debian-mirror-gitlab/lib/api/markdown.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

48 lines
1.6 KiB
Ruby
Raw Permalink Normal View History

2018-12-05 23:21:45 +05:30
# frozen_string_literal: true
2018-11-08 19:23:39 +05:30
module API
2021-01-03 14:25:43 +05:30
class Markdown < ::API::Base
2022-08-27 11:52:29 +05:30
before { authenticate! if Feature.enabled?(:authenticate_markdown_api, type: :ops) }
feature_category :team_planning
2021-01-29 00:20:46 +05:30
2018-11-08 19:23:39 +05:30
params do
2023-01-13 00:05:48 +05:30
requires :text, type: String, desc: "The Markdown text to render"
optional :gfm, type: Boolean, desc: "Render text using GitLab Flavored Markdown. Default is false"
optional :project, type: String, desc: "Use project as a context when creating references using GitLab Flavored Markdown"
2018-11-08 19:23:39 +05:30
end
resource :markdown do
2023-01-13 00:05:48 +05:30
desc "Render an arbitrary Markdown document" do
2018-11-08 19:23:39 +05:30
detail "This feature was introduced in GitLab 11.0."
2023-01-13 00:05:48 +05:30
success ::API::Entities::Markdown
failure [
{ code: 400, message: 'Bad request' },
{ code: 401, message: 'Unauthorized' }
]
tags %w[markdown]
2018-11-08 19:23:39 +05:30
end
post do
context = { only_path: false, current_user: current_user }
context[:pipeline] = params[:gfm] ? :full : :plain_markdown
if params[:project]
project = Project.find_by_full_path(params[:project])
not_found!("Project") unless can?(current_user, :read_project, project)
context[:project] = project
else
context[:skip_project_check] = true
end
2023-03-04 22:38:38 +05:30
# Disable comments in markdown for IE browsers because comments in IE
# could allow script execution.
browser = Browser.new(headers['User-Agent'])
context[:allow_comments] = !browser.ie?
2023-01-13 00:05:48 +05:30
present({ html: Banzai.render_and_post_process(params[:text], context) }, with: Entities::Markdown)
2018-11-08 19:23:39 +05:30
end
end
end
end