@commit.sha, @file_path)
+
+        not_found!('File') unless @blob
+        @blob.load_all_data!(@repo)
+      end
+
       def commit_response(attrs)
         {
           file_path: attrs[:file_path],
@@ -22,7 +35,7 @@ module API
       end
 
       params :simple_file_params do
-        requires :file_path, type: String, desc: 'The path to new file. Ex. lib/class.rb'
+        requires :file_path, type: String, desc: 'The path to the file. Ex. lib/class.rb'
         requires :branch, type: String, desc: 'The name of branch'
         requires :commit_message, type: String, desc: 'Commit Message'
         optional :author_email, type: String, desc: 'The email of the author'
@@ -40,34 +53,41 @@ module API
       requires :id, type: String, desc: 'The project ID'
     end
     resource :projects do
-      desc 'Get a file from repository'
+      desc 'Get a file from repository in raw format'
       params do
-        requires :file_path, type: String, desc: 'The path to the file. Ex. lib/class.rb'
         requires :ref, type: String, desc: 'The name of branch, tag, or commit'
       end
-      get ":id/repository/files" do
+      get ":id/repository/files/:file_path/raw" do
         authorize! :download_code, user_project
 
-        commit = user_project.commit(params[:ref])
-        not_found!('Commit') unless commit
+        assign_file_vars!
+
+        status(200)
+
+        send_git_blob @repo, @blob
+      end
+
+      desc 'Get a file from repository in base64 format'
+      params do
+        requires :ref, type: String, desc: 'The name of branch, tag, or commit'
+      end
+      get ":id/repository/files/:file_path" do
+        authorize! :download_code, user_project
 
-        repo = user_project.repository
-        blob = repo.blob_at(commit.sha, params[:file_path])
-        not_found!('File') unless blob
+        assign_file_vars!
 
-        blob.load_all_data!(repo)
         status(200)
 
         {
-          file_name: blob.name,
-          file_path: blob.path,
-          size: blob.size,
+          file_name: @blob.name,
+          file_path: @blob.path,
+          size: @blob.size,
           encoding: "base64",
-          content: Base64.strict_encode64(blob.data),
+          content: Base64.strict_encode64(@blob.data),
           ref: params[:ref],
-          blob_id: blob.id,
-          commit_id: commit.id,
-          last_commit_id: repo.last_commit_id_for_path(commit.sha, params[:file_path])
+          blob_id: @blob.id,
+          commit_id: @commit.id,
+          last_commit_id: @repo.last_commit_id_for_path(@commit.sha, @file_path)
         }
       end
 
@@ -75,7 +95,7 @@ module API
       params do
         use :extended_file_params
       end
-      post ":id/repository/files" do
+      post ":id/repository/files/:file_path", requirements: { file_path: /.+/ } do
         authorize! :push_code, user_project
 
         file_params = declared_params(include_missing: false)
@@ -93,7 +113,7 @@ module API
       params do
         use :extended_file_params
       end
-      put ":id/repository/files" do
+      put ":id/repository/files/:file_path", requirements: { file_path: /.+/ } do
         authorize! :push_code, user_project
 
         file_params = declared_params(include_missing: false)
@@ -112,7 +132,7 @@ module API
       params do
         use :simple_file_params
       end
-      delete ":id/repository/files" do
+      delete ":id/repository/files/:file_path", requirements: { file_path: /.+/ } do
         authorize! :push_code, user_project
 
         file_params = declared_params(include_missing: false)

lib/api/repositories.rb

@@ -17,6 +17,18 @@ module API
           end
           not_found!
         end
+
+        def assign_blob_vars!
+          @repo = user_project.repository
+
+          begin
+            @blob = Gitlab::Git::Blob.raw(@repo, params[:sha])
+          rescue
+            not_found! 'Blob'
+          end
+
+          not_found! 'Blob' unless @blob
+        end
       end
 
       desc 'Get a project repository tree' do
@@ -45,7 +57,7 @@ module API
         requires :sha, type: String, desc: 'The commit, branch name, or tag name'
         requires :filepath, type: String, desc: 'The path to the file to display'
       end
-      get [":id/repository/blobs/:sha", ":id/repository/commits/:sha/blob"] do
+      get ":id/repository/commits/:sha/blob" do
         repo = user_project.repository
 
         commit = repo.commit(params[:sha])
@@ -57,22 +69,33 @@ module API
         send_git_blob repo, blob
       end
 
-      desc 'Get a raw blob contents by blob sha'
+      desc 'Get raw blob by sha'
       params do
         requires :sha, type: String, desc: 'The commit, branch name, or tag name'
       end
-      get ':id/repository/raw_blobs/:sha' do
-        repo = user_project.repository
+      get ':id/repository/blobs/:sha/:raw' do
+        assign_blob_vars!
 
-        begin
-          blob = Gitlab::Git::Blob.raw(repo, params[:sha])
-        rescue
-          not_found! 'Blob'
-        end
+        status(200)
 
-        not_found! 'Blob' unless blob
+        send_git_blob @repo, @blob
+      end
 
-        send_git_blob repo, blob
+      desc 'Get blob base4 encoded content by sha'
+      params do
+        requires :sha, type: String, desc: 'The commit, branch name, or tag name'
+      end
+      get ':id/repository/blobs/:sha' do
+        assign_blob_vars!
+
+        status(200)
+
+        {
+          size: @blob.size,
+          encoding: "base64",
+          content: Base64.strict_encode64(@blob.data),
+          sha: @blob.id
+        }
       end
 
       desc 'Get an archive of the repository'

spec/requests/api/repositories_spec.rb

@@ -100,82 +100,136 @@ describe API::Repositories, api: true  do
     end
   end
 
-  {
-    'blobs/:sha' => 'blobs/master',
-    'commits/:sha/blob' => 'commits/master/blob'
-  }.each do |desc_path, example_path|
-    describe "GET /projects/:id/repository/#{desc_path}" do
-      let(:route) { "/projects/#{project.id}/repository/#{example_path}?filepath=README.md" }
-
-      shared_examples_for 'repository blob' do
-        it 'returns the repository blob' do
-          get api(route, current_user)
-
-          expect(response).to have_http_status(200)
-        end
+  describe "GET /projects/:id/repository/commits/:sha/blob" do
+    let(:route) { "/projects/#{project.id}/repository/commits/master/blob?filepath=README.md" }
 
-        context 'when sha does not exist' do
-          it_behaves_like '404 response' do
-            let(:request) { get api(route.sub('master', 'invalid_branch_name'), current_user) }
-            let(:message) { '404 Commit Not Found' }
-          end
+    shared_examples_for 'repository blob' do
+      it 'returns the repository blob' do
+        get api(route, current_user)
+
+        expect(response).to have_http_status(200)
+      end
+
+      context 'when sha does not exist' do
+        it_behaves_like '404 response' do
+          let(:request) { get api(route.sub('master', 'invalid_branch_name'), current_user) }
+          let(:message) { '404 Commit Not Found' }
         end
+      end
 
-        context 'when filepath does not exist' do
-          it_behaves_like '404 response' do
-            let(:request) { get api(route.sub('README.md', 'README.invalid'), current_user) }
-            let(:message) { '404 File Not Found' }
-          end
+      context 'when filepath does not exist' do
+        it_behaves_like '404 response' do
+          let(:request) { get api(route.sub('README.md', 'README.invalid'), current_user) }
+          let(:message) { '404 File Not Found' }
         end
+      end
 
-        context 'when no filepath is given' do
-          it_behaves_like '400 response' do
-            let(:request) { get api(route.sub('?filepath=README.md', ''), current_user) }
-          end
+      context 'when no filepath is given' do
+        it_behaves_like '400 response' do
+          let(:request) { get api(route.sub('?filepath=README.md', ''), current_user) }
         end
+      end
 
-        context 'when repository is disabled' do
-          include_context 'disabled repository'
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
 
-          it_behaves_like '403 response' do
-            let(:request) { get api(route, current_user) }
-          end
+        it_behaves_like '403 response' do
+          let(:request) { get api(route, current_user) }
         end
       end
+    end
 
-      context 'when unauthenticated', 'and project is public' do
-        it_behaves_like 'repository blob' do
-          let(:project) { create(:project, :public, :repository) }
-          let(:current_user) { nil }
-        end
+    context 'when unauthenticated', 'and project is public' do
+      it_behaves_like 'repository blob' do
+        let(:project) { create(:project, :public, :repository) }
+        let(:current_user) { nil }
       end
+    end
 
-      context 'when unauthenticated', 'and project is private' do
-        it_behaves_like '404 response' do
-          let(:request) { get api(route) }
-          let(:message) { '404 Project Not Found' }
-        end
+    context 'when unauthenticated', 'and project is private' do
+      it_behaves_like '404 response' do
+        let(:request) { get api(route) }
+        let(:message) { '404 Project Not Found' }
       end
+    end
 
-      context 'when authenticated', 'as a developer' do
-        it_behaves_like 'repository blob' do
-          let(:current_user) { user }
+    context 'when authenticated', 'as a developer' do
+      it_behaves_like 'repository blob' do
+        let(:current_user) { user }
+      end
+    end
+
+    context 'when authenticated', 'as a guest' do
+      it_behaves_like '403 response' do
+        let(:request) { get api(route, guest) }
+      end
+    end
+  end
+
+  describe "GET /projects/:id/repository/blobs/:sha" do
+    let(:route) { "/projects/#{project.id}/repository/blobs/#{sample_blob.oid}" }
+
+    shared_examples_for 'repository blob' do
+      it 'returns blob attributes as json' do
+        get api(route, current_user)
+
+        expect(response).to have_http_status(200)
+        expect(json_response['size']).to eq(111)
+        expect(json_response['encoding']).to eq("base64")
+        expect(Base64.decode64(json_response['content']).lines.first).to eq("class Commit\n")
+        expect(json_response['sha']).to eq(sample_blob.oid)
+      end
+
+      context 'when sha does not exist' do
+        it_behaves_like '404 response' do
+          let(:request) { get api(route.sub(sample_blob.oid, '123456'), current_user) }
+          let(:message) { '404 Blob Not Found' }
         end
       end
 
-      context 'when authenticated', 'as a guest' do
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
+
         it_behaves_like '403 response' do
-          let(:request) { get api(route, guest) }
+          let(:request) { get api(route, current_user) }
         end
       end
     end
+
+    context 'when unauthenticated', 'and project is public' do
+      it_behaves_like 'repository blob' do
+        let(:project) { create(:project, :public, :repository) }
+        let(:current_user) { nil }
+      end
+    end
+
+    context 'when unauthenticated', 'and project is private' do
+      it_behaves_like '404 response' do
+        let(:request) { get api(route) }
+        let(:message) { '404 Project Not Found' }
+      end
+    end
+
+    context 'when authenticated', 'as a developer' do
+      it_behaves_like 'repository blob' do
+        let(:current_user) { user }
+      end
+    end
+
+    context 'when authenticated', 'as a guest' do
+      it_behaves_like '403 response' do
+        let(:request) { get api(route, guest) }
+      end
+    end
   end
 
-  describe "GET /projects/:id/repository/raw_blobs/:sha" do
-    let(:route) { "/projects/#{project.id}/repository/raw_blobs/#{sample_blob.oid}" }
+  describe "GET /projects/:id/repository/blobs/:sha/raw" do
+    let(:route) { "/projects/#{project.id}/repository/blobs/#{sample_blob.oid}/raw" }
 
     shared_examples_for 'repository raw blob' do
       it 'returns the repository raw blob' do
+        expect(Gitlab::Workhorse).to receive(:send_git_blob)
+
         get api(route, current_user)
 
         expect(response).to have_http_status(200)