Removed API endpoint and specs

.codeclimate.yml

@@ -8,8 +8,6 @@ engines:
       languages:
       - ruby
       - javascript
-    exclude_paths:
-      - "lib/api/v3/*"
 ratings:
   paths:
   - Gemfile.lock

.rubocop_todo.yml

@@ -173,7 +173,6 @@ Lint/UriEscapeUnescape:
     - 'spec/requests/api/files_spec.rb'
     - 'spec/requests/api/internal_spec.rb'
     - 'spec/requests/api/issues_spec.rb'
-    - 'spec/requests/api/v3/issues_spec.rb'
 
 # Offense count: 1
 # Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
@@ -333,8 +332,6 @@ RSpec/ScatteredSetup:
     - 'spec/lib/gitlab/bitbucket_import/importer_spec.rb'
     - 'spec/lib/gitlab/git/env_spec.rb'
     - 'spec/requests/api/jobs_spec.rb'
-    - 'spec/requests/api/v3/builds_spec.rb'
-    - 'spec/requests/api/v3/projects_spec.rb'
     - 'spec/services/projects/create_service_spec.rb'
 
 # Offense count: 1
@@ -618,7 +615,6 @@ Style/OrAssignment:
   Exclude:
     - 'app/models/concerns/token_authenticatable.rb'
     - 'lib/api/commit_statuses.rb'
-    - 'lib/api/v3/members.rb'
     - 'lib/gitlab/project_transfer.rb'
 
 # Offense count: 50
@@ -781,7 +777,6 @@ Style/TernaryParentheses:
     - 'app/finders/projects_finder.rb'
     - 'app/helpers/namespaces_helper.rb'
     - 'features/support/capybara.rb'
-    - 'lib/api/v3/projects.rb'
     - 'lib/gitlab/ci/build/artifacts/metadata/entry.rb'
     - 'spec/requests/api/pipeline_schedules_spec.rb'
     - 'spec/support/capybara.rb'

app/models/application_setting.rb

@@ -361,17 +361,6 @@ def repository_storages
     Array(read_attribute(:repository_storages))
   end
 
-  # DEPRECATED
-  # repository_storage is still required in the API. Remove in 9.0
-  # Still used in API v3
-  def repository_storage
-    repository_storages.first
-  end
-
-  def repository_storage=(value)
-    self.repository_storages = [value]
-  end
-
   def default_project_visibility=(level)
     super(Gitlab::VisibilityLevel.level_value(level))
   end

app/models/concerns/project_features_compatibility.rb

-# Makes api V3 compatible with old project features permissions methods
+# Makes api V4 compatible with old project features permissions methods
 #
 # After migrating issues_enabled merge_requests_enabled builds_enabled snippets_enabled and wiki_enabled
 # fields to a new table "project_features", support for the old fields is still needed in the API.

changelogs/unreleased/fj-36819-remove-v3-api.yml

+---
+title: Removed API v3 from the codebase
+merge_request: 18970
+author:
+type: removed

doc/api/README.md

@@ -95,24 +95,23 @@ specification.
 ## Compatibility Guidelines
 
 The HTTP API is versioned using a single number, the current one being 4. This
-number symbolises the same as the major version number as described by 
+number symbolises the same as the major version number as described by
 [SemVer](https://semver.org/). This mean that backward incompatible changes
 will require this version number to change. However, the minor version is
-not explicit. This allows for a stable API endpoint, but also means new 
+not explicit. This allows for a stable API endpoint, but also means new
 features can be added to the API in the same version number.
 
 New features and bug fixes are released in tandem with a new GitLab, and apart
 from incidental patch and security releases, are released on the 22nd each
-month. Backward incompatible changes (e.g. endpoints removal, parameters 
-removal etc.), as well as removal of entire API versions are done in tandem 
-with a major point release of GitLab itself. All deprecations and changes 
-between two versions should be listed in the documentation. For the changes 
+month. Backward incompatible changes (e.g. endpoints removal, parameters
+removal etc.), as well as removal of entire API versions are done in tandem
+with a major point release of GitLab itself. All deprecations and changes
+between two versions should be listed in the documentation. For the changes
 between v3 and v4; please read the [v3 to v4 documentation](v3_to_v4.md)
 
 #### Current status
 
-Currently two API versions are available, v3 and v4. v3 is deprecated and 
-will soon be removed. Deletion is scheduled for 
+Currently only API version v4 is available. Version v3 was removed in
 [GitLab 11.0](https://gitlab.com/gitlab-org/gitlab-ce/issues/36819).
 
 ## Basic usage

doc/api/applications.md

@@ -23,7 +23,7 @@ POST /applications
 | `scopes` | string | yes | The scopes of the application |
 
 ```bash
-curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --data "name=MyApplication&redirect_uri=http://redirect.uri&scopes=" https://gitlab.example.com/api/v3/applications
+curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --data "name=MyApplication&redirect_uri=http://redirect.uri&scopes=" https://gitlab.example.com/api/v4/applications
 ```
 
 Example response:

doc/api/environments.md

@@ -123,7 +123,7 @@ POST /projects/:id/environments/:environment_id/stop
 | `environment_id` | integer | yes | The ID of the environment |
 
 ```bash
-curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v3/projects/1/environments/1/stop"
+curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/environments/1/stop"
 ```
 
 Example response:

doc/api/projects.md

@@ -1196,7 +1196,7 @@ The `file=` parameter must point to a file on your filesystem and be preceded
 by `@`. For example:
 
 ```bash
-curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "file=@dk.png" https://gitlab.example.com/api/v3/projects/5/uploads
+curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "file=@dk.png" https://gitlab.example.com/api/v4/projects/5/uploads
 ```
 
 Returned object:

doc/api/v3_to_v4.md

@@ -2,10 +2,9 @@
 
 Since GitLab 9.0, API V4 is the preferred version to be used.
 
-API V3 will be unsupported from GitLab 9.5, to be released on August
-22, 2017. It will be removed in GitLab 9.5 or later. In the meantime, we advise
-you to make any necessary changes to applications that use V3. The V3 API
-documentation is still
+API V3 was unsupported from GitLab 9.5, released on August
+22, 2017. API v3 was removed in [GitLab 11.0](https://gitlab.com/gitlab-org/gitlab-ce/issues/36819).
+The V3 API documentation is still
 [available](https://gitlab.com/gitlab-org/gitlab-ce/blob/8-16-stable/doc/api/README.md).
 
 Below are the changes made between V3 and V4.

doc/development/geo.md

@@ -81,7 +81,7 @@ improvements made to this communication layer.
 
 There is a specific **internal** endpoint in our api code (Grape),
 that receives all requests from this System Hooks:
-`/api/{v3,v4}/geo/receive_events`.
+`/api/v4/geo/receive_events`.
 
 We switch and filter from each event by the `event_name` field.
 

doc/integration/shibboleth.md

@@ -107,7 +107,7 @@ you will not get a shibboleth session!
   RewriteEngine on
 
   #Don't escape encoded characters in api requests
-  RewriteCond %{REQUEST_URI} ^/api/v3/.*
+  RewriteCond %{REQUEST_URI} ^/api/v4/.*
   RewriteCond %{REQUEST_URI} !/Shibboleth.sso
   RewriteCond %{REQUEST_URI} !/shibboleth-sp
   RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]

ee/lib/api/v3/ldap_group_links.rb

-module API
-  module V3
-    class LdapGroupLinks < Grape::API
-      before { authenticate! }
-
-      params do
-        requires :id, type: String, desc: 'The ID of a group'
-      end
-      resource :groups do
-        desc 'Remove a linked LDAP group from group'
-        params do
-          requires 'cn', type: String, desc: 'The CN of a LDAP group'
-        end
-        delete ":id/ldap_group_links/:cn" do
-          group = find_group(params[:id])
-          authorize! :admin_group, group
-
-          ldap_group_link = group.ldap_group_links.find_by(cn: params[:cn])
-          if ldap_group_link
-            status(200)
-            ldap_group_link.destroy
-          else
-            render_api_error!('Linked LDAP group not found', 404)
-          end
-        end
-
-        desc 'Remove a linked LDAP group from group'
-        params do
-          requires 'cn', type: String, desc: 'The CN of a LDAP group'
-          requires 'provider', type: String, desc: 'The LDAP provider for this LDAP group'
-        end
-        delete ":id/ldap_group_links/:provider/:cn" do
-          group = find_group(params[:id])
-          authorize! :admin_group, group
-
-          ldap_group_link = group.ldap_group_links.find_by(cn: params[:cn], provider: params[:provider])
-          if ldap_group_link
-            status(200)
-            ldap_group_link.destroy
-          else
-            render_api_error!('Linked LDAP group not found', 404)
-          end
-        end
-      end
-    end
-  end
-end

ee/lib/api/v3/project_git_hook.rb

-module API
-  module V3
-    class ProjectGitHook < Grape::API
-      before { authenticate! }
-      before { authorize_admin_project }
-      before { check_project_feature_available!(:push_rules) }
-
-      DEPRECATION_MESSAGE = 'This endpoint is deprecated, replaced with push_rules, and will be removed in GitLab 9.0.'.freeze
-
-      params do
-        requires :id, type: String, desc: 'The ID of a project'
-      end
-      resource :projects do
-        helpers do
-          params :push_rule_params do
-            optional :commit_message_regex, type: String, desc: 'The commit message regex'
-            optional :deny_delete_tag, type: Boolean, desc: 'Deny deleting a tag'
-            at_least_one_of :commit_message_regex, :deny_delete_tag
-          end
-        end
-
-        desc 'Get project push rule' do
-          success EE::API::Entities::ProjectPushRule
-          detail DEPRECATION_MESSAGE
-        end
-        get ":id/git_hook" do
-          push_rule = user_project.push_rule
-          present push_rule, with: EE::API::Entities::ProjectPushRule
-        end
-
-        desc 'Add a push rule to a project' do
-          success EE::API::Entities::ProjectPushRule
-          detail DEPRECATION_MESSAGE
-        end
-        params do
-          use :push_rule_params
-        end
-        post ":id/git_hook" do
-          if user_project.push_rule
-            error!("Project push rule exists", 422)
-          else
-            push_rule = user_project.create_push_rule(declared_params)
-            present push_rule, with: EE::API::Entities::ProjectPushRule
-          end
-        end
-
-        desc 'Update an existing project push rule' do
-          success EE::API::Entities::ProjectPushRule
-          detail DEPRECATION_MESSAGE
-        end
-        params do
-          use :push_rule_params
-        end
-        put ":id/git_hook" do
-          push_rule = user_project.push_rule
-          not_found!('Push Rule') unless push_rule
-
-          if push_rule.update_attributes(declared_params(include_missing: false))
-            present push_rule, with: EE::API::Entities::ProjectPushRule
-          else
-            render_validation_error!(push_rule)
-          end
-        end
-
-        desc 'Deletes project push rule' do
-          detail DEPRECATION_MESSAGE
-        end
-        delete ":id/git_hook" do
-          push_rule = user_project.push_rule
-          not_found!('Push Rule') unless push_rule
-
-          push_rule.destroy
-        end
-      end
-    end
-  end
-end

ee/lib/api/v3/project_push_rule.rb

-module API
-  module V3
-    class ProjectPushRule < Grape::API
-      before { authenticate! }
-      before { authorize_admin_project }
-      before { check_project_feature_available!(:push_rules) }
-
-      params do
-        requires :id, type: String, desc: 'The ID of a project'
-      end
-      resource :projects do
-        desc 'Deletes project push rule'
-        delete ":id/push_rule" do
-          push_rule = user_project.push_rule
-          not_found!('Push Rule') unless push_rule
-
-          status(200)
-          push_rule.destroy
-        end
-      end
-    end
-  end
-end

ee/spec/requests/api/v3/builds_spec.rb

-require 'spec_helper'
-
-describe API::V3::Builds do
-  set(:user) { create(:user) }
-  let(:api_user) { user }
-  set(:project) { create(:project, :repository, creator: user, public_builds: false) }
-  let!(:developer) { create(:project_member, :developer, user: user, project: project) }
-  let(:reporter) { create(:project_member, :reporter, project: project) }
-  let(:pipeline) { create(:ci_empty_pipeline, project: project, sha: project.commit.id, ref: project.default_branch) }
-  let(:build) { create(:ci_build, pipeline: pipeline) }
-
-  before do
-    stub_artifacts_object_storage
-  end
-
-  describe 'GET /projects/:id/builds/:build_id/artifacts' do
-    before do
-      get v3_api("/projects/#{project.id}/builds/#{build.id}/artifacts", api_user)
-    end
-
-    context 'when job with artifacts are stored remotely' do
-      let!(:artifact) { create(:ci_job_artifact, :archive, :remote_store, job: build) }
-
-      it 'returns location redirect' do
-        get v3_api("/projects/#{project.id}/builds/#{build.id}/artifacts", api_user)
-
-        expect(response).to have_gitlab_http_status(302)
-      end
-    end
-  end
-
-  describe 'GET /projects/:id/artifacts/:ref_name/download?job=name' do
-    let(:api_user) { reporter.user }
-
-    before do
-      build.success
-    end
-
-    def path_for_ref(ref = pipeline.ref, job = build.name)
-      v3_api("/projects/#{project.id}/builds/artifacts/#{ref}/download?job=#{job}", api_user)
-    end
-
-    shared_examples 'a valid file' do
-      context 'when artifacts are stored remotely' do
-        let!(:artifact) { create(:ci_job_artifact, :archive, :remote_store, job: build) }
-
-        before do
-          build.reload
-
-          get v3_api("/projects/#{project.id}/builds/#{build.id}/artifacts", api_user)
-        end
-
-        it 'returns location redirect' do
-          expect(response).to have_gitlab_http_status(302)
-        end
-      end
-    end
-
-    context 'with regular branch' do
-      before do
-        pipeline.reload
-        pipeline.update(ref: 'master',
-                        sha: project.commit('master').sha)
-
-        get path_for_ref('master')
-      end
-
-      it_behaves_like 'a valid file'
-    end
-
-    context 'with branch name containing slash' do
-      before do
-        pipeline.reload
-        pipeline.update(ref: 'improve/awesome',
-                        sha: project.commit('improve/awesome').sha)
-
-        get path_for_ref('improve/awesome')
-      end
-
-      it_behaves_like 'a valid file'
-    end
-  end
-end

ee/spec/requests/api/v3/github_spec.rb

@@ -247,4 +247,14 @@
       end
     end
   end
+
+  def v3_api(path, user = nil, personal_access_token: nil, oauth_access_token: nil)
+    api(
+      path,
+      user,
+      version: 'v3',
+      personal_access_token: personal_access_token,
+      oauth_access_token: oauth_access_token
+    )
+  end
 end

ee/spec/requests/api/v3/ldap_group_links_spec.rb

-require 'spec_helper'
-
-describe API::V3::LdapGroupLinks, api: true  do
-  include ApiHelpers
-
-  let(:owner) { create(:user) }
-  let(:user) { create(:user) }
-  let(:admin) { create(:admin) }
-
-  let!(:group_with_ldap_links) do
-    group = create(:group)
-    group.ldap_group_links.create cn: 'ldap-group1', group_access: Gitlab::Access::MASTER, provider: 'ldap1'
-    group.ldap_group_links.create cn: 'ldap-group2', group_access: Gitlab::Access::MASTER, provider: 'ldap2'
-    group
-  end
-
-  before do
-    group_with_ldap_links.add_owner owner
-    group_with_ldap_links.add_user user, Gitlab::Access::DEVELOPER
-  end
-  describe 'DELETE /groups/:id/ldap_group_links/:cn' do
-    context "when unauthenticated" do
-      it "returns authentication error" do
-        delete v3_api("/groups/#{group_with_ldap_links.id}/ldap_group_links/ldap-group1")
-        expect(response.status).to eq 401
-      end
-    end
-
-    context "when a less priviledged user" do
-      it "does not remove the LDAP group link" do
-        expect do
-          delete v3_api("/groups/#{group_with_ldap_links.id}/ldap_group_links/ldap-group1", user)
-        end.not_to change { group_with_ldap_links.ldap_group_links.count }
-
-        expect(response.status).to eq(403)
-      end
-    end
-
-    context "when owner of the group" do
-      it "removes ldap group link" do
-        expect do
-          delete v3_api("/groups/#{group_with_ldap_links.id}/ldap_group_links/ldap-group1", owner)
-        end.to change { group_with_ldap_links.ldap_group_links.count }.by(-1)
-
-        expect(response.status).to eq(200)
-      end
-
-      it "returns 404 if LDAP group cn not used for a LDAP group link" do
-        expect do
-          delete v3_api("/groups/#{group_with_ldap_links.id}/ldap_group_links/ldap-group1356", owner)
-        end.not_to change { group_with_ldap_links.ldap_group_links.count }
-
-        expect(response.status).to eq(404)
-      end
-    end
-  end
-
-  describe 'DELETE /groups/:id/ldap_group_links/:provider/:cn' do
-    context "when unauthenticated" do
-      it "returns authentication error" do
-        delete v3_api("/groups/#{group_with_ldap_links.id}/ldap_group_links/ldap2/ldap-group2")
-        expect(response.status).to eq 401
-      end
-    end
-
-    context "when a less priviledged user" do
-      it "does not remove the LDAP group link" do
-        expect do
-          delete v3_api("/groups/#{group_with_ldap_links.id}/ldap_group_links/ldap2/ldap-group2", user)
-        end.not_to change { group_with_ldap_links.ldap_group_links.count }
-
-        expect(response.status).to eq(403)
-      end
-    end
-
-    context "when owner of the group" do
-      it "returns 404 if LDAP group cn not used for a LDAP group link for the specified provider" do
-        expect do
-          delete v3_api("/groups/#{group_with_ldap_links.id}/ldap_group_links/ldap1/ldap-group2", owner)
-        end.not_to change { group_with_ldap_links.ldap_group_links.count }
-
-        expect(response.status).to eq(404)
-      end
-
-      it "removes ldap group link" do
-        expect do
-          delete v3_api("/groups/#{group_with_ldap_links.id}/ldap_group_links/ldap2/ldap-group2", owner)
-        end.to change { group_with_ldap_links.ldap_group_links.count }.by(-1)
-
-        expect(response.status).to eq(200)
-      end
-    end
-  end
-end

ee/spec/requests/api/v3/project_push_rule_spec.rb

-require 'spec_helper'
-
-describe API::V3::ProjectPushRule, 'ProjectPushRule', api: true  do
-  include ApiHelpers
-  let(:user) { create(:user) }
-  let(:user3) { create(:user) }
-  let!(:project) { create(:project, :repository, creator_id: user.id, namespace: user.namespace) }
-
-  before do
-    project.add_master(user)
-    project.add_developer(user3)
-  end
-
-  describe "DELETE /projects/:id/push_rule" do
-    before do
-      create(:push_rule, project: project)
-    end
-
-    context "authorized user" do
-      it "deletes push rule from project" do
-        delete v3_api("/projects/#{project.id}/push_rule", user)
-
-        expect(response).to have_gitlab_http_status(200)
-        expect(json_response).to be_an Hash
-      end
-    end
-
-    context "unauthorized user" do
-      it "returns a 403 error" do
-        delete v3_api("/projects/#{project.id}/push_rule", user3)
-
-        expect(response).to have_gitlab_http_status(403)
-      end
-    end
-  end
-
-  describe "DELETE /projects/:id/push_rule" do
-    context "for non existing push rule" do
-      it "deletes push rule from project" do
-        delete v3_api("/projects/#{project.id}/push_rule", user)
-
-        expect(response).to have_gitlab_http_status(404)
-        expect(json_response).to be_an Hash
-        expect(json_response['message']).to eq('404 Push Rule Not Found')
-      end
-
-      it "returns a 403 error if not authorized" do
-        delete v3_api("/projects/#{project.id}/push_rule", user3)
-
-        expect(response).to have_gitlab_http_status(403)
-      end
-    end
-  end
-end

lib/api/api.rb

@@ -22,59 +22,21 @@ class API < Grape::API
     allow_access_with_scope :api
     prefix :api
 
-    version %w(v3 v4), using: :path
-
     version 'v3', using: :path do
-      helpers ::API::V3::Helpers
-      helpers ::API::Helpers::CommonHelpers
-
-      mount ::API::V3::AwardEmoji
-      mount ::API::V3::Boards
-      mount ::API::V3::Branches
-      mount ::API::V3::BroadcastMessages
-      mount ::API::V3::Builds
-      mount ::API::V3::Commits
-      mount ::API::V3::DeployKeys
-      mount ::API::V3::Environments
-      mount ::API::V3::Files
-      mount ::API::V3::Groups
-      mount ::API::V3::Issues
-      mount ::API::V3::Labels
-      mount ::API::V3::Members
-      mount ::API::V3::MergeRequestDiffs
-      mount ::API::V3::MergeRequests
-      mount ::API::V3::Notes
-      mount ::API::V3::Pipelines
-      mount ::API::V3::ProjectHooks
-      mount ::API::V3::Milestones
-      mount ::API::V3::Projects
-      mount ::API::V3::ProjectSnippets
-      mount ::API::V3::Repositories
-      mount ::API::V3::Runners
-      mount ::API::V3::Services
-      mount ::API::V3::Settings
-      mount ::API::V3::Snippets
-      mount ::API::V3::Subscriptions
-      mount ::API::V3::SystemHooks
-      mount ::API::V3::Tags
-      mount ::API::V3::Templates
-      mount ::API::V3::Todos
-      mount ::API::V3::Triggers
-      mount ::API::V3::Users
-      mount ::API::V3::Variables
-
       ## EE-specific API V3 endpoints START
-      mount ::API::V3::LdapGroupLinks
-      mount ::API::V3::ProjectGitHook
-      mount ::API::V3::ProjectPushRule
-      mount ::API::V3::Pipelines
       # Although the following endpoints are kept behind V3 namespace, they're not
       # deprecated neither should be removed when V3 get removed.
       # They're needed as a layer to integrate with Jira Development Panel.
       mount ::API::V3::Github
       ## EE-specific API V3 endpoints END
+
+      route :any, '*path' do
+        error!('API V3 is no longer supported. Use API V4 instead.', 410)
+      end
     end
 
+    version 'v4', using: :path
+
     before do
       header['X-Frame-Options'] = 'SAMEORIGIN'
       header['X-Content-Type-Options'] = 'nosniff'