gitlab-org--gitlab-foss/lib/api/variables.rb

# frozen_string_literal: true

module API
  class Variables < ::API::Base
    include PaginationParams

    before { authenticate! }
    before { authorize! :admin_build, user_project }

    helpers do
      def filter_variable_parameters(params)
        # This method exists so that EE can more easily filter out certain
        # parameters, without having to modify the source code directly.
        params
      end

      def find_variable(params)
        variables = ::Ci::VariablesFinder.new(user_project, params).execute.to_a

        return variables.first unless variables.many? # rubocop: disable CodeReuse/ActiveRecord

        conflict!("There are multiple variables with provided parameters. Please use 'filter[environment_scope]'")
      end
    end

    params do
      requires :id, type: String, desc: 'The ID of a project'
    end

    resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
      desc 'Get project variables' do
        success Entities::Ci::Variable
      end
      params do
        use :pagination
      end
      get ':id/variables' do
        variables = user_project.variables
        present paginate(variables), with: Entities::Ci::Variable
      end

      desc 'Get a specific variable from a project' do
        success Entities::Ci::Variable
      end
      params do
        requires :key, type: String, desc: 'The key of the variable'
      end
      # rubocop: disable CodeReuse/ActiveRecord
      get ':id/variables/:key' do
        variable = find_variable(params)
        not_found!('Variable') unless variable

        present variable, with: Entities::Ci::Variable
      end
      # rubocop: enable CodeReuse/ActiveRecord

      desc 'Create a new variable in a project' do
        success Entities::Ci::Variable
      end
      params do
        requires :key, type: String, desc: 'The key of the variable'
        requires :value, type: String, desc: 'The value of the variable'
        optional :protected, type: Boolean, desc: 'Whether the variable is protected'
        optional :masked, type: Boolean, desc: 'Whether the variable is masked'
        optional :variable_type, type: String, values: ::Ci::Variable.variable_types.keys, desc: 'The type of variable, must be one of env_var or file. Defaults to env_var'
        optional :environment_scope, type: String, desc: 'The environment_scope of the variable'
      end
      post ':id/variables' do
        variable = ::Ci::ChangeVariableService.new(
          container: user_project,
          current_user: current_user,
          params: { action: :create, variable_params: filter_variable_parameters(declared_params(include_missing: false)) }
        ).execute

        if variable.valid?
          present variable, with: Entities::Ci::Variable
        else
          render_validation_error!(variable)
        end
      end

      desc 'Update an existing variable from a project' do
        success Entities::Ci::Variable
      end
      params do
        optional :key, type: String, desc: 'The key of the variable'
        optional :value, type: String, desc: 'The value of the variable'
        optional :protected, type: Boolean, desc: 'Whether the variable is protected'
        optional :masked, type: Boolean, desc: 'Whether the variable is masked'
        optional :variable_type, type: String, values: ::Ci::Variable.variable_types.keys, desc: 'The type of variable, must be one of env_var or file'
        optional :environment_scope, type: String, desc: 'The environment_scope of the variable'
        optional :filter, type: Hash, desc: 'Available filters: [environment_scope]. Example: filter[environment_scope]=production'
      end
      # rubocop: disable CodeReuse/ActiveRecord
      put ':id/variables/:key' do
        variable = find_variable(params)
        not_found!('Variable') unless variable

        variable_params = filter_variable_parameters(
          declared_params(include_missing: false)
            .except(:key, :filter)
        )
        variable = ::Ci::ChangeVariableService.new(
          container: user_project,
          current_user: current_user,
          params: { action: :update, variable: variable, variable_params: variable_params }
        ).execute

        if variable.valid?
          present variable, with: Entities::Ci::Variable
        else
          render_validation_error!(variable)
        end
      end
      # rubocop: enable CodeReuse/ActiveRecord

      desc 'Delete an existing variable from a project' do
        success Entities::Ci::Variable
      end
      params do
        requires :key, type: String, desc: 'The key of the variable'
        optional :filter, type: Hash, desc: 'Available filters: [environment_scope]. Example: filter[environment_scope]=production'
      end
      # rubocop: disable CodeReuse/ActiveRecord
      delete ':id/variables/:key' do
        variable = find_variable(params)
        not_found!('Variable') unless variable

        ::Ci::ChangeVariableService.new(
          container: user_project,
          current_user: current_user,
          params: { action: :destroy, variable: variable }
        ).execute

        no_content!
      end
      # rubocop: enable CodeReuse/ActiveRecord
    end
  end
end
Enable frozen string in lib/api and lib/backup Partially addresses #47424. Had to make changes to spec files because stubbing methods on frozen objects is a mess in RSpec and leads to failures: https://github.com/rspec/rspec-mocks/issues/1190 2018-09-29 18:34:47 -04:00			`# frozen_string_literal: true`

Add features for list and show details of variables in API 2015-12-31 09:19:13 -05:00			`module API`
Add latest changes from gitlab-org/gitlab@master 2020-10-14 20:08:42 -04:00			`class Variables < ::API::Base`
Define common helper for describe pagination params in api 2016-11-21 14:15:46 -05:00			`include PaginationParams`

Add features for list and show details of variables in API 2015-12-31 09:19:13 -05:00			`before { authenticate! }`
Make the CI permission model simpler This MR simplifies CI permission model: - read_build: allows to read a list of builds, artifacts and trace - update_build: allows to cancel and retry builds - create_build: allows to create builds from gitlab-ci.yml (not yet implemented) - admin_build: allows to manage triggers, runners and variables - read_commit_status: allows to read a list of commit statuses (including the overall of builds) - create_commit_status: allows to create a new commit status using API Remove all extra methods to manage permission. Made all controllers to use explicitly the new permissions. 2016-02-01 17:58:04 -05:00			`before { authorize! :admin_build, user_project }`
Add features for list and show details of variables in API 2015-12-31 09:19:13 -05:00
Add method to API::Variables for filtering params This allows EE to customize the parameters used in two places, without having to modify the source code directly. 2019-03-04 08:50:15 -05:00			`helpers do`
			`def filter_variable_parameters(params)`
			`# This method exists so that EE can more easily filter out certain`
			`# parameters, without having to modify the source code directly.`
			`params`
			`end`
Add latest changes from gitlab-org/gitlab@master 2020-07-08 05:09:17 -04:00
			`def find_variable(params)`
			`variables = ::Ci::VariablesFinder.new(user_project, params).execute.to_a`

			`return variables.first unless variables.many? # rubocop: disable CodeReuse/ActiveRecord`

			`conflict!("There are multiple variables with provided parameters. Please use 'filter[environment_scope]'")`
			`end`
Add method to API::Variables for filtering params This allows EE to customize the parameters used in two places, without having to modify the source code directly. 2019-03-04 08:50:15 -05:00			`end`

GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`params do`
			`requires :id, type: String, desc: 'The ID of a project'`
			`end`

Enable the Layout/ExtraSpacing cop Signed-off-by: Rémy Coutable <remy@rymai.me> 2019-01-16 07:09:29 -05:00			`resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do`
GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`desc 'Get project variables' do`
Add latest changes from gitlab-org/gitlab@master 2020-08-13 14:10:36 -04:00			`success Entities::Ci::Variable`
GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`end`
			`params do`
Define common helper for describe pagination params in api 2016-11-21 14:15:46 -05:00			`use :pagination`
GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`end`
Add features for list and show details of variables in API 2015-12-31 09:19:13 -05:00			`get ':id/variables' do`
			`variables = user_project.variables`
Add latest changes from gitlab-org/gitlab@master 2020-08-13 14:10:36 -04:00			`present paginate(variables), with: Entities::Ci::Variable`
Add features for list and show details of variables in API 2015-12-31 09:19:13 -05:00			`end`

GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`desc 'Get a specific variable from a project' do`
Add latest changes from gitlab-org/gitlab@master 2020-08-13 14:10:36 -04:00			`success Entities::Ci::Variable`
GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`end`
			`params do`
			`requires :key, type: String, desc: 'The key of the variable'`
			`end`
Disable existing offenses for the CodeReuse cops This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. 2018-08-27 11:31:01 -04:00			`# rubocop: disable CodeReuse/ActiveRecord`
Change :variable_id to :key as resource ID in API 2016-01-07 07:49:38 -05:00			`get ':id/variables/:key' do`
Add latest changes from gitlab-org/gitlab@master 2020-07-08 05:09:17 -04:00			`variable = find_variable(params)`
			`not_found!('Variable') unless variable`
Add missing 'not_found' checks in variables API 2015-12-31 11:03:11 -05:00
Add latest changes from gitlab-org/gitlab@master 2020-08-13 14:10:36 -04:00			`present variable, with: Entities::Ci::Variable`
Add features for list and show details of variables in API 2015-12-31 09:19:13 -05:00			`end`
Disable existing offenses for the CodeReuse cops This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. 2018-08-27 11:31:01 -04:00			`# rubocop: enable CodeReuse/ActiveRecord`
Add update feature for variables API 2015-12-31 10:25:49 -05:00
GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`desc 'Create a new variable in a project' do`
Add latest changes from gitlab-org/gitlab@master 2020-08-13 14:10:36 -04:00			`success Entities::Ci::Variable`
GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`end`
			`params do`
			`requires :key, type: String, desc: 'The key of the variable'`
			`requires :value, type: String, desc: 'The value of the variable'`
Make protected attribute Boolean type As documented in https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/api/project_level_variables.md#create-variable and it's a boolean in `db/schema.rb` 2019-05-26 20:51:48 -04:00			`optional :protected, type: Boolean, desc: 'Whether the variable is protected'`
Masked should be Boolean type As documented in https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/api/project_level_variables.md#create-variable and it's a boolean in `db/schema.rb` 2019-05-26 18:29:41 -04:00			`optional :masked, type: Boolean, desc: 'Whether the variable is masked'`
Add latest changes from gitlab-org/gitlab@master 2020-06-25 20:09:13 -04:00			`optional :variable_type, type: String, values: ::Ci::Variable.variable_types.keys, desc: 'The type of variable, must be one of env_var or file. Defaults to env_var'`
Bring scoped environment variables to core As decided in https://gitlab.com/gitlab-org/gitlab-ce/issues/53593 2019-08-08 14:51:52 -04:00			`optional :environment_scope, type: String, desc: 'The environment_scope of the variable'`
GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`end`
Add create feature to variables API 2015-12-31 16:30:07 -05:00			`post ':id/variables' do`
Add latest changes from gitlab-org/gitlab@master 2020-08-18 11:10:33 -04:00			`variable = ::Ci::ChangeVariableService.new(`
			`container: user_project,`
			`current_user: current_user,`
			`params: { action: :create, variable_params: filter_variable_parameters(declared_params(include_missing: false)) }`
			`).execute`
Add create feature to variables API 2015-12-31 16:30:07 -05:00
Add some fixes after review 2016-01-13 06:47:11 -05:00			`if variable.valid?`
Add latest changes from gitlab-org/gitlab@master 2020-08-13 14:10:36 -04:00			`present variable, with: Entities::Ci::Variable`
Add some fixes after review 2016-01-13 06:47:11 -05:00			`else`
			`render_validation_error!(variable)`
			`end`
Add create feature to variables API 2015-12-31 16:30:07 -05:00			`end`

GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`desc 'Update an existing variable from a project' do`
Add latest changes from gitlab-org/gitlab@master 2020-08-13 14:10:36 -04:00			`success Entities::Ci::Variable`
GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`end`
			`params do`
			`optional :key, type: String, desc: 'The key of the variable'`
			`optional :value, type: String, desc: 'The value of the variable'`
Make protected attribute Boolean type As documented in https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/api/project_level_variables.md#create-variable and it's a boolean in `db/schema.rb` 2019-05-26 20:51:48 -04:00			`optional :protected, type: Boolean, desc: 'Whether the variable is protected'`
Masked should be Boolean type As documented in https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/api/project_level_variables.md#create-variable and it's a boolean in `db/schema.rb` 2019-05-26 18:29:41 -04:00			`optional :masked, type: Boolean, desc: 'Whether the variable is masked'`
Add latest changes from gitlab-org/gitlab@master 2020-06-25 20:09:13 -04:00			`optional :variable_type, type: String, values: ::Ci::Variable.variable_types.keys, desc: 'The type of variable, must be one of env_var or file'`
Bring scoped environment variables to core As decided in https://gitlab.com/gitlab-org/gitlab-ce/issues/53593 2019-08-08 14:51:52 -04:00			`optional :environment_scope, type: String, desc: 'The environment_scope of the variable'`
Add latest changes from gitlab-org/gitlab@master 2020-07-08 05:09:17 -04:00			`optional :filter, type: Hash, desc: 'Available filters: [environment_scope]. Example: filter[environment_scope]=production'`
GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`end`
Disable existing offenses for the CodeReuse cops This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. 2018-08-27 11:31:01 -04:00			`# rubocop: disable CodeReuse/ActiveRecord`
Change :variable_id to :key as resource ID in API 2016-01-07 07:49:38 -05:00			`put ':id/variables/:key' do`
Add latest changes from gitlab-org/gitlab@master 2020-07-08 05:09:17 -04:00			`variable = find_variable(params)`
			`not_found!('Variable') unless variable`
Add missing 'not_found' checks in variables API 2015-12-31 11:03:11 -05:00
Add latest changes from gitlab-org/gitlab@master 2020-08-18 11:10:33 -04:00			`variable_params = filter_variable_parameters(`
			`declared_params(include_missing: false)`
			`.except(:key, :filter)`
			`)`
			`variable = ::Ci::ChangeVariableService.new(`
			`container: user_project,`
			`current_user: current_user,`
			`params: { action: :update, variable: variable, variable_params: variable_params }`
			`).execute`
Backports for ee-2112 https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2112 2017-07-06 03:45:38 -04:00
Add latest changes from gitlab-org/gitlab@master 2020-08-18 11:10:33 -04:00			`if variable.valid?`
Add latest changes from gitlab-org/gitlab@master 2020-08-13 14:10:36 -04:00			`present variable, with: Entities::Ci::Variable`
Add some fixes after review 2016-01-13 06:47:11 -05:00			`else`
			`render_validation_error!(variable)`
			`end`
Add update feature for variables API 2015-12-31 10:25:49 -05:00			`end`
Disable existing offenses for the CodeReuse cops This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. 2018-08-27 11:31:01 -04:00			`# rubocop: enable CodeReuse/ActiveRecord`
Add delete feature to variables API 2015-12-31 10:56:03 -05:00
GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`desc 'Delete an existing variable from a project' do`
Add latest changes from gitlab-org/gitlab@master 2020-08-13 14:10:36 -04:00			`success Entities::Ci::Variable`
GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`end`
			`params do`
			`requires :key, type: String, desc: 'The key of the variable'`
Add latest changes from gitlab-org/gitlab@master 2020-07-08 05:09:17 -04:00			`optional :filter, type: Hash, desc: 'Available filters: [environment_scope]. Example: filter[environment_scope]=production'`
GrapeDSL for variables 2016-10-12 14:38:33 -04:00			`end`
Disable existing offenses for the CodeReuse cops This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. 2018-08-27 11:31:01 -04:00			`# rubocop: disable CodeReuse/ActiveRecord`
Change :variable_id to :key as resource ID in API 2016-01-07 07:49:38 -05:00			`delete ':id/variables/:key' do`
Add latest changes from gitlab-org/gitlab@master 2020-07-08 05:09:17 -04:00			`variable = find_variable(params)`
Backport API to V3 2017-02-20 14:32:44 -05:00			`not_found!('Variable') unless variable`
Add create feature to variables API 2015-12-31 16:30:07 -05:00
Add latest changes from gitlab-org/gitlab@master 2020-08-18 11:10:33 -04:00			`::Ci::ChangeVariableService.new(`
			`container: user_project,`
			`current_user: current_user,`
			`params: { action: :destroy, variable: variable }`
			`).execute`
Add latest changes from gitlab-org/gitlab@master 2020-01-16 13:08:46 -05:00
			`no_content!`
Add delete feature to variables API 2015-12-31 10:56:03 -05:00			`end`
Disable existing offenses for the CodeReuse cops This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. 2018-08-27 11:31:01 -04:00			`# rubocop: enable CodeReuse/ActiveRecord`
Add features for list and show details of variables in API 2015-12-31 09:19:13 -05:00			`end`
			`end`
			`end`