gitlab-org--gitlab-foss/lib/api/snippets.rb

module API
  # Snippets API
  class Snippets < Grape::API
    include PaginationParams

    before { authenticate! }

    resource :snippets do
      helpers do
        def snippets_for_current_user
          SnippetsFinder.new(current_user, author: current_user).execute
        end

        def public_snippets
          SnippetsFinder.new(current_user, visibility: Snippet::PUBLIC).execute
        end
      end

      desc 'Get a snippets list for authenticated user' do
        detail 'This feature was introduced in GitLab 8.15.'
        success Entities::PersonalSnippet
      end
      params do
        use :pagination
      end
      get do
        present paginate(snippets_for_current_user), with: Entities::PersonalSnippet
      end

      desc 'List all public snippets current_user has access to' do
        detail 'This feature was introduced in GitLab 8.15.'
        success Entities::PersonalSnippet
      end
      params do
        use :pagination
      end
      get 'public' do
        present paginate(public_snippets), with: Entities::PersonalSnippet
      end

      desc 'Get a single snippet' do
        detail 'This feature was introduced in GitLab 8.15.'
        success Entities::PersonalSnippet
      end
      params do
        requires :id, type: Integer, desc: 'The ID of a snippet'
      end
      get ':id' do
        snippet = snippets_for_current_user.find(params[:id])
        present snippet, with: Entities::PersonalSnippet
      end

      desc 'Create new snippet' do
        detail 'This feature was introduced in GitLab 8.15.'
        success Entities::PersonalSnippet
      end
      params do
        requires :title, type: String, desc: 'The title of a snippet'
        requires :file_name, type: String, desc: 'The name of a snippet file'
        requires :content, type: String, desc: 'The content of a snippet'
        optional :description, type: String, desc: 'The description of a snippet'
        optional :visibility, type: String,
                              values: Gitlab::VisibilityLevel.string_values,
                              default: 'internal',
                              desc: 'The visibility of the snippet'
      end
      post do
        attrs = declared_params(include_missing: false).merge(request: request, api: true)
        snippet = CreateSnippetService.new(nil, current_user, attrs).execute

        render_spam_error! if snippet.spam?

        if snippet.persisted?
          present snippet, with: Entities::PersonalSnippet
        else
          render_validation_error!(snippet)
        end
      end

      desc 'Update an existing snippet' do
        detail 'This feature was introduced in GitLab 8.15.'
        success Entities::PersonalSnippet
      end
      params do
        requires :id, type: Integer, desc: 'The ID of a snippet'
        optional :title, type: String, desc: 'The title of a snippet'
        optional :file_name, type: String, desc: 'The name of a snippet file'
        optional :content, type: String, desc: 'The content of a snippet'
        optional :description, type: String, desc: 'The description of a snippet'
        optional :visibility, type: String,
                              values: Gitlab::VisibilityLevel.string_values,
                              desc: 'The visibility of the snippet'
        at_least_one_of :title, :file_name, :content, :visibility
      end
      put ':id' do
        snippet = snippets_for_current_user.find_by(id: params.delete(:id))
        return not_found!('Snippet') unless snippet

        authorize! :update_personal_snippet, snippet

        attrs = declared_params(include_missing: false).merge(request: request, api: true)

        UpdateSnippetService.new(nil, current_user, snippet, attrs).execute

        render_spam_error! if snippet.spam?

        if snippet.persisted?
          present snippet, with: Entities::PersonalSnippet
        else
          render_validation_error!(snippet)
        end
      end

      desc 'Remove snippet' do
        detail 'This feature was introduced in GitLab 8.15.'
        success Entities::PersonalSnippet
      end
      params do
        requires :id, type: Integer, desc: 'The ID of a snippet'
      end
      delete ':id' do
        snippet = snippets_for_current_user.find_by(id: params.delete(:id))
        return not_found!('Snippet') unless snippet

        authorize! :destroy_personal_snippet, snippet

        destroy_conditionally!(snippet)
      end

      desc 'Get a raw snippet' do
        detail 'This feature was introduced in GitLab 8.15.'
      end
      params do
        requires :id, type: Integer, desc: 'The ID of a snippet'
      end
      get ":id/raw" do
        snippet = snippets_for_current_user.find_by(id: params.delete(:id))
        return not_found!('Snippet') unless snippet

        env['api.format'] = :txt
        content_type 'text/plain'
        present snippet.content
      end

      desc 'Get the user agent details for a snippet' do
        success Entities::UserAgentDetail
      end
      params do
        requires :id, type: Integer, desc: 'The ID of a snippet'
      end
      get ":id/user_agent_detail" do
        authenticated_as_admin!

        snippet = Snippet.find_by!(id: params[:id])

        return not_found!('UserAgentDetail') unless snippet.user_agent_detail

        present snippet.user_agent_detail, with: Entities::UserAgentDetail
      end
    end
  end
end
API: Endpoint to expose personal snippets as /snippets Adding the necessary API for the new /snippets Restful resource added with this commit. Added a new Grape class `Snippets`, as well as a `PersonalSnippet` entity. Issue: #20042 Merge-Request: !6373 Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net> 2016-11-26 10:37:26 -05:00			`module API`
			`# Snippets API`
			`class Snippets < Grape::API`
			`include PaginationParams`

			`before { authenticate! }`

			`resource :snippets do`
			`helpers do`
			`def snippets_for_current_user`
Merge branch 'snippets-finder-visibility' into 'security' Refactor snippets finder & dont return internal snippets for external users See merge request !2094 2017-04-28 18:06:27 -04:00			`SnippetsFinder.new(current_user, author: current_user).execute`
API: Endpoint to expose personal snippets as /snippets Adding the necessary API for the new /snippets Restful resource added with this commit. Added a new Grape class `Snippets`, as well as a `PersonalSnippet` entity. Issue: #20042 Merge-Request: !6373 Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net> 2016-11-26 10:37:26 -05:00			`end`

			`def public_snippets`
Merge branch 'snippets-finder-visibility' into 'security' Refactor snippets finder & dont return internal snippets for external users See merge request !2094 2017-04-28 18:06:27 -04:00			`SnippetsFinder.new(current_user, visibility: Snippet::PUBLIC).execute`
API: Endpoint to expose personal snippets as /snippets Adding the necessary API for the new /snippets Restful resource added with this commit. Added a new Grape class `Snippets`, as well as a `PersonalSnippet` entity. Issue: #20042 Merge-Request: !6373 Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net> 2016-11-26 10:37:26 -05:00			`end`
			`end`

			`desc 'Get a snippets list for authenticated user' do`
			`detail 'This feature was introduced in GitLab 8.15.'`
			`success Entities::PersonalSnippet`
			`end`
			`params do`
			`use :pagination`
			`end`
			`get do`
			`present paginate(snippets_for_current_user), with: Entities::PersonalSnippet`
			`end`

			`desc 'List all public snippets current_user has access to' do`
			`detail 'This feature was introduced in GitLab 8.15.'`
			`success Entities::PersonalSnippet`
			`end`
			`params do`
			`use :pagination`
			`end`
			`get 'public' do`
			`present paginate(public_snippets), with: Entities::PersonalSnippet`
			`end`

			`desc 'Get a single snippet' do`
			`detail 'This feature was introduced in GitLab 8.15.'`
			`success Entities::PersonalSnippet`
			`end`
			`params do`
			`requires :id, type: Integer, desc: 'The ID of a snippet'`
			`end`
			`get ':id' do`
			`snippet = snippets_for_current_user.find(params[:id])`
			`present snippet, with: Entities::PersonalSnippet`
			`end`

			`desc 'Create new snippet' do`
			`detail 'This feature was introduced in GitLab 8.15.'`
			`success Entities::PersonalSnippet`
			`end`
			`params do`
			`requires :title, type: String, desc: 'The title of a snippet'`
			`requires :file_name, type: String, desc: 'The name of a snippet file'`
			`requires :content, type: String, desc: 'The content of a snippet'`
Support descriptions for snippets 2017-05-03 11:26:49 -04:00			`optional :description, type: String, desc: 'The description of a snippet'`
Expose Snippet VisibilityLevel as String 2017-02-16 10:42:17 -05:00			`optional :visibility, type: String,`
			`values: Gitlab::VisibilityLevel.string_values,`
			`default: 'internal',`
			`desc: 'The visibility of the snippet'`
API: Endpoint to expose personal snippets as /snippets Adding the necessary API for the new /snippets Restful resource added with this commit. Added a new Grape class `Snippets`, as well as a `PersonalSnippet` entity. Issue: #20042 Merge-Request: !6373 Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net> 2016-11-26 10:37:26 -05:00			`end`
			`post do`
Use string based `visibility` getter & setter Add `visibility` & `visibility=` methods to the `Gitlab::VisibilityLevel` module so the `visibility_level` can be get/set with a string value. 2017-03-01 15:23:00 -05:00			`attrs = declared_params(include_missing: false).merge(request: request, api: true)`
API: Endpoint to expose personal snippets as /snippets Adding the necessary API for the new /snippets Restful resource added with this commit. Added a new Grape class `Snippets`, as well as a `PersonalSnippet` entity. Issue: #20042 Merge-Request: !6373 Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net> 2016-11-26 10:37:26 -05:00			`snippet = CreateSnippetService.new(nil, current_user, attrs).execute`

Spam check and reCAPTCHA improvements 2017-02-14 14:07:11 -05:00			`render_spam_error! if snippet.spam?`

API: Endpoint to expose personal snippets as /snippets Adding the necessary API for the new /snippets Restful resource added with this commit. Added a new Grape class `Snippets`, as well as a `PersonalSnippet` entity. Issue: #20042 Merge-Request: !6373 Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net> 2016-11-26 10:37:26 -05:00			`if snippet.persisted?`
			`present snippet, with: Entities::PersonalSnippet`
			`else`
			`render_validation_error!(snippet)`
			`end`
			`end`

			`desc 'Update an existing snippet' do`
			`detail 'This feature was introduced in GitLab 8.15.'`
			`success Entities::PersonalSnippet`
			`end`
			`params do`
			`requires :id, type: Integer, desc: 'The ID of a snippet'`
			`optional :title, type: String, desc: 'The title of a snippet'`
			`optional :file_name, type: String, desc: 'The name of a snippet file'`
			`optional :content, type: String, desc: 'The content of a snippet'`
Support descriptions for snippets 2017-05-03 11:26:49 -04:00			`optional :description, type: String, desc: 'The description of a snippet'`
Expose Snippet VisibilityLevel as String 2017-02-16 10:42:17 -05:00			`optional :visibility, type: String,`
			`values: Gitlab::VisibilityLevel.string_values,`
			`desc: 'The visibility of the snippet'`
			`at_least_one_of :title, :file_name, :content, :visibility`
API: Endpoint to expose personal snippets as /snippets Adding the necessary API for the new /snippets Restful resource added with this commit. Added a new Grape class `Snippets`, as well as a `PersonalSnippet` entity. Issue: #20042 Merge-Request: !6373 Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net> 2016-11-26 10:37:26 -05:00			`end`
			`put ':id' do`
			`snippet = snippets_for_current_user.find_by(id: params.delete(:id))`
			`return not_found!('Snippet') unless snippet`
Adds Rubocop rule for line break after guard clause Adds a rubocop rule (with autocorrect) to ensure line break after guard clauses. 2017-11-14 04:02:39 -05:00
API: Endpoint to expose personal snippets as /snippets Adding the necessary API for the new /snippets Restful resource added with this commit. Added a new Grape class `Snippets`, as well as a `PersonalSnippet` entity. Issue: #20042 Merge-Request: !6373 Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net> 2016-11-26 10:37:26 -05:00			`authorize! :update_personal_snippet, snippet`

Use string based `visibility` getter & setter Add `visibility` & `visibility=` methods to the `Gitlab::VisibilityLevel` module so the `visibility_level` can be get/set with a string value. 2017-03-01 15:23:00 -05:00			`attrs = declared_params(include_missing: false).merge(request: request, api: true)`
API: Endpoint to expose personal snippets as /snippets Adding the necessary API for the new /snippets Restful resource added with this commit. Added a new Grape class `Snippets`, as well as a `PersonalSnippet` entity. Issue: #20042 Merge-Request: !6373 Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net> 2016-11-26 10:37:26 -05:00
			`UpdateSnippetService.new(nil, current_user, snippet, attrs).execute`
Spam check and reCAPTCHA improvements 2017-02-14 14:07:11 -05:00
			`render_spam_error! if snippet.spam?`

API: Endpoint to expose personal snippets as /snippets Adding the necessary API for the new /snippets Restful resource added with this commit. Added a new Grape class `Snippets`, as well as a `PersonalSnippet` entity. Issue: #20042 Merge-Request: !6373 Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net> 2016-11-26 10:37:26 -05:00			`if snippet.persisted?`
			`present snippet, with: Entities::PersonalSnippet`
			`else`
			`render_validation_error!(snippet)`
			`end`
			`end`

			`desc 'Remove snippet' do`
			`detail 'This feature was introduced in GitLab 8.15.'`
			`success Entities::PersonalSnippet`
			`end`
			`params do`
			`requires :id, type: Integer, desc: 'The ID of a snippet'`
			`end`
			`delete ':id' do`
			`snippet = snippets_for_current_user.find_by(id: params.delete(:id))`
			`return not_found!('Snippet') unless snippet`
Return 204 for delete endpoints 2017-02-20 13:18:12 -05:00
API: Endpoint to expose personal snippets as /snippets Adding the necessary API for the new /snippets Restful resource added with this commit. Added a new Grape class `Snippets`, as well as a `PersonalSnippet` entity. Issue: #20042 Merge-Request: !6373 Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net> 2016-11-26 10:37:26 -05:00			`authorize! :destroy_personal_snippet, snippet`
Return 204 for delete endpoints 2017-02-20 13:18:12 -05:00
Conditionally destroy a ressource 2017-03-02 07:14:13 -05:00			`destroy_conditionally!(snippet)`
API: Endpoint to expose personal snippets as /snippets Adding the necessary API for the new /snippets Restful resource added with this commit. Added a new Grape class `Snippets`, as well as a `PersonalSnippet` entity. Issue: #20042 Merge-Request: !6373 Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net> 2016-11-26 10:37:26 -05:00			`end`

			`desc 'Get a raw snippet' do`
			`detail 'This feature was introduced in GitLab 8.15.'`
			`end`
			`params do`
			`requires :id, type: Integer, desc: 'The ID of a snippet'`
			`end`
			`get ":id/raw" do`
			`snippet = snippets_for_current_user.find_by(id: params.delete(:id))`
			`return not_found!('Snippet') unless snippet`

			`env['api.format'] = :txt`
			`content_type 'text/plain'`
			`present snippet.content`
			`end`
add user agent details API endpoints to issues and snippets 2017-07-05 10:27:32 -04:00
			`desc 'Get the user agent details for a snippet' do`
			`success Entities::UserAgentDetail`
			`end`
			`params do`
			`requires :id, type: Integer, desc: 'The ID of a snippet'`
			`end`
			`get ":id/user_agent_detail" do`
			`authenticated_as_admin!`

refactor code based on feedback 2017-07-06 09:19:14 -04:00			`snippet = Snippet.find_by!(id: params[:id])`
add user agent details API endpoints to issues and snippets 2017-07-05 10:27:32 -04:00
			`return not_found!('UserAgentDetail') unless snippet.user_agent_detail`

			`present snippet.user_agent_detail, with: Entities::UserAgentDetail`
			`end`
API: Endpoint to expose personal snippets as /snippets Adding the necessary API for the new /snippets Restful resource added with this commit. Added a new Grape class `Snippets`, as well as a `PersonalSnippet` entity. Issue: #20042 Merge-Request: !6373 Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net> 2016-11-26 10:37:26 -05:00			`end`
			`end`
			`end`