debian-mirror-gitlab/lib/api/debian_project_packages.rb

# frozen_string_literal: true

module API
  class DebianProjectPackages < ::API::Base
    PACKAGE_FILE_REQUIREMENTS = {
      id: API::NO_SLASH_URL_PART_REGEX,
      distribution: ::Packages::Debian::DISTRIBUTION_REGEX,
      letter: ::Packages::Debian::LETTER_REGEX,
      package_name: API::NO_SLASH_URL_PART_REGEX,
      package_version: API::NO_SLASH_URL_PART_REGEX,
      file_name: API::NO_SLASH_URL_PART_REGEX
    }.freeze
    FILE_NAME_REQUIREMENTS = {
      file_name: API::NO_SLASH_URL_PART_REGEX
    }.freeze

    before do
      not_found! if Gitlab::FIPS.enabled?
    end

    resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
      helpers do
        def project_or_group
          user_project
        end
      end

      after_validation do
        require_packages_enabled!

        not_found! unless ::Feature.enabled?(:debian_packages, user_project)

        authorize_read_package!
      end

      params do
        requires :id, types: [String, Integer], desc: 'The ID or URL-encoded path of the project'
      end

      namespace ':id/packages/debian' do
        include ::API::Concerns::Packages::DebianPackageEndpoints

        # GET projects/:id/packages/debian/pool/:distribution/:letter/:package_name/:package_version/:file_name
        params do
          use :shared_package_file_params
        end

        desc 'Download Debian package' do
          detail 'This feature was introduced in GitLab 14.2'
          success code: 200
          failure [
            { code: 401, message: 'Unauthorized' },
            { code: 403, message: 'Forbidden' },
            { code: 404, message: 'Not Found' }
          ]
          tags %w[debian_packages]
        end

        route_setting :authentication, authenticate_non_public: true
        get 'pool/:distribution/:letter/:package_name/:package_version/:file_name', requirements: PACKAGE_FILE_REQUIREMENTS do
          present_distribution_package_file!
        end

        params do
          requires :file_name, type: String, desc: 'The file name', documentation: { example: 'example_1.0.0~alpha2_amd64.deb' }
        end

        namespace ':file_name', requirements: FILE_NAME_REQUIREMENTS do
          format :txt
          content_type :json, Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE

          desc 'Upload Debian package' do
            detail 'This feature was introduced in GitLab 14.0'
            success code: 201
            failure [
              { code: 400, message: 'Bad Request' },
              { code: 401, message: 'Unauthorized' },
              { code: 403, message: 'Forbidden' },
              { code: 404, message: 'Not Found' }
            ]
            tags %w[debian_packages]
          end

          # PUT {projects|groups}/:id/packages/debian/:file_name
          params do
            requires :file, type: ::API::Validations::Types::WorkhorseFile, desc: 'The package file to be published (generated by Multipart middleware)', documentation: { type: 'file' }
          end

          route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true, job_token_allowed: :basic_auth, authenticate_non_public: true
          put do
            authorize_upload!(authorized_user_project)
            bad_request!('File is too large') if authorized_user_project.actual_limits.exceeded?(:debian_max_file_size, params[:file].size)

            file_params = {
              file: params['file'],
              file_name: params['file_name'],
              file_sha1: params['file.sha1'],
              file_md5: params['file.md5']
            }

            package = ::Packages::Debian::FindOrCreateIncomingService.new(authorized_user_project, current_user).execute

            ::Packages::Debian::CreatePackageFileService.new(package: package, current_user: current_user, params: file_params).execute

            created!
          rescue ObjectStorage::RemoteStoreError => e
            Gitlab::ErrorTracking.track_exception(e, extra: { file_name: params[:file_name], project_id: authorized_user_project.id })

            forbidden!
          end

          # PUT {projects|groups}/:id/packages/debian/:file_name/authorize
          desc 'Authorize Debian package upload' do
            detail 'This feature was introduced in GitLab 13.5'
            success code: 200
            failure [
              { code: 401, message: 'Unauthorized' },
              { code: 403, message: 'Forbidden' },
              { code: 404, message: 'Not Found' }
            ]
            tags %w[debian_packages]
          end
          route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true, job_token_allowed: :basic_auth, authenticate_non_public: true
          put 'authorize' do
            authorize_workhorse!(
              subject: authorized_user_project,
              maximum_size: authorized_user_project.actual_limits.debian_max_file_size
            )
          end
        end
      end
    end
  end
end
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`# frozen_string_literal: true`

			`module API`
			`class DebianProjectPackages < ::API::Base`
New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`PACKAGE_FILE_REQUIREMENTS = {`
			`id: API::NO_SLASH_URL_PART_REGEX,`
			`distribution: ::Packages::Debian::DISTRIBUTION_REGEX,`
			`letter: ::Packages::Debian::LETTER_REGEX,`
			`package_name: API::NO_SLASH_URL_PART_REGEX,`
			`package_version: API::NO_SLASH_URL_PART_REGEX,`
			`file_name: API::NO_SLASH_URL_PART_REGEX`
			`}.freeze`
			`FILE_NAME_REQUIREMENTS = {`
			`file_name: API::NO_SLASH_URL_PART_REGEX`
			`}.freeze`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30
New upstream version 15.2.2+ds1 2022-08-13 15:12:31 +05:30			`before do`
			`not_found! if Gitlab::FIPS.enabled?`
			`end`

New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do`
New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`helpers do`
			`def project_or_group`
			`user_project`
			`end`
New upstream version 14.0.10 2021-09-04 01:27:46 +05:30			`end`

			`after_validation do`
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`require_packages_enabled!`

New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`not_found! unless ::Feature.enabled?(:debian_packages, user_project)`

			`authorize_read_package!`
			`end`

New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`params do`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`requires :id, types: [String, Integer], desc: 'The ID or URL-encoded path of the project'`
New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`end`
New upstream version 14.0.10 2021-09-04 01:27:46 +05:30
New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`namespace ':id/packages/debian' do`
New upstream version 14.0.10 2021-09-04 01:27:46 +05:30			`include ::API::Concerns::Packages::DebianPackageEndpoints`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30
New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`# GET projects/:id/packages/debian/pool/:distribution/:letter/:package_name/:package_version/:file_name`
			`params do`
			`use :shared_package_file_params`
			`end`

New upstream version 15.7.8+ds1 2023-03-04 22:38:38 +05:30			`desc 'Download Debian package' do`
New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`detail 'This feature was introduced in GitLab 14.2'`
New upstream version 15.7.8+ds1 2023-03-04 22:38:38 +05:30			`success code: 200`
			`failure [`
			`{ code: 401, message: 'Unauthorized' },`
			`{ code: 403, message: 'Forbidden' },`
			`{ code: 404, message: 'Not Found' }`
			`]`
			`tags %w[debian_packages]`
New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`end`

			`route_setting :authentication, authenticate_non_public: true`
			`get 'pool/:distribution/:letter/:package_name/:package_version/:file_name', requirements: PACKAGE_FILE_REQUIREMENTS do`
New upstream version 15.4.2+ds1 2022-10-11 01:57:18 +05:30			`present_distribution_package_file!`
New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`end`

New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`params do`
New upstream version 15.7.8+ds1 2023-03-04 22:38:38 +05:30			`requires :file_name, type: String, desc: 'The file name', documentation: { example: 'example_1.0.0~alpha2_amd64.deb' }`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`end`

New upstream version 14.2.5+ds1 2021-10-27 15:23:28 +05:30			`namespace ':file_name', requirements: FILE_NAME_REQUIREMENTS do`
New upstream version 14.0.10 2021-09-04 01:27:46 +05:30			`format :txt`
New upstream version 13.8.5+ds1 2021-03-08 18:12:59 +05:30			`content_type :json, Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE`

New upstream version 15.7.8+ds1 2023-03-04 22:38:38 +05:30			`desc 'Upload Debian package' do`
			`detail 'This feature was introduced in GitLab 14.0'`
			`success code: 201`
			`failure [`
			`{ code: 400, message: 'Bad Request' },`
			`{ code: 401, message: 'Unauthorized' },`
			`{ code: 403, message: 'Forbidden' },`
			`{ code: 404, message: 'Not Found' }`
			`]`
			`tags %w[debian_packages]`
			`end`

New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`# PUT {projects\|groups}/:id/packages/debian/:file_name`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`params do`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`requires :file, type: ::API::Validations::Types::WorkhorseFile, desc: 'The package file to be published (generated by Multipart middleware)', documentation: { type: 'file' }`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`end`

New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true, job_token_allowed: :basic_auth, authenticate_non_public: true`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`put do`
			`authorize_upload!(authorized_user_project)`
			`bad_request!('File is too large') if authorized_user_project.actual_limits.exceeded?(:debian_max_file_size, params[:file].size)`

New upstream version 14.0.10 2021-09-04 01:27:46 +05:30			`file_params = {`
New upstream version 15.3.1+ds1 2022-08-27 11:52:29 +05:30			`file: params['file'],`
			`file_name: params['file_name'],`
			`file_sha1: params['file.sha1'],`
			`file_md5: params['file.md5']`
New upstream version 14.0.10 2021-09-04 01:27:46 +05:30			`}`

			`package = ::Packages::Debian::FindOrCreateIncomingService.new(authorized_user_project, current_user).execute`

New upstream version 15.5.4+ds1 2022-11-25 23:54:43 +05:30			`::Packages::Debian::CreatePackageFileService.new(package: package, current_user: current_user, params: file_params).execute`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30
			`created!`
			`rescue ObjectStorage::RemoteStoreError => e`
			`Gitlab::ErrorTracking.track_exception(e, extra: { file_name: params[:file_name], project_id: authorized_user_project.id })`

			`forbidden!`
			`end`

New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`# PUT {projects\|groups}/:id/packages/debian/:file_name/authorize`
New upstream version 15.7.8+ds1 2023-03-04 22:38:38 +05:30			`desc 'Authorize Debian package upload' do`
			`detail 'This feature was introduced in GitLab 13.5'`
			`success code: 200`
			`failure [`
			`{ code: 401, message: 'Unauthorized' },`
			`{ code: 403, message: 'Forbidden' },`
			`{ code: 404, message: 'Not Found' }`
			`]`
			`tags %w[debian_packages]`
			`end`
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true, job_token_allowed: :basic_auth, authenticate_non_public: true`
New upstream version 13.8.5+ds1 2021-03-08 18:12:59 +05:30			`put 'authorize' do`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`authorize_workhorse!(`
			`subject: authorized_user_project,`
			`maximum_size: authorized_user_project.actual_limits.debian_max_file_size`
			`)`
			`end`
			`end`
			`end`
			`end`
			`end`
			`end`