diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-19 03:10:34 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-19 03:10:34 +0300 |
commit | 57a4861dd1841a53cb966b566b1eee4adb254675 (patch) | |
tree | 14f31aaf16966c72cb68a8434bee279877b701b3 /lib | |
parent | bfce95a4c5e9d71ed523f48f3fb901d2b7af60f7 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib')
-rw-r--r-- | lib/api/composer_packages.rb | 8 | ||||
-rw-r--r-- | lib/api/conan_packages.rb | 82 | ||||
-rw-r--r-- | lib/api/helpers/packages_manager_clients_helpers.rb | 10 | ||||
-rw-r--r-- | lib/api/nuget_packages.rb | 18 | ||||
-rw-r--r-- | lib/api/pypi_packages.rb | 8 | ||||
-rw-r--r-- | lib/gitlab/manifest_import/project_creator.rb | 1 |
6 files changed, 81 insertions, 46 deletions
diff --git a/lib/api/composer_packages.rb b/lib/api/composer_packages.rb index fd37a4ff1ad..05887e58425 100644 --- a/lib/api/composer_packages.rb +++ b/lib/api/composer_packages.rb @@ -59,7 +59,7 @@ module API desc 'Composer packages endpoint at group level' - route_setting :authentication, job_token_allowed: true + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true get ':id/-/packages/composer/packages' do presenter.root @@ -71,7 +71,7 @@ module API requires :sha, type: String, desc: 'Shasum of current json' end - route_setting :authentication, job_token_allowed: true + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true get ':id/-/packages/composer/p/:sha' do presenter.provider @@ -83,7 +83,7 @@ module API requires :package_name, type: String, file_path: true, desc: 'The Composer package name' end - route_setting :authentication, job_token_allowed: true + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true get ':id/-/packages/composer/*package_name', requirements: COMPOSER_ENDPOINT_REQUIREMENTS, file_path: true do not_found! if packages.empty? @@ -104,7 +104,7 @@ module API desc 'Composer packages endpoint for registering packages' namespace ':id/packages/composer' do - route_setting :authentication, job_token_allowed: true + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true params do optional :branch, type: String, desc: 'The name of the branch' diff --git a/lib/api/conan_packages.rb b/lib/api/conan_packages.rb index 6888929874f..6923d252fbd 100644 --- a/lib/api/conan_packages.rb +++ b/lib/api/conan_packages.rb @@ -38,7 +38,9 @@ module API desc 'Ping the Conan API' do detail 'This feature was introduced in GitLab 12.2' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + get 'ping' do header 'X-Conan-Server-Capabilities', [].join(',') end @@ -46,10 +48,13 @@ module API desc 'Search for packages' do detail 'This feature was introduced in GitLab 12.4' end + params do requires :q, type: String, desc: 'Search query' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + get 'conans/search' do service = ::Packages::Conan::SearchService.new(current_user, query: params[:q]).execute service.payload @@ -61,7 +66,9 @@ module API desc 'Authenticate user against conan CLI' do detail 'This feature was introduced in GitLab 12.2' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + get 'authenticate' do unauthorized! unless token @@ -71,7 +78,9 @@ module API desc 'Check for valid user credentials per conan CLI' do detail 'This feature was introduced in GitLab 12.4' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + get 'check_credentials' do authenticate! :ok @@ -93,10 +102,13 @@ module API desc 'Package Snapshot' do detail 'This feature was introduced in GitLab 12.5' end + params do requires :conan_package_reference, type: String, desc: 'Conan package ID' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + get 'packages/:conan_package_reference' do authorize!(:read_package, project) @@ -113,7 +125,9 @@ module API desc 'Recipe Snapshot' do detail 'This feature was introduced in GitLab 12.5' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + get do authorize!(:read_package, project) @@ -133,7 +147,9 @@ module API params do requires :conan_package_reference, type: String, desc: 'Conan package ID' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + get 'packages/:conan_package_reference/digest' do present_package_download_urls end @@ -141,7 +157,9 @@ module API desc 'Recipe Digest' do detail 'This feature was introduced in GitLab 12.5' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + get 'digest' do present_recipe_download_urls end @@ -155,10 +173,13 @@ module API desc 'Package Download Urls' do detail 'This feature was introduced in GitLab 12.5' end + params do requires :conan_package_reference, type: String, desc: 'Conan package ID' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + get 'packages/:conan_package_reference/download_urls' do present_package_download_urls end @@ -166,7 +187,9 @@ module API desc 'Recipe Download Urls' do detail 'This feature was introduced in GitLab 12.5' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + get 'download_urls' do present_recipe_download_urls end @@ -181,10 +204,13 @@ module API desc 'Package Upload Urls' do detail 'This feature was introduced in GitLab 12.4' end + params do requires :conan_package_reference, type: String, desc: 'Conan package ID' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + post 'packages/:conan_package_reference/upload_urls' do authorize!(:read_package, project) @@ -195,7 +221,9 @@ module API desc 'Recipe Upload Urls' do detail 'This feature was introduced in GitLab 12.4' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + post 'upload_urls' do authorize!(:read_package, project) @@ -206,7 +234,9 @@ module API desc 'Delete Package' do detail 'This feature was introduced in GitLab 12.5' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + delete do authorize!(:destroy_package, project) @@ -235,7 +265,9 @@ module API desc 'Download recipe files' do detail 'This feature was introduced in GitLab 12.6' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + get do download_package_file(:recipe_file) end @@ -243,10 +275,13 @@ module API desc 'Upload recipe package files' do detail 'This feature was introduced in GitLab 12.6' end + params do use :workhorse_upload_params end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + put do upload_package_file(:recipe_file) end @@ -254,7 +289,9 @@ module API desc 'Workhorse authorize the conan recipe file' do detail 'This feature was introduced in GitLab 12.6' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + put 'authorize' do authorize_workhorse!(subject: project) end @@ -269,7 +306,9 @@ module API desc 'Download package files' do detail 'This feature was introduced in GitLab 12.5' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + get do download_package_file(:package_file) end @@ -277,7 +316,9 @@ module API desc 'Workhorse authorize the conan package file' do detail 'This feature was introduced in GitLab 12.6' end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + put 'authorize' do authorize_workhorse!(subject: project) end @@ -285,10 +326,13 @@ module API desc 'Upload package files' do detail 'This feature was introduced in GitLab 12.6' end + params do use :workhorse_upload_params end - route_setting :authentication, job_token_allowed: true + + route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true + put do upload_package_file(:package_file) end diff --git a/lib/api/helpers/packages_manager_clients_helpers.rb b/lib/api/helpers/packages_manager_clients_helpers.rb index 7b5d0dd708d..ae16b65aaa8 100644 --- a/lib/api/helpers/packages_manager_clients_helpers.rb +++ b/lib/api/helpers/packages_manager_clients_helpers.rb @@ -16,16 +16,6 @@ module API optional 'file.sha256', type: String, desc: 'SHA256 checksum of the file (generated by Workhorse)' end - def find_personal_access_token_from_http_basic_auth - return unless headers - - token = decode_token - - return unless token - - PersonalAccessToken.find_by_token(token) - end - def find_job_from_http_basic_auth return unless headers diff --git a/lib/api/nuget_packages.rb b/lib/api/nuget_packages.rb index 0092a68266e..56c4de2071d 100644 --- a/lib/api/nuget_packages.rb +++ b/lib/api/nuget_packages.rb @@ -55,7 +55,7 @@ module API requires :id, type: String, desc: 'The ID of a project', regexp: POSITIVE_INTEGER_REGEX end - route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth + route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do before do @@ -68,7 +68,7 @@ module API detail 'This feature was introduced in GitLab 12.6' end - route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth + route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true get 'index', format: :json do authorize_read_package!(authorized_user_project) @@ -88,7 +88,7 @@ module API requires :package, type: ::API::Validations::Types::WorkhorseFile, desc: 'The package file to be published (generated by Multipart middleware)' end - route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth + route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true put do authorize_upload!(authorized_user_project) @@ -115,7 +115,7 @@ module API forbidden! end - route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth + route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true put 'authorize' do authorize_workhorse!(subject: authorized_user_project, has_length: false) @@ -134,7 +134,7 @@ module API detail 'This feature was introduced in GitLab 12.8' end - route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth + route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true get 'index', format: :json do present ::Packages::Nuget::PackagesMetadataPresenter.new(find_packages), @@ -148,7 +148,7 @@ module API requires :package_version, type: String, desc: 'The NuGet package version', regexp: API::NO_SLASH_URL_PART_REGEX end - route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth + route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true get '*package_version', format: :json do present ::Packages::Nuget::PackageMetadataPresenter.new(find_package), @@ -169,7 +169,7 @@ module API detail 'This feature was introduced in GitLab 12.8' end - route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth + route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true get 'index', format: :json do present ::Packages::Nuget::PackagesVersionsPresenter.new(find_packages), @@ -184,7 +184,7 @@ module API requires :package_filename, type: String, desc: 'The NuGet package filename', regexp: API::NO_SLASH_URL_PART_REGEX end - route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth + route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true get '*package_version/*package_filename', format: :nupkg do filename = "#{params[:package_filename]}.#{params[:format]}" @@ -216,7 +216,7 @@ module API detail 'This feature was introduced in GitLab 12.8' end - route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth + route_setting :authentication, deploy_token_allowed: true, job_token_allowed: :basic_auth, basic_auth_personal_access_token: true get format: :json do search_options = { diff --git a/lib/api/pypi_packages.rb b/lib/api/pypi_packages.rb index b743eed75fb..739928a61ed 100644 --- a/lib/api/pypi_packages.rb +++ b/lib/api/pypi_packages.rb @@ -64,7 +64,7 @@ module API requires :sha256, type: String, desc: 'The PyPi package sha256 check sum' end - route_setting :authentication, deploy_token_allowed: true + route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true get 'files/:sha256/*file_identifier' do project = unauthorized_user_project! @@ -87,7 +87,7 @@ module API # An Api entry point but returns an HTML file instead of JSON. # PyPi simple API returns the package descriptor as a simple HTML file. - route_setting :authentication, deploy_token_allowed: true + route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true get 'simple/*package_name', format: :txt do authorize_read_package!(authorized_user_project) @@ -117,7 +117,7 @@ module API optional :sha256_digest, type: String end - route_setting :authentication, deploy_token_allowed: true + route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true post do authorize_upload!(authorized_user_project) @@ -134,7 +134,7 @@ module API forbidden! end - route_setting :authentication, deploy_token_allowed: true + route_setting :authentication, deploy_token_allowed: true, basic_auth_personal_access_token: true post 'authorize' do authorize_workhorse!(subject: authorized_user_project, has_length: false) end diff --git a/lib/gitlab/manifest_import/project_creator.rb b/lib/gitlab/manifest_import/project_creator.rb index 837d65e5f7c..6637cbb9cc8 100644 --- a/lib/gitlab/manifest_import/project_creator.rb +++ b/lib/gitlab/manifest_import/project_creator.rb @@ -18,6 +18,7 @@ module Gitlab params = { import_url: repository[:url], + import_source: repository[:url], import_type: 'manifest', namespace_id: group.id, path: project_path, |