2022-04-04 11:22:00 +05:30
# frozen_string_literal: true
module API
module Ci
class SecureFiles < :: API :: Base
include PaginationParams
before do
authenticate!
2022-05-07 20:08:51 +05:30
authorize! :read_secure_files , user_project
2022-04-04 11:22:00 +05:30
end
2023-04-23 21:23:45 +05:30
feature_category :mobile_devops
2022-04-04 11:22:00 +05:30
default_format :json
params do
2023-03-04 22:38:38 +05:30
requires :id , types : [ String , Integer ] , desc : ' The ID or URL - encoded path of the project owned by the
authenticated user '
2022-04-04 11:22:00 +05:30
end
resource :projects , requirements : API :: NAMESPACE_OR_PROJECT_REQUIREMENTS do
2023-03-04 22:38:38 +05:30
desc 'Get list of secure files in a project' do
success Entities :: Ci :: SecureFile
tags %w[ secure_files ]
end
2022-04-04 11:22:00 +05:30
params do
use :pagination
end
route_setting :authentication , basic_auth_personal_access_token : true , job_token_allowed : true
get ':id/secure_files' do
2022-07-23 23:45:48 +05:30
secure_files = user_project . secure_files . order_by_created_at
2022-04-04 11:22:00 +05:30
present paginate ( secure_files ) , with : Entities :: Ci :: SecureFile
end
2023-03-04 22:38:38 +05:30
desc 'Get the details of a specific secure file in a project' do
success Entities :: Ci :: SecureFile
tags %w[ secure_files ]
failure [ { code : 404 , message : '404 Not found' } ]
end
2022-04-04 11:22:00 +05:30
params do
2023-03-04 22:38:38 +05:30
requires :id , type : Integer , desc : 'The ID of a secure file'
2022-04-04 11:22:00 +05:30
end
route_setting :authentication , basic_auth_personal_access_token : true , job_token_allowed : true
get ':id/secure_files/:secure_file_id' do
secure_file = user_project . secure_files . find ( params [ :secure_file_id ] )
present secure_file , with : Entities :: Ci :: SecureFile
end
2023-03-04 22:38:38 +05:30
desc 'Download secure file' do
failure [ { code : 404 , message : '404 Not found' } ]
tags %w[ secure_files ]
end
2022-04-04 11:22:00 +05:30
route_setting :authentication , basic_auth_personal_access_token : true , job_token_allowed : true
get ':id/secure_files/:secure_file_id/download' do
secure_file = user_project . secure_files . find ( params [ :secure_file_id ] )
content_type 'application/octet-stream'
env [ 'api.format' ] = :binary
header [ 'Content-Disposition' ] = " attachment; filename= #{ secure_file . name } "
body secure_file . file . read
end
2022-05-07 20:08:51 +05:30
resource do
before do
2022-06-21 17:19:12 +05:30
read_only_feature_flag_enabled?
2022-05-07 20:08:51 +05:30
authorize! :admin_secure_files , user_project
end
2022-04-04 11:22:00 +05:30
2023-03-04 22:38:38 +05:30
desc 'Create a secure file' do
success Entities :: Ci :: SecureFile
tags %w[ secure_files ]
failure [ { code : 400 , message : '400 Bad Request' } ]
end
2022-05-07 20:08:51 +05:30
params do
2023-03-04 22:38:38 +05:30
requires :name , type : String , desc : ' The name of the file being uploaded . The filename must be unique within
the project '
requires :file , types : [ Rack :: Multipart :: UploadedFile , :: API :: Validations :: Types :: WorkhorseFile ] , desc : 'The secure file being uploaded' , documentation : { type : 'file' }
2022-05-07 20:08:51 +05:30
end
route_setting :authentication , basic_auth_personal_access_token : true , job_token_allowed : true
post ':id/secure_files' do
secure_file = user_project . secure_files . new (
2022-11-25 23:54:43 +05:30
name : Gitlab :: Utils . check_path_traversal! ( params [ :name ] )
2022-05-07 20:08:51 +05:30
)
secure_file . file = params [ :file ]
file_too_large! unless secure_file . file . size < :: Ci :: SecureFile :: FILE_SIZE_LIMIT . to_i
if secure_file . save
2023-03-04 22:38:38 +05:30
:: Ci :: ParseSecureFileMetadataWorker . perform_async ( secure_file . id ) # rubocop:disable CodeReuse/Worker
2022-05-07 20:08:51 +05:30
present secure_file , with : Entities :: Ci :: SecureFile
else
render_validation_error! ( secure_file )
end
2022-04-04 11:22:00 +05:30
end
2023-03-04 22:38:38 +05:30
desc 'Remove a secure file' do
tags %w[ secure_files ]
failure [ { code : 404 , message : '404 Not found' } ]
end
2022-05-07 20:08:51 +05:30
route_setting :authentication , basic_auth_personal_access_token : true , job_token_allowed : true
delete ':id/secure_files/:secure_file_id' do
secure_file = user_project . secure_files . find ( params [ :secure_file_id ] )
2022-04-04 11:22:00 +05:30
2022-05-07 20:08:51 +05:30
:: Ci :: DestroySecureFileService . new ( user_project , current_user ) . execute ( secure_file )
2022-04-04 11:22:00 +05:30
2022-05-07 20:08:51 +05:30
no_content!
end
2022-04-04 11:22:00 +05:30
end
end
helpers do
2022-06-21 17:19:12 +05:30
def read_only_feature_flag_enabled?
2022-07-16 23:28:13 +05:30
service_unavailable! if Feature . enabled? ( :ci_secure_files_read_only , user_project , type : :ops )
2022-06-21 17:19:12 +05:30
end
2022-04-04 11:22:00 +05:30
end
end
end
end