2018-09-29 22:34:47 +00:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2013-05-14 12:33:31 +00:00
|
|
|
module API
|
2012-06-27 11:32:56 +00:00
|
|
|
class API < Grape::API
|
2014-12-19 14:15:29 +00:00
|
|
|
include APIGuard
|
2017-01-30 17:41:56 +00:00
|
|
|
|
2017-09-07 05:41:15 +00:00
|
|
|
LOG_FILENAME = Rails.root.join("log", "api_json.log")
|
|
|
|
|
2019-05-05 10:19:14 +00:00
|
|
|
NO_SLASH_URL_PART_REGEX = %r{[^/]+}.freeze
|
2018-11-08 12:18:17 +00:00
|
|
|
NAMESPACE_OR_PROJECT_REQUIREMENTS = { id: NO_SLASH_URL_PART_REGEX }.freeze
|
|
|
|
COMMIT_ENDPOINT_REQUIREMENTS = NAMESPACE_OR_PROJECT_REQUIREMENTS.merge(sha: NO_SLASH_URL_PART_REGEX).freeze
|
2019-01-31 10:13:23 +00:00
|
|
|
USER_REQUIREMENTS = { user_id: NO_SLASH_URL_PART_REGEX }.freeze
|
2019-07-12 19:13:28 +00:00
|
|
|
LOG_FILTERS = ::Rails.application.config.filter_parameters + [/^output$/]
|
2017-09-23 13:21:32 +00:00
|
|
|
|
2018-05-18 06:48:59 +00:00
|
|
|
insert_before Grape::Middleware::Error,
|
|
|
|
GrapeLogging::Middleware::RequestLogger,
|
|
|
|
logger: Logger.new(LOG_FILENAME),
|
|
|
|
formatter: Gitlab::GrapeLogging::Formatters::LogrageWithTimestamp.new,
|
|
|
|
include: [
|
2019-07-12 19:13:28 +00:00
|
|
|
GrapeLogging::Loggers::FilterParameters.new(LOG_FILTERS),
|
2019-08-20 18:12:28 +00:00
|
|
|
Gitlab::GrapeLogging::Loggers::ClientEnvLogger.new,
|
2018-09-03 17:03:32 +00:00
|
|
|
Gitlab::GrapeLogging::Loggers::RouteLogger.new,
|
2018-05-26 04:00:26 +00:00
|
|
|
Gitlab::GrapeLogging::Loggers::UserLogger.new,
|
2019-11-11 15:06:42 +00:00
|
|
|
Gitlab::GrapeLogging::Loggers::ExceptionLogger.new,
|
2018-09-04 17:14:22 +00:00
|
|
|
Gitlab::GrapeLogging::Loggers::QueueDurationLogger.new,
|
2018-12-05 20:54:40 +00:00
|
|
|
Gitlab::GrapeLogging::Loggers::PerfLogger.new,
|
|
|
|
Gitlab::GrapeLogging::Loggers::CorrelationIdLogger.new
|
2018-05-18 06:48:59 +00:00
|
|
|
]
|
2017-09-07 05:41:15 +00:00
|
|
|
|
2017-06-20 07:40:24 +00:00
|
|
|
allow_access_with_scope :api
|
2017-07-25 09:35:45 +00:00
|
|
|
prefix :api
|
2017-06-20 07:40:24 +00:00
|
|
|
|
2017-01-30 17:41:56 +00:00
|
|
|
version 'v3', using: :path do
|
2018-05-15 13:39:33 +00:00
|
|
|
route :any, '*path' do
|
|
|
|
error!('API V3 is no longer supported. Use API V4 instead.', 410)
|
|
|
|
end
|
2017-01-30 17:41:56 +00:00
|
|
|
end
|
2012-07-04 07:48:00 +00:00
|
|
|
|
2018-05-15 13:39:33 +00:00
|
|
|
version 'v4', using: :path
|
|
|
|
|
2017-11-01 09:25:49 +00:00
|
|
|
before do
|
|
|
|
header['X-Frame-Options'] = 'SAMEORIGIN'
|
|
|
|
header['X-Content-Type-Options'] = 'nosniff'
|
|
|
|
end
|
2017-05-04 02:05:38 +00:00
|
|
|
|
2020-01-03 15:08:33 +00:00
|
|
|
before do
|
|
|
|
Gitlab::ApplicationContext.push(
|
|
|
|
user: -> { current_user },
|
|
|
|
project: -> { @project },
|
2020-01-23 15:08:46 +00:00
|
|
|
namespace: -> { @group },
|
|
|
|
caller_id: route.origin
|
2020-01-03 15:08:33 +00:00
|
|
|
)
|
|
|
|
end
|
|
|
|
|
2017-08-02 16:20:31 +00:00
|
|
|
# The locale is set to the current user's locale when `current_user` is loaded
|
2017-05-25 15:22:45 +00:00
|
|
|
after { Gitlab::I18n.use_default_locale }
|
2016-11-22 09:04:23 +00:00
|
|
|
|
2016-06-23 15:14:31 +00:00
|
|
|
rescue_from Gitlab::Access::AccessDeniedError do
|
|
|
|
rack_response({ 'message' => '403 Forbidden' }.to_json, 403)
|
|
|
|
end
|
|
|
|
|
2012-07-05 15:12:09 +00:00
|
|
|
rescue_from ActiveRecord::RecordNotFound do
|
2015-02-03 04:36:54 +00:00
|
|
|
rack_response({ 'message' => '404 Not found' }.to_json, 404)
|
2012-07-05 15:12:09 +00:00
|
|
|
end
|
|
|
|
|
2019-06-21 16:56:47 +00:00
|
|
|
rescue_from(
|
|
|
|
::ActiveRecord::StaleObjectError,
|
|
|
|
::Gitlab::ExclusiveLeaseHelpers::FailedToObtainLockError
|
|
|
|
) do
|
2018-11-23 16:25:11 +00:00
|
|
|
rack_response({ 'message' => '409 Conflict: Resource lock' }.to_json, 409)
|
|
|
|
end
|
|
|
|
|
2018-04-03 16:47:33 +00:00
|
|
|
rescue_from UploadedFile::InvalidPathError do |e|
|
|
|
|
rack_response({ 'message' => e.message }.to_json, 400)
|
|
|
|
end
|
|
|
|
|
|
|
|
rescue_from ObjectStorage::RemoteStoreError do |e|
|
|
|
|
rack_response({ 'message' => e.message }.to_json, 500)
|
|
|
|
end
|
|
|
|
|
2016-08-02 21:56:27 +00:00
|
|
|
# Retain 405 error rather than a 500 error for Grape 0.15.0+.
|
2017-01-04 17:24:39 +00:00
|
|
|
# https://github.com/ruby-grape/grape/blob/a3a28f5b5dfbb2797442e006dbffd750b27f2a76/UPGRADING.md#changes-to-method-not-allowed-routes
|
|
|
|
rescue_from Grape::Exceptions::MethodNotAllowed do |e|
|
|
|
|
error! e.message, e.status, e.headers
|
|
|
|
end
|
|
|
|
|
2016-08-02 21:56:27 +00:00
|
|
|
rescue_from Grape::Exceptions::Base do |e|
|
|
|
|
error! e.message, e.status, e.headers
|
2016-07-29 10:14:36 +00:00
|
|
|
end
|
|
|
|
|
2017-02-17 11:52:27 +00:00
|
|
|
rescue_from Gitlab::Auth::TooManyIps do |e|
|
2017-02-17 13:44:57 +00:00
|
|
|
rack_response({ 'message' => '403 Forbidden' }.to_json, 403)
|
2017-02-17 11:52:27 +00:00
|
|
|
end
|
|
|
|
|
2013-02-01 09:42:02 +00:00
|
|
|
rescue_from :all do |exception|
|
2016-08-19 00:06:33 +00:00
|
|
|
handle_api_exception(exception)
|
2013-01-29 17:20:59 +00:00
|
|
|
end
|
|
|
|
|
2012-06-27 11:32:56 +00:00
|
|
|
format :json
|
2014-02-18 09:40:45 +00:00
|
|
|
content_type :txt, "text/plain"
|
|
|
|
|
2016-04-15 15:35:40 +00:00
|
|
|
# Ensure the namespace is right, otherwise we might load Grape::API::Helpers
|
|
|
|
helpers ::API::Helpers
|
2017-05-04 12:11:15 +00:00
|
|
|
helpers ::API::Helpers::CommonHelpers
|
2016-04-15 15:35:40 +00:00
|
|
|
|
2016-09-25 08:28:23 +00:00
|
|
|
# Keep in alphabetical order
|
2016-06-23 15:14:31 +00:00
|
|
|
mount ::API::AccessRequests
|
2020-01-09 06:07:57 +00:00
|
|
|
mount ::API::Appearance
|
2017-01-04 22:07:49 +00:00
|
|
|
mount ::API::Applications
|
2018-05-18 08:49:02 +00:00
|
|
|
mount ::API::Avatar
|
2016-06-10 06:57:56 +00:00
|
|
|
mount ::API::AwardEmoji
|
2018-03-05 17:51:40 +00:00
|
|
|
mount ::API::Badges
|
2016-10-13 10:52:51 +00:00
|
|
|
mount ::API::Boards
|
2016-06-10 06:57:56 +00:00
|
|
|
mount ::API::Branches
|
2016-08-25 23:34:01 +00:00
|
|
|
mount ::API::BroadcastMessages
|
2016-06-10 06:57:56 +00:00
|
|
|
mount ::API::Commits
|
2016-10-13 10:52:51 +00:00
|
|
|
mount ::API::CommitStatuses
|
2016-06-10 06:57:56 +00:00
|
|
|
mount ::API::DeployKeys
|
2016-08-16 06:45:23 +00:00
|
|
|
mount ::API::Deployments
|
2016-07-26 07:37:02 +00:00
|
|
|
mount ::API::Environments
|
2020-01-13 21:07:39 +00:00
|
|
|
mount ::API::ErrorTracking
|
2017-05-29 05:49:17 +00:00
|
|
|
mount ::API::Events
|
2017-05-31 21:06:01 +00:00
|
|
|
mount ::API::Features
|
2016-06-10 06:57:56 +00:00
|
|
|
mount ::API::Files
|
2018-02-19 19:06:16 +00:00
|
|
|
mount ::API::GroupBoards
|
2019-07-01 06:49:00 +00:00
|
|
|
mount ::API::GroupClusters
|
2019-11-14 12:06:30 +00:00
|
|
|
mount ::API::GroupExport
|
2018-08-23 21:28:30 +00:00
|
|
|
mount ::API::GroupLabels
|
2017-12-06 19:07:47 +00:00
|
|
|
mount ::API::GroupMilestones
|
2018-08-25 05:38:54 +00:00
|
|
|
mount ::API::Groups
|
2019-08-05 20:00:50 +00:00
|
|
|
mount ::API::GroupContainerRepositories
|
2018-08-25 05:38:54 +00:00
|
|
|
mount ::API::GroupVariables
|
2019-01-17 10:37:08 +00:00
|
|
|
mount ::API::ImportGithub
|
2019-09-03 22:07:49 +00:00
|
|
|
mount ::API::Internal::Base
|
2019-09-06 04:06:25 +00:00
|
|
|
mount ::API::Internal::Pages
|
2016-04-15 15:35:40 +00:00
|
|
|
mount ::API::Issues
|
2017-09-06 09:20:12 +00:00
|
|
|
mount ::API::JobArtifacts
|
2018-08-25 05:38:54 +00:00
|
|
|
mount ::API::Jobs
|
2016-06-10 06:57:56 +00:00
|
|
|
mount ::API::Keys
|
|
|
|
mount ::API::Labels
|
2016-08-24 09:42:48 +00:00
|
|
|
mount ::API::Lint
|
2018-05-18 10:25:59 +00:00
|
|
|
mount ::API::Markdown
|
2016-06-23 15:14:31 +00:00
|
|
|
mount ::API::Members
|
2016-09-25 08:28:23 +00:00
|
|
|
mount ::API::MergeRequestDiffs
|
2016-10-13 10:52:51 +00:00
|
|
|
mount ::API::MergeRequests
|
2016-06-10 06:57:56 +00:00
|
|
|
mount ::API::Namespaces
|
2016-04-15 15:35:40 +00:00
|
|
|
mount ::API::Notes
|
2018-02-28 07:48:23 +00:00
|
|
|
mount ::API::Discussions
|
2018-09-07 13:39:20 +00:00
|
|
|
mount ::API::ResourceLabelEvents
|
2016-08-02 20:52:55 +00:00
|
|
|
mount ::API::NotificationSettings
|
2019-12-09 09:08:00 +00:00
|
|
|
mount ::API::Pages
|
2017-08-21 23:59:54 +00:00
|
|
|
mount ::API::PagesDomains
|
2016-08-17 08:09:42 +00:00
|
|
|
mount ::API::Pipelines
|
2017-05-11 19:12:04 +00:00
|
|
|
mount ::API::PipelineSchedules
|
2018-12-18 21:40:20 +00:00
|
|
|
mount ::API::ProjectClusters
|
2019-08-05 20:00:50 +00:00
|
|
|
mount ::API::ProjectContainerRepositories
|
2019-04-17 11:13:48 +00:00
|
|
|
mount ::API::ProjectEvents
|
2017-12-02 19:49:01 +00:00
|
|
|
mount ::API::ProjectExport
|
2018-02-12 11:40:55 +00:00
|
|
|
mount ::API::ProjectImport
|
2016-04-15 15:35:40 +00:00
|
|
|
mount ::API::ProjectHooks
|
2017-12-06 19:07:47 +00:00
|
|
|
mount ::API::ProjectMilestones
|
2018-08-25 05:38:54 +00:00
|
|
|
mount ::API::Projects
|
2018-04-03 17:57:55 +00:00
|
|
|
mount ::API::ProjectSnapshots
|
2016-10-13 10:52:51 +00:00
|
|
|
mount ::API::ProjectSnippets
|
2018-12-13 19:26:56 +00:00
|
|
|
mount ::API::ProjectStatistics
|
2018-10-02 23:00:38 +00:00
|
|
|
mount ::API::ProjectTemplates
|
2017-08-02 10:16:17 +00:00
|
|
|
mount ::API::ProtectedBranches
|
2018-08-25 05:38:54 +00:00
|
|
|
mount ::API::ProtectedTags
|
2018-12-13 11:08:53 +00:00
|
|
|
mount ::API::Releases
|
2019-01-03 11:37:02 +00:00
|
|
|
mount ::API::Release::Links
|
2019-12-09 03:07:57 +00:00
|
|
|
mount ::API::RemoteMirrors
|
2016-06-10 06:57:56 +00:00
|
|
|
mount ::API::Repositories
|
2017-02-16 00:30:46 +00:00
|
|
|
mount ::API::Runner
|
2016-06-10 06:57:56 +00:00
|
|
|
mount ::API::Runners
|
2018-01-31 14:59:59 +00:00
|
|
|
mount ::API::Search
|
2016-04-15 15:35:40 +00:00
|
|
|
mount ::API::Services
|
|
|
|
mount ::API::Settings
|
2016-06-10 06:57:56 +00:00
|
|
|
mount ::API::SidekiqMetrics
|
2016-11-26 15:37:26 +00:00
|
|
|
mount ::API::Snippets
|
2019-09-09 03:38:42 +00:00
|
|
|
mount ::API::Statistics
|
2018-07-31 16:35:02 +00:00
|
|
|
mount ::API::Submodules
|
2016-06-10 06:57:56 +00:00
|
|
|
mount ::API::Subscriptions
|
2018-12-13 19:17:19 +00:00
|
|
|
mount ::API::Suggestions
|
2016-06-10 06:57:56 +00:00
|
|
|
mount ::API::SystemHooks
|
2016-04-15 15:35:40 +00:00
|
|
|
mount ::API::Tags
|
2016-05-27 09:00:56 +00:00
|
|
|
mount ::API::Templates
|
2016-03-11 19:04:42 +00:00
|
|
|
mount ::API::Todos
|
2016-04-15 15:35:40 +00:00
|
|
|
mount ::API::Triggers
|
2019-07-09 08:44:19 +00:00
|
|
|
mount ::API::UserCounts
|
2016-06-10 06:57:56 +00:00
|
|
|
mount ::API::Users
|
2016-04-15 15:35:40 +00:00
|
|
|
mount ::API::Variables
|
2016-10-12 11:32:48 +00:00
|
|
|
mount ::API::Version
|
2017-09-06 22:21:52 +00:00
|
|
|
mount ::API::Wikis
|
2016-10-07 13:39:57 +00:00
|
|
|
|
|
|
|
route :any, '*path' do
|
2016-10-07 17:18:02 +00:00
|
|
|
error!('404 Not Found', 404)
|
2016-10-07 13:39:57 +00:00
|
|
|
end
|
2012-06-27 11:32:56 +00:00
|
|
|
end
|
2012-06-27 09:26:16 +00:00
|
|
|
end
|
2019-09-13 13:26:31 +00:00
|
|
|
|
|
|
|
API::API.prepend_if_ee('::EE::API::API')
|