BigW Consortium Gitlab

project_snippets.rb 4.66 KB
Newer Older
1 2
module API
  class ProjectSnippets < Grape::API
3 4
    include PaginationParams

5 6
    before { authenticate! }

7 8 9
    params do
      requires :id, type: String, desc: 'The ID of a project'
    end
10
    resource :projects, requirements: { id: %r{[^/]+} } do
11 12 13 14 15 16 17
      helpers do
        def handle_project_member_errors(errors)
          if errors[:project_access].any?
            error!(errors[:project_access], 422)
          end
          not_found!
        end
18 19

        def snippets_for_current_user
20
          SnippetsFinder.new(current_user, project: user_project).execute
21
        end
22 23
      end

24 25 26
      desc 'Get all project snippets' do
        success Entities::ProjectSnippet
      end
27 28 29
      params do
        use :pagination
      end
30
      get ":id/snippets" do
31
        present paginate(snippets_for_current_user), with: Entities::ProjectSnippet
32 33
      end

34 35 36 37 38 39
      desc 'Get a single project snippet' do
        success Entities::ProjectSnippet
      end
      params do
        requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'
      end
40
      get ":id/snippets/:snippet_id" do
41 42 43 44 45 46 47 48 49 50 51
        snippet = snippets_for_current_user.find(params[:snippet_id])
        present snippet, with: Entities::ProjectSnippet
      end

      desc 'Create a new project snippet' do
        success Entities::ProjectSnippet
      end
      params do
        requires :title, type: String, desc: 'The title of the snippet'
        requires :file_name, type: String, desc: 'The file name of the snippet'
        requires :code, type: String, desc: 'The content of the snippet'
52
        optional :description, type: String, desc: 'The description of a snippet'
53 54 55
        requires :visibility, type: String,
                              values: Gitlab::VisibilityLevel.string_values,
                              desc: 'The visibility of the snippet'
56
      end
57
      post ":id/snippets" do
58
        authorize! :create_project_snippet, user_project
59
        snippet_params = declared_params.merge(request: request, api: true)
60
        snippet_params[:content] = snippet_params.delete(:code)
61

62
        snippet = CreateSnippetService.new(user_project, current_user, snippet_params).execute
63

64 65
        render_spam_error! if snippet.spam?

66 67
        if snippet.persisted?
          present snippet, with: Entities::ProjectSnippet
68
        else
69
          render_validation_error!(snippet)
70 71 72
        end
      end

73 74 75 76 77 78 79 80
      desc 'Update an existing project snippet' do
        success Entities::ProjectSnippet
      end
      params do
        requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'
        optional :title, type: String, desc: 'The title of the snippet'
        optional :file_name, type: String, desc: 'The file name of the snippet'
        optional :code, type: String, desc: 'The content of the snippet'
81
        optional :description, type: String, desc: 'The description of a snippet'
82 83 84
        optional :visibility, type: String,
                              values: Gitlab::VisibilityLevel.string_values,
                              desc: 'The visibility of the snippet'
85 86
        at_least_one_of :title, :file_name, :code, :visibility_level
      end
87
      put ":id/snippets/:snippet_id" do
88 89 90 91 92
        snippet = snippets_for_current_user.find_by(id: params.delete(:snippet_id))
        not_found!('Snippet') unless snippet

        authorize! :update_project_snippet, snippet

93
        snippet_params = declared_params(include_missing: false)
94 95
          .merge(request: request, api: true)

96
        snippet_params[:content] = snippet_params.delete(:code) if snippet_params[:code].present?
97

98 99
        UpdateSnippetService.new(user_project, current_user, snippet,
                                 snippet_params).execute
100

101 102 103
        render_spam_error! if snippet.spam?

        if snippet.valid?
104
          present snippet, with: Entities::ProjectSnippet
105
        else
106
          render_validation_error!(snippet)
107 108 109
        end
      end

110 111 112 113
      desc 'Delete a project snippet'
      params do
        requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'
      end
114
      delete ":id/snippets/:snippet_id" do
115 116 117 118 119
        snippet = snippets_for_current_user.find_by(id: params[:snippet_id])
        not_found!('Snippet') unless snippet

        authorize! :admin_project_snippet, snippet
        snippet.destroy
120 121
      end

122 123 124 125
      desc 'Get a raw project snippet'
      params do
        requires :snippet_id, type: Integer, desc: 'The ID of a project snippet'
      end
126
      get ":id/snippets/:snippet_id/raw" do
127 128
        snippet = snippets_for_current_user.find_by(id: params[:snippet_id])
        not_found!('Snippet') unless snippet
129 130

        env['api.format'] = :txt
131
        content_type 'text/plain'
132
        present snippet.content
133 134 135 136
      end
    end
  end
end