debian-mirror-gitlab/lib/api/project_snippets.rb

# frozen_string_literal: true

module API
  class ProjectSnippets < ::API::Base
    include PaginationParams

    before { check_snippets_enabled }

    feature_category :snippets

    params do
      requires :id, type: String, desc: 'The ID of a project'
    end
    resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
      helpers Helpers::SnippetsHelpers
      helpers SpammableActions::CaptchaCheck::RestApiActionsSupport
      helpers do
        def check_snippets_enabled
          forbidden! unless user_project.feature_available?(:snippets, current_user)
        end

        def handle_project_member_errors(errors)
          if errors[:project_access].any?
            error!(errors[:project_access], 422)
          end

          not_found!
        end

        def snippets_for_current_user
          SnippetsFinder.new(current_user, project: user_project).execute
        end
      end

      desc 'Get all project snippets' do
        success Entities::ProjectSnippet
      end
      params do
        use :pagination
      end
      get ":id/snippets", urgency: :low do
        authenticate!

        present paginate(snippets_for_current_user), with: Entities::ProjectSnippet, current_user: current_user
      end

      desc 'Get a single project snippet' do
        success Entities::ProjectSnippet
      end
      params do
        requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'
      end
      get ":id/snippets/:snippet_id" do
        snippet = snippets_for_current_user.find(params[:snippet_id])

        not_found!('Snippet') unless snippet

        present snippet, with: Entities::ProjectSnippet, current_user: current_user
      end

      desc 'Create a new project snippet' do
        success Entities::ProjectSnippet
      end
      params do
        requires :title, type: String, allow_blank: false, desc: 'The title of the snippet'
        optional :description, type: String, desc: 'The description of a snippet'
        requires :visibility, type: String,
                              values: Gitlab::VisibilityLevel.string_values,
                              desc: 'The visibility of the snippet'
        use :create_file_params
      end
      post ":id/snippets" do
        authenticate!

        authorize! :create_snippet, user_project

        snippet_params = process_create_params(declared_params(include_missing: false))

        spam_params = ::Spam::SpamParams.new_from_request(request: request)
        service_response = ::Snippets::CreateService.new(project: user_project, current_user: current_user, params: snippet_params, spam_params: spam_params).execute
        snippet = service_response.payload[:snippet]

        if service_response.success?
          present snippet, with: Entities::ProjectSnippet, current_user: current_user
        else
          with_captcha_check_rest_api(spammable: snippet) do
            render_api_error!({ error: service_response.message }, service_response.http_status)
          end
        end
      end

      desc 'Update an existing project snippet' do
        success Entities::ProjectSnippet
      end
      params do
        requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'
        optional :content, type: String, allow_blank: false, desc: 'The content of the snippet'
        optional :description, type: String, desc: 'The description of a snippet'
        optional :file_name, type: String, desc: 'The file name of the snippet'
        optional :title, type: String, allow_blank: false, desc: 'The title of the snippet'
        optional :visibility, type: String,
                              values: Gitlab::VisibilityLevel.string_values,
                              desc: 'The visibility of the snippet'

        use :update_file_params
        use :minimum_update_params
      end
      # rubocop: disable CodeReuse/ActiveRecord
      put ":id/snippets/:snippet_id" do
        authenticate!

        snippet = snippets_for_current_user.find_by(id: params.delete(:snippet_id))
        not_found!('Snippet') unless snippet

        authorize! :update_snippet, snippet

        validate_params_for_multiple_files(snippet)

        snippet_params = process_update_params(declared_params(include_missing: false))

        spam_params = ::Spam::SpamParams.new_from_request(request: request)
        service_response = ::Snippets::UpdateService.new(project: user_project, current_user: current_user, params: snippet_params, spam_params: spam_params).execute(snippet)
        snippet = service_response.payload[:snippet]

        if service_response.success?
          present snippet, with: Entities::ProjectSnippet, current_user: current_user
        else
          with_captcha_check_rest_api(spammable: snippet) do
            render_api_error!({ error: service_response.message }, service_response.http_status)
          end
        end
      end
      # rubocop: enable CodeReuse/ActiveRecord

      desc 'Delete a project snippet'
      params do
        requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'
      end
      # rubocop: disable CodeReuse/ActiveRecord
      delete ":id/snippets/:snippet_id" do
        authenticate!

        snippet = snippets_for_current_user.find_by(id: params[:snippet_id])
        not_found!('Snippet') unless snippet

        authorize! :admin_snippet, snippet

        destroy_conditionally!(snippet) do |snippet|
          service = ::Snippets::DestroyService.new(current_user, snippet)
          response = service.execute

          if response.error?
            render_api_error!({ error: response.message }, response.http_status)
          end
        end
      end
      # rubocop: enable CodeReuse/ActiveRecord

      desc 'Get a raw project snippet'
      params do
        requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'
      end
      # rubocop: disable CodeReuse/ActiveRecord
      get ":id/snippets/:snippet_id/raw" do
        snippet = snippets_for_current_user.find_by(id: params[:snippet_id])
        not_found!('Snippet') unless snippet

        present content_for(snippet)
      end

      desc 'Get raw project snippet file contents from the repository'
      params do
        use :raw_file_params
      end
      get ":id/snippets/:snippet_id/files/:ref/:file_path/raw", requirements: { file_path: API::NO_SLASH_URL_PART_REGEX } do
        snippet = snippets_for_current_user.find_by(id: params[:snippet_id])
        not_found!('Snippet') unless snippet&.repo_exists?

        present file_content_for(snippet)
      end
      # rubocop: enable CodeReuse/ActiveRecord

      desc 'Get the user agent details for a project snippet' do
        success Entities::UserAgentDetail
      end
      params do
        requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'
      end
      # rubocop: disable CodeReuse/ActiveRecord
      get ":id/snippets/:snippet_id/user_agent_detail" do
        authenticated_as_admin!

        snippet = Snippet.find_by!(id: params[:snippet_id], project_id: params[:id])

        break not_found!('UserAgentDetail') unless snippet.user_agent_detail

        present snippet.user_agent_detail, with: Entities::UserAgentDetail
      end
      # rubocop: enable CodeReuse/ActiveRecord
    end
  end
end
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# frozen_string_literal: true`

Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`module API`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`class ProjectSnippets < ::API::Base`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`include PaginationParams`

New upstream version 12.9.2 2020-04-08 14:13:33 +05:30			`before { check_snippets_enabled }`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30
New upstream version 13.6.5 2021-01-29 00:20:46 +05:30			`feature_category :snippets`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`params do`
			`requires :id, type: String, desc: 'The ID of a project'`
			`end`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`helpers Helpers::SnippetsHelpers`
New upstream version 14.9.4+ds1 2022-05-07 20:08:51 +05:30			`helpers SpammableActions::CaptchaCheck::RestApiActionsSupport`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`helpers do`
New upstream version 12.9.2 2020-04-08 14:13:33 +05:30			`def check_snippets_enabled`
			`forbidden! unless user_project.feature_available?(:snippets, current_user)`
			`end`

Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`def handle_project_member_errors(errors)`
			`if errors[:project_access].any?`
			`error!(errors[:project_access], 422)`
			`end`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`not_found!`
			`end`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30
			`def snippets_for_current_user`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`SnippetsFinder.new(current_user, project: user_project).execute`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`end`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`desc 'Get all project snippets' do`
			`success Entities::ProjectSnippet`
			`end`
			`params do`
			`use :pagination`
			`end`
New upstream version 14.10.4+ds1 2022-06-21 17:19:12 +05:30			`get ":id/snippets", urgency: :low do`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`authenticate!`

New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`present paginate(snippets_for_current_user), with: Entities::ProjectSnippet, current_user: current_user`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`desc 'Get a single project snippet' do`
			`success Entities::ProjectSnippet`
			`end`
			`params do`
			`requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'`
			`end`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`get ":id/snippets/:snippet_id" do`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`snippet = snippets_for_current_user.find(params[:snippet_id])`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30
			`not_found!('Snippet') unless snippet`

New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`present snippet, with: Entities::ProjectSnippet, current_user: current_user`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`

			`desc 'Create a new project snippet' do`
			`success Entities::ProjectSnippet`
			`end`
			`params do`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`requires :title, type: String, allow_blank: false, desc: 'The title of the snippet'`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`optional :description, type: String, desc: 'The description of a snippet'`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`requires :visibility, type: String,`
			`values: Gitlab::VisibilityLevel.string_values,`
			`desc: 'The visibility of the snippet'`
New upstream version 13.3.8 2020-10-24 23:57:45 +05:30			`use :create_file_params`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`post ":id/snippets" do`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`authenticate!`

New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`authorize! :create_snippet, user_project`
New upstream version 13.3.8 2020-10-24 23:57:45 +05:30
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`snippet_params = process_create_params(declared_params(include_missing: false))`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 14.1.7+ds1 2021-09-30 23:02:18 +05:30			`spam_params = ::Spam::SpamParams.new_from_request(request: request)`
			`service_response = ::Snippets::CreateService.new(project: user_project, current_user: current_user, params: snippet_params, spam_params: spam_params).execute`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`snippet = service_response.payload[:snippet]`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`if service_response.success?`
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`present snippet, with: Entities::ProjectSnippet, current_user: current_user`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`else`
New upstream version 14.9.4+ds1 2022-05-07 20:08:51 +05:30			`with_captcha_check_rest_api(spammable: snippet) do`
			`render_api_error!({ error: service_response.message }, service_response.http_status)`
			`end`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`
			`end`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`desc 'Update an existing project snippet' do`
			`success Entities::ProjectSnippet`
			`end`
			`params do`
			`requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'`
New upstream version 12.3.8 2019-12-04 20:38:33 +05:30			`optional :content, type: String, allow_blank: false, desc: 'The content of the snippet'`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`optional :description, type: String, desc: 'The description of a snippet'`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`optional :file_name, type: String, desc: 'The file name of the snippet'`
			`optional :title, type: String, allow_blank: false, desc: 'The title of the snippet'`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`optional :visibility, type: String,`
			`values: Gitlab::VisibilityLevel.string_values,`
			`desc: 'The visibility of the snippet'`
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30
			`use :update_file_params`
			`use :minimum_update_params`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: disable CodeReuse/ActiveRecord`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`put ":id/snippets/:snippet_id" do`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`authenticate!`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`snippet = snippets_for_current_user.find_by(id: params.delete(:snippet_id))`
			`not_found!('Snippet') unless snippet`

New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`authorize! :update_snippet, snippet`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 13.4.6 2020-11-24 15:15:51 +05:30			`validate_params_for_multiple_files(snippet)`

			`snippet_params = process_update_params(declared_params(include_missing: false))`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 14.1.7+ds1 2021-09-30 23:02:18 +05:30			`spam_params = ::Spam::SpamParams.new_from_request(request: request)`
			`service_response = ::Snippets::UpdateService.new(project: user_project, current_user: current_user, params: snippet_params, spam_params: spam_params).execute(snippet)`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`snippet = service_response.payload[:snippet]`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`if service_response.success?`
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`present snippet, with: Entities::ProjectSnippet, current_user: current_user`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`else`
New upstream version 14.9.4+ds1 2022-05-07 20:08:51 +05:30			`with_captcha_check_rest_api(spammable: snippet) do`
			`render_api_error!({ error: service_response.message }, service_response.http_status)`
			`end`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`
			`end`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: enable CodeReuse/ActiveRecord`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`desc 'Delete a project snippet'`
			`params do`
			`requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'`
			`end`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: disable CodeReuse/ActiveRecord`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`delete ":id/snippets/:snippet_id" do`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`authenticate!`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`snippet = snippets_for_current_user.find_by(id: params[:snippet_id])`
			`not_found!('Snippet') unless snippet`

New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`authorize! :admin_snippet, snippet`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`destroy_conditionally!(snippet) do \|snippet\|`
			`service = ::Snippets::DestroyService.new(current_user, snippet)`
			`response = service.execute`

			`if response.error?`
			`render_api_error!({ error: response.message }, response.http_status)`
			`end`
			`end`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: enable CodeReuse/ActiveRecord`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`desc 'Get a raw project snippet'`
			`params do`
			`requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'`
			`end`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: disable CodeReuse/ActiveRecord`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`get ":id/snippets/:snippet_id/raw" do`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`snippet = snippets_for_current_user.find_by(id: params[:snippet_id])`
			`not_found!('Snippet') unless snippet`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`present content_for(snippet)`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30
			`desc 'Get raw project snippet file contents from the repository'`
			`params do`
			`use :raw_file_params`
			`end`
			`get ":id/snippets/:snippet_id/files/:ref/:file_path/raw", requirements: { file_path: API::NO_SLASH_URL_PART_REGEX } do`
			`snippet = snippets_for_current_user.find_by(id: params[:snippet_id])`
			`not_found!('Snippet') unless snippet&.repo_exists?`

			`present file_content_for(snippet)`
			`end`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: enable CodeReuse/ActiveRecord`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30
			`desc 'Get the user agent details for a project snippet' do`
			`success Entities::UserAgentDetail`
			`end`
			`params do`
			`requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'`
			`end`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: disable CodeReuse/ActiveRecord`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`get ":id/snippets/:snippet_id/user_agent_detail" do`
			`authenticated_as_admin!`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`snippet = Snippet.find_by!(id: params[:snippet_id], project_id: params[:id])`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30
New upstream version 10.8.7+dfsg 2018-10-15 14:42:47 +05:30			`break not_found!('UserAgentDetail') unless snippet.user_agent_detail`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30
			`present snippet.user_agent_detail, with: Entities::UserAgentDetail`
			`end`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: enable CodeReuse/ActiveRecord`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`
			`end`
			`end`