debian-mirror-gitlab/lib/api/releases.rb

# frozen_string_literal: true

module API
  class Releases < ::API::Base
    include PaginationParams

    RELEASE_ENDPOINT_REQUIREMENTS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS
      .merge(tag_name: API::NO_SLASH_URL_PART_REGEX)
    RELEASE_CLI_USER_AGENT = 'GitLab-release-cli'

    before { authorize_read_releases! }

    after { track_release_event }

    feature_category :release_orchestration

    params do
      requires :id, type: String, desc: 'The ID of a project'
    end
    resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
      desc 'Get a project releases' do
        detail 'This feature was introduced in GitLab 11.7.'
        named 'get_releases'
        success Entities::Release
      end
      params do
        use :pagination
        optional :order_by, type: String, values: %w[released_at created_at], default: 'released_at',
                            desc: 'Return releases ordered by `released_at` or `created_at`.'
        optional :sort, type: String, values: %w[asc desc], default: 'desc',
                        desc: 'Return releases sorted in `asc` or `desc` order.'
        optional :include_html_description, type: Boolean,
                               desc: 'If `true`, a response includes HTML rendered markdown of the release description.'
      end
      route_setting :authentication, job_token_allowed: true
      get ':id/releases' do
        releases = ::ReleasesFinder.new(user_project, current_user, declared_params.slice(:order_by, :sort)).execute

        # We cache the serialized payload per user in order to avoid repeated renderings.
        # Since the cached result could contain sensitive information,
        # it will expire in a short interval.
        present_cached paginate(releases),
                        with: Entities::Release,
                        # `current_user` could be absent if the releases are publicly accesible.
                        # We should not use `cache_key` for the user because the version/updated_at
                        # context is unnecessary here.
                        cache_context: -> (_) { "user:{#{current_user&.id}}" },
                        expires_in: 5.minutes,
                        current_user: current_user,
                        include_html_description: params[:include_html_description]
      end

      desc 'Get a single project release' do
        detail 'This feature was introduced in GitLab 11.7.'
        named 'get_release'
        success Entities::Release
      end
      params do
        requires :tag_name, type: String, desc: 'The name of the tag', as: :tag
        optional :include_html_description, type: Boolean,
                               desc: 'If `true`, a response includes HTML rendered markdown of the release description.'
      end
      route_setting :authentication, job_token_allowed: true
      get ':id/releases/:tag_name', requirements: RELEASE_ENDPOINT_REQUIREMENTS do
        authorize_download_code!

        not_found! unless release

        present release, with: Entities::Release, current_user: current_user, include_html_description: params[:include_html_description]
      end

      desc 'Create a new release' do
        detail 'This feature was introduced in GitLab 11.7.'
        named 'create_release'
        success Entities::Release
      end
      params do
        requires :tag_name,    type: String, desc: 'The name of the tag', as: :tag
        optional :name,        type: String, desc: 'The name of the release'
        optional :description, type: String, desc: 'The release notes'
        optional :ref,         type: String, desc: 'The commit sha or branch name'
        optional :assets, type: Hash do
          optional :links, type: Array do
            requires :name, type: String, desc: 'The name of the link'
            requires :url, type: String, desc: 'The URL of the link'
            optional :filepath, type: String, desc: 'The filepath of the link'
            optional :link_type, type: String, desc: 'The link type, one of: "runbook", "image", "package" or "other"'
          end
        end
        optional :milestones, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'The titles of the related milestones', default: []
        optional :released_at, type: DateTime, desc: 'The date when the release will be/was ready. Defaults to the current time.'
      end
      route_setting :authentication, job_token_allowed: true
      post ':id/releases' do
        authorize_create_release!

        result = ::Releases::CreateService
          .new(user_project, current_user, declared_params(include_missing: false))
          .execute

        if result[:status] == :success
          log_release_created_audit_event(result[:release])

          present result[:release], with: Entities::Release, current_user: current_user
        else
          render_api_error!(result[:message], result[:http_status])
        end
      end

      desc 'Update a release' do
        detail 'This feature was introduced in GitLab 11.7.'
        named 'update_release'
        success Entities::Release
      end
      params do
        requires :tag_name,    type: String, desc: 'The name of the tag', as: :tag
        optional :name,        type: String, desc: 'The name of the release'
        optional :description, type: String, desc: 'Release notes with markdown support'
        optional :released_at, type: DateTime, desc: 'The date when the release will be/was ready.'
        optional :milestones,  type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'The titles of the related milestones'
      end
      route_setting :authentication, job_token_allowed: true
      put ':id/releases/:tag_name', requirements: RELEASE_ENDPOINT_REQUIREMENTS do
        authorize_update_release!

        result = ::Releases::UpdateService
          .new(user_project, current_user, declared_params(include_missing: false))
          .execute

        if result[:status] == :success
          log_release_updated_audit_event
          log_release_milestones_updated_audit_event if result[:milestones_updated]

          present result[:release], with: Entities::Release, current_user: current_user
        else
          render_api_error!(result[:message], result[:http_status])
        end
      end

      desc 'Delete a release' do
        detail 'This feature was introduced in GitLab 11.7.'
        named 'delete_release'
        success Entities::Release
      end
      params do
        requires :tag_name, type: String, desc: 'The name of the tag', as: :tag
      end
      route_setting :authentication, job_token_allowed: true
      delete ':id/releases/:tag_name', requirements: RELEASE_ENDPOINT_REQUIREMENTS do
        authorize_destroy_release!

        result = ::Releases::DestroyService
          .new(user_project, current_user, declared_params(include_missing: false))
          .execute

        if result[:status] == :success
          present result[:release], with: Entities::Release, current_user: current_user
        else
          render_api_error!(result[:message], result[:http_status])
        end
      end
    end

    helpers do
      def authorize_create_release!
        authorize! :create_release, user_project
      end

      def authorize_read_releases!
        authorize! :read_release, user_project
      end

      def authorize_read_release!
        authorize! :read_release, release
      end

      def authorize_update_release!
        authorize! :update_release, release
      end

      def authorize_destroy_release!
        authorize! :destroy_release, release
      end

      def authorize_download_code!
        authorize! :download_code, user_project
      end

      def authorize_create_evidence!
        # extended in EE
      end

      def release
        @release ||= user_project.releases.find_by_tag(params[:tag])
      end

      def log_release_created_audit_event(release)
        # extended in EE
      end

      def log_release_updated_audit_event
        # extended in EE
      end

      def log_release_milestones_updated_audit_event
        # extended in EE
      end

      def release_cli?
        request.env['HTTP_USER_AGENT']&.include?(RELEASE_CLI_USER_AGENT) == true
      end

      def event_context
        {
          release_cli: release_cli?
        }
      end

      def track_release_event
        Gitlab::Tracking.event(options[:for].name, options[:route_options][:named],
          project: user_project, user: current_user, **event_context)
      end
    end
  end
end

API::Releases.prepend_mod_with('API::Releases')
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`# frozen_string_literal: true`

			`module API`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`class Releases < ::API::Base`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`include PaginationParams`

New upstream version 12.3.8 2019-12-04 20:38:33 +05:30			`RELEASE_ENDPOINT_REQUIREMENTS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`.merge(tag_name: API::NO_SLASH_URL_PART_REGEX)`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`RELEASE_CLI_USER_AGENT = 'GitLab-release-cli'`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30
			`before { authorize_read_releases! }`

New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`after { track_release_event }`

New upstream version 13.6.5 2021-01-29 00:20:46 +05:30			`feature_category :release_orchestration`

New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`params do`
			`requires :id, type: String, desc: 'The ID of a project'`
			`end`
			`resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do`
			`desc 'Get a project releases' do`
			`detail 'This feature was introduced in GitLab 11.7.'`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`named 'get_releases'`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`success Entities::Release`
			`end`
			`params do`
			`use :pagination`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`optional :order_by, type: String, values: %w[released_at created_at], default: 'released_at',`
			desc: 'Return releases ordered by `released_at` or `created_at`.'
			`optional :sort, type: String, values: %w[asc desc], default: 'desc',`
			desc: 'Return releases sorted in `asc` or `desc` order.'
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`optional :include_html_description, type: Boolean,`
			desc: 'If `true`, a response includes HTML rendered markdown of the release description.'
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`end`
New upstream version 14.5.2+ds1 2021-12-11 22:18:48 +05:30			`route_setting :authentication, job_token_allowed: true`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`get ':id/releases' do`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`releases = ::ReleasesFinder.new(user_project, current_user, declared_params.slice(:order_by, :sort)).execute`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`# We cache the serialized payload per user in order to avoid repeated renderings.`
			`# Since the cached result could contain sensitive information,`
			`# it will expire in a short interval.`
			`present_cached paginate(releases),`
			`with: Entities::Release,`
			# `current_user` could be absent if the releases are publicly accesible.
			# We should not use `cache_key` for the user because the version/updated_at
			`# context is unnecessary here.`
			`cache_context: -> (_) { "user:{#{current_user&.id}}" },`
			`expires_in: 5.minutes,`
			`current_user: current_user,`
			`include_html_description: params[:include_html_description]`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`end`

			`desc 'Get a single project release' do`
			`detail 'This feature was introduced in GitLab 11.7.'`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`named 'get_release'`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`success Entities::Release`
			`end`
			`params do`
			`requires :tag_name, type: String, desc: 'The name of the tag', as: :tag`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`optional :include_html_description, type: Boolean,`
			desc: 'If `true`, a response includes HTML rendered markdown of the release description.'
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`end`
New upstream version 14.5.2+ds1 2021-12-11 22:18:48 +05:30			`route_setting :authentication, job_token_allowed: true`
New upstream version 12.3.8 2019-12-04 20:38:33 +05:30			`get ':id/releases/:tag_name', requirements: RELEASE_ENDPOINT_REQUIREMENTS do`
New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`authorize_download_code!`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30
New upstream version 14.1.7+ds1 2021-09-30 23:02:18 +05:30			`not_found! unless release`

New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`present release, with: Entities::Release, current_user: current_user, include_html_description: params[:include_html_description]`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`end`

			`desc 'Create a new release' do`
			`detail 'This feature was introduced in GitLab 11.7.'`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`named 'create_release'`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`success Entities::Release`
			`end`
			`params do`
			`requires :tag_name, type: String, desc: 'The name of the tag', as: :tag`
New upstream version 12.5.4 2019-12-26 22:10:19 +05:30			`optional :name, type: String, desc: 'The name of the release'`
New upstream version 12.9.2 2020-04-08 14:13:33 +05:30			`optional :description, type: String, desc: 'The release notes'`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`optional :ref, type: String, desc: 'The commit sha or branch name'`
			`optional :assets, type: Hash do`
			`optional :links, type: Array do`
New upstream version 13.3.8 2020-10-24 23:57:45 +05:30			`requires :name, type: String, desc: 'The name of the link'`
			`requires :url, type: String, desc: 'The URL of the link'`
			`optional :filepath, type: String, desc: 'The filepath of the link'`
			`optional :link_type, type: String, desc: 'The link type, one of: "runbook", "image", "package" or "other"'`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`end`
			`end`
New upstream version 13.2.1 2020-07-28 23:09:34 +05:30			`optional :milestones, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'The titles of the related milestones', default: []`
New upstream version 12.1.11 2019-09-30 21:07:59 +05:30			`optional :released_at, type: DateTime, desc: 'The date when the release will be/was ready. Defaults to the current time.'`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`end`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`route_setting :authentication, job_token_allowed: true`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`post ':id/releases' do`
			`authorize_create_release!`

			`result = ::Releases::CreateService`
			`.new(user_project, current_user, declared_params(include_missing: false))`
			`.execute`

			`if result[:status] == :success`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`log_release_created_audit_event(result[:release])`

New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`present result[:release], with: Entities::Release, current_user: current_user`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`else`
			`render_api_error!(result[:message], result[:http_status])`
			`end`
			`end`

			`desc 'Update a release' do`
			`detail 'This feature was introduced in GitLab 11.7.'`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`named 'update_release'`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`success Entities::Release`
			`end`
			`params do`
			`requires :tag_name, type: String, desc: 'The name of the tag', as: :tag`
			`optional :name, type: String, desc: 'The name of the release'`
			`optional :description, type: String, desc: 'Release notes with markdown support'`
New upstream version 12.1.11 2019-09-30 21:07:59 +05:30			`optional :released_at, type: DateTime, desc: 'The date when the release will be/was ready.'`
New upstream version 13.6.5 2021-01-29 00:20:46 +05:30			`optional :milestones, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'The titles of the related milestones'`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`end`
New upstream version 14.5.2+ds1 2021-12-11 22:18:48 +05:30			`route_setting :authentication, job_token_allowed: true`
New upstream version 12.3.8 2019-12-04 20:38:33 +05:30			`put ':id/releases/:tag_name', requirements: RELEASE_ENDPOINT_REQUIREMENTS do`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`authorize_update_release!`

			`result = ::Releases::UpdateService`
			`.new(user_project, current_user, declared_params(include_missing: false))`
			`.execute`

			`if result[:status] == :success`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`log_release_updated_audit_event`
			`log_release_milestones_updated_audit_event if result[:milestones_updated]`

New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`present result[:release], with: Entities::Release, current_user: current_user`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`else`
			`render_api_error!(result[:message], result[:http_status])`
			`end`
			`end`

			`desc 'Delete a release' do`
			`detail 'This feature was introduced in GitLab 11.7.'`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`named 'delete_release'`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`success Entities::Release`
			`end`
			`params do`
New upstream version 11.8.0 2019-03-02 22:35:43 +05:30			`requires :tag_name, type: String, desc: 'The name of the tag', as: :tag`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`end`
New upstream version 14.5.2+ds1 2021-12-11 22:18:48 +05:30			`route_setting :authentication, job_token_allowed: true`
New upstream version 12.3.8 2019-12-04 20:38:33 +05:30			`delete ':id/releases/:tag_name', requirements: RELEASE_ENDPOINT_REQUIREMENTS do`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`authorize_destroy_release!`

			`result = ::Releases::DestroyService`
			`.new(user_project, current_user, declared_params(include_missing: false))`
			`.execute`

			`if result[:status] == :success`
New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`present result[:release], with: Entities::Release, current_user: current_user`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`else`
			`render_api_error!(result[:message], result[:http_status])`
			`end`
			`end`
			`end`

			`helpers do`
			`def authorize_create_release!`
			`authorize! :create_release, user_project`
			`end`

			`def authorize_read_releases!`
			`authorize! :read_release, user_project`
			`end`

			`def authorize_read_release!`
			`authorize! :read_release, release`
			`end`

			`def authorize_update_release!`
			`authorize! :update_release, release`
			`end`

			`def authorize_destroy_release!`
			`authorize! :destroy_release, release`
			`end`

New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`def authorize_download_code!`
New upstream version 14.1.7+ds1 2021-09-30 23:02:18 +05:30			`authorize! :download_code, user_project`
New upstream version 11.11.7+dfsg 2019-07-31 22:56:46 +05:30			`end`

New upstream version 12.10.0 2020-04-22 19:07:51 +05:30			`def authorize_create_evidence!`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`# extended in EE`
New upstream version 12.10.0 2020-04-22 19:07:51 +05:30			`end`

New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`def release`
			`@release \|\|= user_project.releases.find_by_tag(params[:tag])`
			`end`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30
			`def log_release_created_audit_event(release)`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`# extended in EE`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`end`

			`def log_release_updated_audit_event`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`# extended in EE`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`end`

			`def log_release_milestones_updated_audit_event`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`# extended in EE`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`end`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30
			`def release_cli?`
			`request.env['HTTP_USER_AGENT']&.include?(RELEASE_CLI_USER_AGENT) == true`
			`end`

			`def event_context`
			`{`
			`release_cli: release_cli?`
			`}`
			`end`

			`def track_release_event`
			`Gitlab::Tracking.event(options[:for].name, options[:route_options][:named],`
			`project: user_project, user: current_user, **event_context)`
			`end`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`end`
			`end`
			`end`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`API::Releases.prepend_mod_with('API::Releases')`