gitlab-org--gitlab-foss/lib/api/issues.rb

276 lines
10 KiB
Ruby
Raw Normal View History

module API
2012-07-24 08:19:51 -04:00
# Issues API
class Issues < Grape::API
before { authenticate! }
helpers ::Gitlab::AkismetHelper
2014-08-14 06:41:16 -04:00
helpers do
2014-09-04 18:01:12 -04:00
def filter_issues_state(issues, state)
2014-08-14 06:41:16 -04:00
case state
when 'opened' then issues.opened
when 'closed' then issues.closed
else issues
2014-08-14 06:41:16 -04:00
end
end
2014-08-14 10:17:19 -04:00
def filter_issues_labels(issues, labels)
2014-09-04 18:01:12 -04:00
issues.includes(:labels).where('labels.title' => labels.split(','))
end
def filter_issues_milestone(issues, milestone)
issues.includes(:milestone).where('milestones.title' => milestone)
2014-08-14 10:17:19 -04:00
end
def create_spam_log(project, current_user, attrs)
2016-01-26 15:08:20 -05:00
params = attrs.merge({
source_ip: client_ip(env),
user_agent: user_agent(env),
2016-01-26 15:08:20 -05:00
noteable_type: 'Issue',
via_api: true
})
::CreateSpamLogService.new(project, current_user, params).execute
end
2014-08-14 06:41:16 -04:00
end
2012-07-24 08:19:51 -04:00
resource :issues do
# Get currently authenticated user's issues
#
2014-08-14 06:41:16 -04:00
# Parameters:
# state (optional) - Return "opened" or "closed" issues
2014-08-14 10:17:19 -04:00
# labels (optional) - Comma-separated list of label names
# order_by (optional) - Return requests ordered by `created_at` or `updated_at` fields. Default is `created_at`
# sort (optional) - Return requests sorted in `asc` or `desc` order. Default is `desc`
#
2014-08-14 06:41:16 -04:00
# Example Requests:
2012-07-24 08:19:51 -04:00
# GET /issues
2014-08-14 06:41:16 -04:00
# GET /issues?state=opened
# GET /issues?state=closed
2014-08-14 10:17:19 -04:00
# GET /issues?labels=foo
# GET /issues?labels=foo,bar
# GET /issues?labels=foo,bar&state=opened
2012-07-24 08:19:51 -04:00
get do
2014-08-14 10:17:19 -04:00
issues = current_user.issues
issues = filter_issues_state(issues, params[:state]) unless params[:state].nil?
issues = filter_issues_labels(issues, params[:labels]) unless params[:labels].nil?
issues.reorder(issuable_order_by => issuable_sort)
2016-04-08 02:41:10 -04:00
present paginate(issues), with: Entities::Issue, current_user: current_user
2012-07-24 08:19:51 -04:00
end
end
resource :projects do
# Get a list of project issues
#
# Parameters:
# id (required) - The ID of a project
# iid (optional) - Return the project issue having the given `iid`
2014-08-14 06:41:16 -04:00
# state (optional) - Return "opened" or "closed" issues
2014-08-14 10:17:19 -04:00
# labels (optional) - Comma-separated list of label names
2014-09-04 18:01:12 -04:00
# milestone (optional) - Milestone title
# order_by (optional) - Return requests ordered by `created_at` or `updated_at` fields. Default is `created_at`
# sort (optional) - Return requests sorted in `asc` or `desc` order. Default is `desc`
2014-08-14 06:41:16 -04:00
#
# Example Requests:
2012-07-24 08:19:51 -04:00
# GET /projects/:id/issues
2014-08-14 06:41:16 -04:00
# GET /projects/:id/issues?state=opened
# GET /projects/:id/issues?state=closed
2014-08-14 10:17:19 -04:00
# GET /projects/:id/issues?labels=foo
# GET /projects/:id/issues?labels=foo,bar
# GET /projects/:id/issues?labels=foo,bar&state=opened
2014-09-04 18:01:12 -04:00
# GET /projects/:id/issues?milestone=1.0.0
# GET /projects/:id/issues?milestone=1.0.0&state=closed
# GET /issues?iid=42
2012-07-24 08:19:51 -04:00
get ":id/issues" do
issues = user_project.issues.visible_to_user(current_user)
2014-08-14 10:17:19 -04:00
issues = filter_issues_state(issues, params[:state]) unless params[:state].nil?
issues = filter_issues_labels(issues, params[:labels]) unless params[:labels].nil?
issues = filter_by_iid(issues, params[:iid]) unless params[:iid].nil?
2014-09-04 18:01:12 -04:00
unless params[:milestone].nil?
issues = filter_issues_milestone(issues, params[:milestone])
end
2014-08-14 10:17:19 -04:00
issues.reorder(issuable_order_by => issuable_sort)
2016-04-08 02:41:10 -04:00
present paginate(issues), with: Entities::Issue, current_user: current_user
2012-07-24 08:19:51 -04:00
end
# Get a single project issue
#
# Parameters:
# id (required) - The ID of a project
2012-07-24 08:19:51 -04:00
# issue_id (required) - The ID of a project issue
# Example Request:
# GET /projects/:id/issues/:issue_id
get ":id/issues/:issue_id" do
@issue = user_project.issues.find(params[:issue_id])
not_found! unless can?(current_user, :read_issue, @issue)
2016-04-08 02:41:10 -04:00
present @issue, with: Entities::Issue, current_user: current_user
2012-07-24 08:19:51 -04:00
end
# Create a new project issue
#
# Parameters:
# id (required) - The ID of a project
# title (required) - The title of an issue
# description (optional) - The description of an issue
# assignee_id (optional) - The ID of a user to assign issue
2012-07-24 08:19:51 -04:00
# milestone_id (optional) - The ID of a milestone to assign issue
# labels (optional) - The labels of an issue
2016-04-05 13:05:55 -04:00
# created_at (optional) - Date time string, ISO 8601 formatted
2012-07-24 08:19:51 -04:00
# Example Request:
# POST /projects/:id/issues
post ":id/issues" do
required_attributes! [:title]
keys = [:title, :description, :assignee_id, :milestone_id]
keys << :created_at if current_user.admin? || user_project.owner == current_user
attrs = attributes_for_keys(keys)
# Validate label names in advance
if (errors = validate_label_params(params)).any?
render_api_error!({ labels: errors }, 400)
end
project = user_project
2016-01-26 15:08:20 -05:00
text = [attrs[:title], attrs[:description]].reject(&:blank?).join("\n")
if check_for_spam?(project, current_user) && is_spam?(env, current_user, text)
create_spam_log(project, current_user, attrs)
render_api_error!({ error: 'Spam detected' }, 400)
end
issue = ::Issues::CreateService.new(project, current_user, attrs).execute
if issue.valid?
# Find or create labels and attach to issue. Labels are valid because
# we already checked its name, so there can't be an error here
if params[:labels].present?
issue.add_labels_by_names(params[:labels].split(','))
end
2016-04-08 02:41:10 -04:00
present issue, with: Entities::Issue, current_user: current_user
else
render_validation_error!(issue)
2012-07-24 08:19:51 -04:00
end
end
# Update an existing issue
#
# Parameters:
# id (required) - The ID of a project
2012-07-24 08:19:51 -04:00
# issue_id (required) - The ID of a project issue
# title (optional) - The title of an issue
# description (optional) - The description of an issue
# assignee_id (optional) - The ID of a user to assign issue
# milestone_id (optional) - The ID of a milestone to assign issue
# labels (optional) - The labels of an issue
# state_event (optional) - The state event of an issue (close|reopen)
2016-04-05 13:05:55 -04:00
# updated_at (optional) - Date time string, ISO 8601 formatted
2012-07-24 08:19:51 -04:00
# Example Request:
# PUT /projects/:id/issues/:issue_id
put ":id/issues/:issue_id" do
issue = user_project.issues.find(params[:issue_id])
authorize! :update_issue, issue
2016-04-05 13:05:55 -04:00
keys = [:title, :description, :assignee_id, :milestone_id, :state_event]
keys << :updated_at if current_user.admin? || user_project.owner == current_user
attrs = attributes_for_keys(keys)
# Validate label names in advance
if (errors = validate_label_params(params)).any?
render_api_error!({ labels: errors }, 400)
end
issue = ::Issues::UpdateService.new(user_project, current_user, attrs).execute(issue)
2013-06-11 11:15:18 -04:00
if issue.valid?
# Find or create labels and attach to issue. Labels are valid because
# we already checked its name, so there can't be an error here
if params[:labels] && can?(current_user, :admin_issue, user_project)
issue.remove_labels
# Create and add labels to the new created issue
issue.add_labels_by_names(params[:labels].split(','))
end
2016-04-08 02:41:10 -04:00
present issue, with: Entities::Issue, current_user: current_user
else
render_validation_error!(issue)
2012-07-24 08:19:51 -04:00
end
end
2016-04-07 08:07:17 -04:00
# Move an existing issue
#
# Parameters:
2016-04-12 12:38:18 -04:00
# id (required) - The ID of a project
# issue_id (required) - The ID of a project issue
# to_project_id (required) - The ID of the new project
2016-04-07 08:07:17 -04:00
# Example Request:
# POST /projects/:id/issues/:issue_id/move
2016-04-12 12:38:18 -04:00
post ':id/issues/:issue_id/move' do
required_attributes! [:to_project_id]
2016-04-07 08:07:17 -04:00
issue = user_project.issues.find(params[:issue_id])
2016-04-12 12:38:18 -04:00
new_project = Project.find(params[:to_project_id])
2016-04-07 08:07:17 -04:00
begin
issue = ::Issues::MoveService.new(user_project, current_user).execute(issue, new_project)
2016-04-12 12:38:18 -04:00
present issue, with: Entities::Issue, current_user: current_user
2016-04-07 08:07:17 -04:00
rescue ::Issues::MoveService::MoveError => error
render_api_error!(error.message, 400)
end
end
#
2016-02-26 03:55:43 -05:00
# Delete a project issue
2012-07-24 08:19:51 -04:00
#
# Parameters:
# id (required) - The ID of a project
2012-07-24 08:19:51 -04:00
# issue_id (required) - The ID of a project issue
# Example Request:
# DELETE /projects/:id/issues/:issue_id
delete ":id/issues/:issue_id" do
2016-03-21 09:12:52 -04:00
issue = user_project.issues.find_by(id: params[:issue_id])
2016-02-26 03:55:43 -05:00
2016-03-21 09:12:52 -04:00
authorize!(:destroy_issue, issue)
2016-02-26 03:55:43 -05:00
issue.destroy
2012-07-24 08:19:51 -04:00
end
# Subscribes to a project issue
#
# Parameters:
# id (required) - The ID of a project
# issue_id (required) - The ID of a project issue
# Example Request:
2016-04-12 08:46:59 -04:00
# POST /projects/:id/issues/:issue_id/subscription
post ':id/issues/:issue_id/subscription' do
issue = user_project.issues.find(params[:issue_id])
2016-04-12 08:46:59 -04:00
if issue.subscribed?(current_user)
not_modified!
2016-04-12 08:46:59 -04:00
else
issue.toggle_subscription(current_user)
present issue, with: Entities::Issue, current_user: current_user
end
end
# Unsubscribes from a project issue
#
# Parameters:
# id (required) - The ID of a project
# issue_id (required) - The ID of a project issue
# Example Request:
2016-04-12 08:46:59 -04:00
# DELETE /projects/:id/issues/:issue_id/subscription
delete ':id/issues/:issue_id/subscription' do
issue = user_project.issues.find(params[:issue_id])
if issue.subscribed?(current_user)
issue.unsubscribe(current_user)
present issue, with: Entities::Issue, current_user: current_user
else
not_modified!
end
end
2012-07-24 08:19:51 -04:00
end
end
end