lib/api/nuget_group_packages.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83

# frozen_string_literal: true

# NuGet Package Manager Client API
#
# These API endpoints are not meant to be consumed directly by users. They are
# called by the NuGet package manager client when users run commands
# like `nuget install` or `nuget push`.
#
# This is the group level API.
module API
  class NugetGroupPackages < ::API::Base
    helpers ::API::Helpers::PackagesHelpers
    helpers ::API::Helpers::Packages::BasicAuthHelpers
    include ::API::Helpers::Authentication

    feature_category :package_registry

    default_format :json

    rescue_from ArgumentError do |e|
      render_api_error!(e.message, 400)
    end

    after_validation do
      require_packages_enabled!
    end

    helpers do
      include ::Gitlab::Utils::StrongMemoize

      def project_or_group
        find_authorized_group!
      end

      def project_or_group_without_auth
        find_group(params[:id]).presence || not_found!
      end
      strong_memoize_attr :project_or_group_without_auth

      def require_authenticated!
        unauthorized! unless current_user
      end

      def snowplow_gitlab_standard_context
        { namespace: find_authorized_group! }
      end

      def snowplow_gitlab_standard_context_without_auth
        { namespace: project_or_group_without_auth }
      end

      def required_permission
        :read_group
      end
    end

    params do
      requires :id, types: [Integer, String], desc: 'The group ID or full group path.', regexp: ::API::Concerns::Packages::Nuget::PrivateEndpoints::POSITIVE_INTEGER_REGEX
    end

    resource :groups, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
      namespace ':id/-/packages' do
        namespace '/nuget' do
          include ::API::Concerns::Packages::Nuget::PublicEndpoints
        end

        authenticate_with do |accept|
          accept.token_types(:personal_access_token_with_username, :deploy_token_with_username, :job_token_with_username)
                .sent_through(:http_basic_auth)
        end

        namespace '/nuget' do
          after_validation do
            # This API can't be accessed anonymously
            require_authenticated!
          end

          include ::API::Concerns::Packages::Nuget::PrivateEndpoints
        end
      end
    end
  end
end