From 10fe62ec80be86c227e38d60e30fecba0c5bbe29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9my=20Coutable?= Date: Wed, 26 Jul 2017 15:53:07 +0200 Subject: Fix the /projects/:id/repository/tags endpoint to handle dots in the tag name when the project full path contains a `/` MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rémy Coutable --- lib/api/entities.rb | 2 +- lib/api/tags.rb | 14 ++++++++------ 2 files changed, 9 insertions(+), 7 deletions(-) (limited to 'lib/api') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 94b438db499..bdea308ad5d 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -699,7 +699,7 @@ module API class RepoTag < Grape::Entity expose :name, :message - expose :commit do |repo_tag, options| + expose :commit, using: Entities::RepoCommit do |repo_tag, options| options[:project].repository.commit(repo_tag.dereferenced_target) end diff --git a/lib/api/tags.rb b/lib/api/tags.rb index 633a858f8c7..1333747cced 100644 --- a/lib/api/tags.rb +++ b/lib/api/tags.rb @@ -2,19 +2,21 @@ module API class Tags < Grape::API include PaginationParams + TAG_ENDPOINT_REQUIREMENTS = API::PROJECT_ENDPOINT_REQUIREMENTS.merge(tag_name: API::NO_SLASH_URL_PART_REGEX) + before { authorize! :download_code, user_project } params do requires :id, type: String, desc: 'The ID of a project' end - resource :projects, requirements: { id: %r{[^/]+} } do + resource :projects, requirements: API::PROJECT_ENDPOINT_REQUIREMENTS do desc 'Get a project repository tags' do success Entities::RepoTag end params do use :pagination end - get ":id/repository/tags" do + get ':id/repository/tags' do tags = ::Kaminari.paginate_array(user_project.repository.tags.sort_by(&:name).reverse) present paginate(tags), with: Entities::RepoTag, project: user_project end @@ -25,7 +27,7 @@ module API params do requires :tag_name, type: String, desc: 'The name of the tag' end - get ":id/repository/tags/:tag_name", requirements: { tag_name: /.+/ } do + get ':id/repository/tags/:tag_name', requirements: TAG_ENDPOINT_REQUIREMENTS do tag = user_project.repository.find_tag(params[:tag_name]) not_found!('Tag') unless tag @@ -60,7 +62,7 @@ module API params do requires :tag_name, type: String, desc: 'The name of the tag' end - delete ":id/repository/tags/:tag_name", requirements: { tag_name: /.+/ } do + delete ':id/repository/tags/:tag_name', requirements: TAG_ENDPOINT_REQUIREMENTS do authorize_push_project result = ::Tags::DestroyService.new(user_project, current_user) @@ -78,7 +80,7 @@ module API requires :tag_name, type: String, desc: 'The name of the tag' requires :description, type: String, desc: 'Release notes with markdown support' end - post ':id/repository/tags/:tag_name/release', requirements: { tag_name: /.+/ } do + post ':id/repository/tags/:tag_name/release', requirements: TAG_ENDPOINT_REQUIREMENTS do authorize_push_project result = CreateReleaseService.new(user_project, current_user) @@ -98,7 +100,7 @@ module API requires :tag_name, type: String, desc: 'The name of the tag' requires :description, type: String, desc: 'Release notes with markdown support' end - put ':id/repository/tags/:tag_name/release', requirements: { tag_name: /.+/ } do + put ':id/repository/tags/:tag_name/release', requirements: TAG_ENDPOINT_REQUIREMENTS do authorize_push_project result = UpdateReleaseService.new(user_project, current_user) -- cgit v1.2.3