2018-12-05 23:21:45 +05:30
# frozen_string_literal: true
2014-09-02 18:07:02 +05:30
module API
2020-07-28 23:09:34 +05:30
class Groups < Grape :: API :: Instance
2017-08-17 22:00:37 +05:30
include PaginationParams
2018-03-27 19:54:05 +05:30
include Helpers :: CustomAttributes
2017-08-17 22:00:37 +05:30
2018-03-17 18:26:18 +05:30
before { authenticate_non_get! }
2014-09-02 18:07:02 +05:30
2019-09-04 21:01:54 +05:30
helpers Helpers :: GroupsHelpers
2017-08-17 22:00:37 +05:30
2019-09-04 21:01:54 +05:30
helpers do
2017-08-17 22:00:37 +05:30
params :statistics_params do
optional :statistics , type : Boolean , default : false , desc : 'Include project statistics'
end
2018-03-17 18:26:18 +05:30
params :group_list_params do
2017-08-17 22:00:37 +05:30
use :statistics_params
2020-07-28 23:09:34 +05:30
optional :skip_groups , type : Array [ Integer ] , coerce_with : :: API :: Validations :: Types :: CommaSeparatedToIntegerArray . coerce , desc : 'Array of group ids to exclude from list'
2017-08-17 22:00:37 +05:30
optional :all_available , type : Boolean , desc : 'Show all group that you have access to'
optional :search , type : String , desc : 'Search for a specific group'
optional :owned , type : Boolean , default : false , desc : 'Limit by owned by authenticated user'
2018-11-08 19:23:39 +05:30
optional :order_by , type : String , values : %w[ name path id ] , default : 'name' , desc : 'Order by name, path or id'
2017-08-17 22:00:37 +05:30
optional :sort , type : String , values : %w[ asc desc ] , default : 'asc' , desc : 'Sort by asc (ascending) or desc (descending)'
2018-11-18 11:00:15 +05:30
optional :min_access_level , type : Integer , values : Gitlab :: Access . all_values , desc : 'Minimum access level of authenticated user'
2020-06-23 00:09:42 +05:30
optional :top_level_only , type : Boolean , desc : 'Only include top level groups'
2017-08-17 22:00:37 +05:30
use :pagination
end
2018-12-05 23:21:45 +05:30
# rubocop: disable CodeReuse/ActiveRecord
2018-10-15 14:42:47 +05:30
def find_groups ( params , parent_id = nil )
2018-11-18 11:00:15 +05:30
find_params = params . slice ( :all_available , :custom_attributes , :owned , :min_access_level )
2020-06-23 00:09:42 +05:30
find_params [ :parent ] = if params [ :top_level_only ]
[ nil ]
elsif parent_id
find_group! ( parent_id )
end
2018-10-15 14:42:47 +05:30
find_params [ :all_available ] =
2020-01-01 13:55:28 +05:30
find_params . fetch ( :all_available , current_user & . can_read_all_resources? )
2018-03-17 18:26:18 +05:30
groups = GroupsFinder . new ( current_user , find_params ) . execute
2017-08-17 22:00:37 +05:30
groups = groups . search ( params [ :search ] ) if params [ :search ] . present?
groups = groups . where . not ( id : params [ :skip_groups ] ) if params [ :skip_groups ] . present?
2018-11-08 19:23:39 +05:30
order_options = { params [ :order_by ] = > params [ :sort ] }
order_options [ " id " ] || = " asc "
groups = groups . reorder ( order_options )
2017-08-17 22:00:37 +05:30
2018-03-17 18:26:18 +05:30
groups
end
2018-12-05 23:21:45 +05:30
# rubocop: enable CodeReuse/ActiveRecord
2018-03-17 18:26:18 +05:30
2019-07-07 11:18:12 +05:30
def create_group
# This is a separate method so that EE can extend its behaviour, without
# having to modify this code directly.
:: Groups :: CreateService
. new ( current_user , declared_params ( include_missing : false ) )
. execute
end
def update_group ( group )
# This is a separate method so that EE can extend its behaviour, without
# having to modify this code directly.
:: Groups :: UpdateService
. new ( group , current_user , declared_params ( include_missing : false ) )
. execute
end
2020-05-24 23:13:21 +05:30
def find_group_projects ( params , finder_options )
2018-03-17 18:26:18 +05:30
group = find_group! ( params [ :id ] )
2019-02-15 15:39:39 +05:30
projects = GroupProjectsFinder . new (
group : group ,
current_user : current_user ,
params : project_finder_params ,
2020-05-24 23:13:21 +05:30
options : finder_options
2019-02-15 15:39:39 +05:30
) . execute
2018-03-17 18:26:18 +05:30
projects = reorder_projects ( projects )
paginate ( projects )
end
2020-05-24 23:13:21 +05:30
def present_projects ( params , projects )
options = {
with : params [ :simple ] ? Entities :: BasicProjectDetails : Entities :: Project ,
current_user : current_user
}
projects , options = with_custom_attributes ( projects , options )
present options [ :with ] . prepare_relation ( projects ) , options
end
2018-03-17 18:26:18 +05:30
def present_groups ( params , groups )
options = {
with : Entities :: Group ,
current_user : current_user ,
2020-05-24 23:13:21 +05:30
statistics : params [ :statistics ] && current_user & . admin?
2018-03-17 18:26:18 +05:30
}
groups = groups . with_statistics if options [ :statistics ]
2018-03-27 19:54:05 +05:30
groups , options = with_custom_attributes ( groups , options )
2018-03-17 18:26:18 +05:30
present paginate ( groups ) , options
end
2020-03-13 15:44:24 +05:30
def delete_group ( group )
Gitlab :: QueryLimiting . whitelist ( 'https://gitlab.com/gitlab-org/gitlab-foss/issues/46285' )
destroy_conditionally! ( group ) do | group |
:: Groups :: DestroyService . new ( group , current_user ) . async_execute
end
accepted!
end
2018-03-17 18:26:18 +05:30
end
resource :groups do
include CustomAttributesEndpoints
desc 'Get a groups list' do
success Entities :: Group
end
params do
use :group_list_params
2018-03-27 19:54:05 +05:30
use :with_custom_attributes
2018-03-17 18:26:18 +05:30
end
get do
2018-10-15 14:42:47 +05:30
groups = find_groups ( declared_params ( include_missing : false ) , params [ :id ] )
2018-03-17 18:26:18 +05:30
present_groups params , groups
2017-08-17 22:00:37 +05:30
end
desc 'Create a group. Available only for users who can create groups.' do
success Entities :: Group
end
params do
requires :name , type : String , desc : 'The name of the group'
requires :path , type : String , desc : 'The path of the group'
2019-10-12 21:52:04 +05:30
optional :parent_id , type : Integer , desc : 'The parent group id for creating nested group'
2017-09-10 17:25:29 +05:30
2017-08-17 22:00:37 +05:30
use :optional_params
end
2014-09-02 18:07:02 +05:30
post do
2018-03-17 18:26:18 +05:30
parent_group = find_group! ( params [ :parent_id ] ) if params [ :parent_id ] . present?
if parent_group
authorize! :create_subgroup , parent_group
else
authorize! :create_group
end
2014-09-02 18:07:02 +05:30
2019-07-07 11:18:12 +05:30
group = create_group
2020-06-23 00:09:42 +05:30
group . preload_shared_group_links
2014-09-02 18:07:02 +05:30
2017-08-17 22:00:37 +05:30
if group . persisted?
2017-09-10 17:25:29 +05:30
present group , with : Entities :: GroupDetail , current_user : current_user
2014-09-02 18:07:02 +05:30
else
2017-08-17 22:00:37 +05:30
render_api_error! ( " Failed to save group #{ group . errors . messages } " , 400 )
2014-09-02 18:07:02 +05:30
end
end
2017-08-17 22:00:37 +05:30
end
2014-09-02 18:07:02 +05:30
2017-08-17 22:00:37 +05:30
params do
requires :id , type : String , desc : 'The ID of a group'
end
2019-02-15 15:39:39 +05:30
resource :groups , requirements : API :: NAMESPACE_OR_PROJECT_REQUIREMENTS do
2017-08-17 22:00:37 +05:30
desc 'Update a group. Available only for users who can administrate groups.' do
success Entities :: Group
end
params do
optional :name , type : String , desc : 'The name of the group'
optional :path , type : String , desc : 'The path of the group'
use :optional_params
2019-09-04 21:01:54 +05:30
use :optional_update_params_ee
2017-08-17 22:00:37 +05:30
end
2016-06-02 11:05:42 +05:30
put ':id' do
2017-08-17 22:00:37 +05:30
group = find_group! ( params [ :id ] )
2020-06-23 00:09:42 +05:30
group . preload_shared_group_links
2016-06-02 11:05:42 +05:30
authorize! :admin_group , group
2019-07-07 11:18:12 +05:30
if update_group ( group )
2017-08-17 22:00:37 +05:30
present group , with : Entities :: GroupDetail , current_user : current_user
2016-06-02 11:05:42 +05:30
else
render_validation_error! ( group )
end
end
2017-08-17 22:00:37 +05:30
desc 'Get a single group, with containing projects.' do
success Entities :: GroupDetail
end
2018-03-27 19:54:05 +05:30
params do
use :with_custom_attributes
2018-11-18 11:00:15 +05:30
optional :with_projects , type : Boolean , default : true , desc : 'Omit project details'
2018-03-27 19:54:05 +05:30
end
2014-09-02 18:07:02 +05:30
get " :id " do
2017-08-17 22:00:37 +05:30
group = find_group! ( params [ :id ] )
2020-06-23 00:09:42 +05:30
group . preload_shared_group_links
2018-03-27 19:54:05 +05:30
options = {
2018-11-18 11:00:15 +05:30
with : params [ :with_projects ] ? Entities :: GroupDetail : Entities :: Group ,
2019-12-04 20:38:33 +05:30
current_user : current_user ,
user_can_admin_group : can? ( current_user , :admin_group , group )
2018-03-27 19:54:05 +05:30
}
group , options = with_custom_attributes ( group , options )
present group , options
2014-09-02 18:07:02 +05:30
end
2017-08-17 22:00:37 +05:30
desc 'Remove a group.'
2014-09-02 18:07:02 +05:30
delete " :id " do
2017-08-17 22:00:37 +05:30
group = find_group! ( params [ :id ] )
2015-04-26 12:48:37 +05:30
authorize! :admin_group , group
2017-09-10 17:25:29 +05:30
2020-03-13 15:44:24 +05:30
delete_group ( group )
2017-08-17 22:00:37 +05:30
end
desc 'Get a list of projects in this group.' do
success Entities :: Project
2014-09-02 18:07:02 +05:30
end
2017-08-17 22:00:37 +05:30
params do
2020-07-28 23:09:34 +05:30
optional :archived , type : Boolean , desc : 'Limit by archived status'
2017-08-17 22:00:37 +05:30
optional :visibility , type : String , values : Gitlab :: VisibilityLevel . string_values ,
desc : 'Limit by visibility'
optional :search , type : String , desc : 'Return list of authorized projects matching the search criteria'
optional :order_by , type : String , values : %w[ id name path created_at updated_at last_activity_at ] ,
default : 'created_at' , desc : 'Return projects ordered by field'
optional :sort , type : String , values : %w[ asc desc ] , default : 'desc' ,
desc : 'Return projects sorted in ascending and descending order'
optional :simple , type : Boolean , default : false ,
desc : 'Return only the ID, URL, name, and path of each project'
optional :owned , type : Boolean , default : false , desc : 'Limit by owned by authenticated user'
optional :starred , type : Boolean , default : false , desc : 'Limit by starred status'
2018-11-08 19:23:39 +05:30
optional :with_issues_enabled , type : Boolean , default : false , desc : 'Limit by enabled issues feature'
optional :with_merge_requests_enabled , type : Boolean , default : false , desc : 'Limit by enabled merge requests feature'
2019-02-15 15:39:39 +05:30
optional :with_shared , type : Boolean , default : true , desc : 'Include projects shared to this group'
optional :include_subgroups , type : Boolean , default : false , desc : 'Includes projects in subgroups of this group'
2019-12-04 20:38:33 +05:30
optional :min_access_level , type : Integer , values : Gitlab :: Access . all_values , desc : 'Limit by minimum access level of authenticated user on projects'
2014-09-02 18:07:02 +05:30
2017-08-17 22:00:37 +05:30
use :pagination
2018-03-27 19:54:05 +05:30
use :with_custom_attributes
2019-12-04 20:38:33 +05:30
use :optional_projects_params
2017-08-17 22:00:37 +05:30
end
2015-12-23 02:04:40 +05:30
get " :id/projects " do
2020-05-24 23:13:21 +05:30
finder_options = {
only_owned : ! params [ :with_shared ] ,
include_subgroups : params [ :include_subgroups ]
2018-03-27 19:54:05 +05:30
}
2020-05-24 23:13:21 +05:30
projects = find_group_projects ( params , finder_options )
2018-03-27 19:54:05 +05:30
2020-05-24 23:13:21 +05:30
present_projects ( params , projects )
end
desc 'Get a list of shared projects in this group' do
success Entities :: Project
end
params do
2020-07-28 23:09:34 +05:30
optional :archived , type : Boolean , desc : 'Limit by archived status'
2020-05-24 23:13:21 +05:30
optional :visibility , type : String , values : Gitlab :: VisibilityLevel . string_values ,
desc : 'Limit by visibility'
optional :search , type : String , desc : 'Return list of authorized projects matching the search criteria'
optional :order_by , type : String , values : %w[ id name path created_at updated_at last_activity_at ] ,
default : 'created_at' , desc : 'Return projects ordered by field'
optional :sort , type : String , values : %w[ asc desc ] , default : 'desc' ,
desc : 'Return projects sorted in ascending and descending order'
optional :simple , type : Boolean , default : false ,
desc : 'Return only the ID, URL, name, and path of each project'
optional :starred , type : Boolean , default : false , desc : 'Limit by starred status'
optional :with_issues_enabled , type : Boolean , default : false , desc : 'Limit by enabled issues feature'
optional :with_merge_requests_enabled , type : Boolean , default : false , desc : 'Limit by enabled merge requests feature'
optional :min_access_level , type : Integer , values : Gitlab :: Access . all_values , desc : 'Limit by minimum access level of authenticated user on projects'
use :pagination
use :with_custom_attributes
end
get " :id/projects/shared " do
projects = find_group_projects ( params , { only_shared : true } )
present_projects ( params , projects )
2018-03-17 18:26:18 +05:30
end
desc 'Get a list of subgroups in this group.' do
success Entities :: Group
end
params do
use :group_list_params
2018-03-27 19:54:05 +05:30
use :with_custom_attributes
2018-03-17 18:26:18 +05:30
end
get " :id/subgroups " do
2018-10-15 14:42:47 +05:30
groups = find_groups ( declared_params ( include_missing : false ) , params [ :id ] )
2018-03-17 18:26:18 +05:30
present_groups params , groups
2017-08-17 22:00:37 +05:30
end
desc 'Transfer a project to the group namespace. Available only for admin.' do
success Entities :: GroupDetail
end
params do
requires :project_id , type : String , desc : 'The ID or path of the project'
end
post " :id/projects/:project_id " , requirements : { project_id : / .+ / } do
2014-09-02 18:07:02 +05:30
authenticated_as_admin!
2017-08-17 22:00:37 +05:30
group = find_group! ( params [ :id ] )
2020-06-23 00:09:42 +05:30
group . preload_shared_group_links
2017-08-17 22:00:37 +05:30
project = find_project! ( params [ :project_id ] )
2015-09-11 14:41:01 +05:30
result = :: Projects :: TransferService . new ( project , current_user ) . execute ( group )
2014-09-02 18:07:02 +05:30
if result
2017-08-17 22:00:37 +05:30
present group , with : Entities :: GroupDetail , current_user : current_user
2014-09-02 18:07:02 +05:30
else
2015-04-26 12:48:37 +05:30
render_api_error! ( " Failed to transfer project #{ project . errors . messages } " , 400 )
2014-09-02 18:07:02 +05:30
end
end
2020-06-23 00:09:42 +05:30
desc 'Share a group with a group' do
success Entities :: GroupDetail
end
params do
requires :group_id , type : Integer , desc : 'The ID of the group to share'
requires :group_access , type : Integer , values : Gitlab :: Access . all_values , desc : 'The group access level'
optional :expires_at , type : Date , desc : 'Share expiration date'
end
post " :id/share " do
shared_group = find_group! ( params [ :id ] )
shared_with_group = find_group! ( params [ :group_id ] )
group_link_create_params = {
shared_group_access : params [ :group_access ] ,
expires_at : params [ :expires_at ]
}
result = :: Groups :: GroupLinks :: CreateService . new ( shared_with_group , current_user , group_link_create_params ) . execute ( shared_group )
shared_group . preload_shared_group_links
if result [ :status ] == :success
present shared_group , with : Entities :: GroupDetail , current_user : current_user
else
render_api_error! ( result [ :message ] , result [ :http_status ] )
end
end
params do
requires :group_id , type : Integer , desc : 'The ID of the shared group'
end
# rubocop: disable CodeReuse/ActiveRecord
delete " :id/share/:group_id " do
shared_group = find_group! ( params [ :id ] )
link = shared_group . shared_with_group_links . find_by ( shared_with_group_id : params [ :group_id ] )
not_found! ( 'Group Link' ) unless link
:: Groups :: GroupLinks :: DestroyService . new ( shared_group , current_user ) . execute ( link )
no_content!
end
# rubocop: enable CodeReuse/ActiveRecord
2014-09-02 18:07:02 +05:30
end
end
end
2019-12-04 20:38:33 +05:30
API :: Groups . prepend_if_ee ( 'EE::API::Groups' )