Allow Repositories API GET endpoints to be requested anonymously
Signed-off-by: Rémy Coutable <remy@rymai.me>
This commit is contained in:
parent
40a6a077fd
commit
2e6c1720ea
4 changed files with 214 additions and 96 deletions
4
changelogs/unreleased/4269-public-repositories-api.yml
Normal file
4
changelogs/unreleased/4269-public-repositories-api.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
title: Allow Repositories API GET endpoints to be requested anonymously
|
||||||
|
merge_request:
|
||||||
|
author:
|
|
@ -2,7 +2,8 @@
|
||||||
|
|
||||||
## List repository tree
|
## List repository tree
|
||||||
|
|
||||||
Get a list of repository files and directories in a project.
|
Get a list of repository files and directories in a project. This endpoint can
|
||||||
|
be accessed without authentication if the repository is publicly accessible.
|
||||||
|
|
||||||
```
|
```
|
||||||
GET /projects/:id/repository/tree
|
GET /projects/:id/repository/tree
|
||||||
|
@ -71,7 +72,8 @@ Parameters:
|
||||||
|
|
||||||
## Raw file content
|
## Raw file content
|
||||||
|
|
||||||
Get the raw file contents for a file by commit SHA and path.
|
Get the raw file contents for a file by commit SHA and path. This endpoint can
|
||||||
|
be accessed without authentication if the repository is publicly accessible.
|
||||||
|
|
||||||
```
|
```
|
||||||
GET /projects/:id/repository/blobs/:sha
|
GET /projects/:id/repository/blobs/:sha
|
||||||
|
@ -85,7 +87,8 @@ Parameters:
|
||||||
|
|
||||||
## Raw blob content
|
## Raw blob content
|
||||||
|
|
||||||
Get the raw file contents for a blob by blob SHA.
|
Get the raw file contents for a blob by blob SHA. This endpoint can be accessed
|
||||||
|
without authentication if the repository is publicly accessible.
|
||||||
|
|
||||||
```
|
```
|
||||||
GET /projects/:id/repository/raw_blobs/:sha
|
GET /projects/:id/repository/raw_blobs/:sha
|
||||||
|
@ -98,7 +101,8 @@ Parameters:
|
||||||
|
|
||||||
## Get file archive
|
## Get file archive
|
||||||
|
|
||||||
Get an archive of the repository
|
Get an archive of the repository. This endpoint can be accessed without
|
||||||
|
authentication if the repository is publicly accessible.
|
||||||
|
|
||||||
```
|
```
|
||||||
GET /projects/:id/repository/archive
|
GET /projects/:id/repository/archive
|
||||||
|
@ -111,6 +115,9 @@ Parameters:
|
||||||
|
|
||||||
## Compare branches, tags or commits
|
## Compare branches, tags or commits
|
||||||
|
|
||||||
|
This endpoint can be accessed without authentication if the repository is
|
||||||
|
publicly accessible.
|
||||||
|
|
||||||
```
|
```
|
||||||
GET /projects/:id/repository/compare
|
GET /projects/:id/repository/compare
|
||||||
```
|
```
|
||||||
|
@ -163,7 +170,8 @@ Response:
|
||||||
|
|
||||||
## Contributors
|
## Contributors
|
||||||
|
|
||||||
Get repository contributors list
|
Get repository contributors list. This endpoint can be accessed without
|
||||||
|
authentication if the repository is publicly accessible.
|
||||||
|
|
||||||
```
|
```
|
||||||
GET /projects/:id/repository/contributors
|
GET /projects/:id/repository/contributors
|
||||||
|
|
|
@ -2,7 +2,6 @@ require 'mime/types'
|
||||||
|
|
||||||
module API
|
module API
|
||||||
class Repositories < Grape::API
|
class Repositories < Grape::API
|
||||||
before { authenticate! }
|
|
||||||
before { authorize! :download_code, user_project }
|
before { authorize! :download_code, user_project }
|
||||||
|
|
||||||
params do
|
params do
|
||||||
|
@ -79,8 +78,6 @@ module API
|
||||||
optional :format, type: String, desc: 'The archive format'
|
optional :format, type: String, desc: 'The archive format'
|
||||||
end
|
end
|
||||||
get ':id/repository/archive', requirements: { format: Gitlab::Regex.archive_formats_regex } do
|
get ':id/repository/archive', requirements: { format: Gitlab::Regex.archive_formats_regex } do
|
||||||
authorize! :download_code, user_project
|
|
||||||
|
|
||||||
begin
|
begin
|
||||||
send_git_archive user_project.repository, ref: params[:sha], format: params[:format]
|
send_git_archive user_project.repository, ref: params[:sha], format: params[:format]
|
||||||
rescue
|
rescue
|
||||||
|
@ -96,7 +93,6 @@ module API
|
||||||
requires :to, type: String, desc: 'The commit, branch name, or tag name to stop comparison'
|
requires :to, type: String, desc: 'The commit, branch name, or tag name to stop comparison'
|
||||||
end
|
end
|
||||||
get ':id/repository/compare' do
|
get ':id/repository/compare' do
|
||||||
authorize! :download_code, user_project
|
|
||||||
compare = Gitlab::Git::Compare.new(user_project.repository.raw_repository, params[:from], params[:to])
|
compare = Gitlab::Git::Compare.new(user_project.repository.raw_repository, params[:from], params[:to])
|
||||||
present compare, with: Entities::Compare
|
present compare, with: Entities::Compare
|
||||||
end
|
end
|
||||||
|
@ -105,8 +101,6 @@ module API
|
||||||
success Entities::Contributor
|
success Entities::Contributor
|
||||||
end
|
end
|
||||||
get ':id/repository/contributors' do
|
get ':id/repository/contributors' do
|
||||||
authorize! :download_code, user_project
|
|
||||||
|
|
||||||
begin
|
begin
|
||||||
present user_project.repository.contributors,
|
present user_project.repository.contributors,
|
||||||
with: Entities::Contributor
|
with: Entities::Contributor
|
||||||
|
|
|
@ -16,15 +16,32 @@ describe API::Repositories, api: true do
|
||||||
context "authorized user" do
|
context "authorized user" do
|
||||||
before { project.team << [user2, :reporter] }
|
before { project.team << [user2, :reporter] }
|
||||||
|
|
||||||
it "returns project commits" do
|
shared_examples_for 'repository tree' do
|
||||||
get api("/projects/#{project.id}/repository/tree", user)
|
it 'returns the repository tree' do
|
||||||
|
get api("/projects/#{project.id}/repository/tree", current_user)
|
||||||
|
|
||||||
expect(response).to have_http_status(200)
|
expect(response).to have_http_status(200)
|
||||||
|
|
||||||
expect(json_response).to be_an Array
|
first_commit = json_response.first
|
||||||
expect(json_response.first['name']).to eq('bar')
|
|
||||||
expect(json_response.first['type']).to eq('tree')
|
expect(json_response).to be_an Array
|
||||||
expect(json_response.first['mode']).to eq('040000')
|
expect(first_commit['name']).to eq('bar')
|
||||||
|
expect(first_commit['type']).to eq('tree')
|
||||||
|
expect(first_commit['mode']).to eq('040000')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when unauthenticated' do
|
||||||
|
it_behaves_like 'repository tree' do
|
||||||
|
let(:project) { create(:project, :public) }
|
||||||
|
let(:current_user) { nil }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when authenticated' do
|
||||||
|
it_behaves_like 'repository tree' do
|
||||||
|
let(:current_user) { user }
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'returns a 404 for unknown ref' do
|
it 'returns a 404 for unknown ref' do
|
||||||
|
@ -39,7 +56,8 @@ describe API::Repositories, api: true do
|
||||||
context "unauthorized user" do
|
context "unauthorized user" do
|
||||||
it "does not return project commits" do
|
it "does not return project commits" do
|
||||||
get api("/projects/#{project.id}/repository/tree")
|
get api("/projects/#{project.id}/repository/tree")
|
||||||
expect(response).to have_http_status(401)
|
|
||||||
|
expect(response).to have_http_status(404)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -72,15 +90,38 @@ describe API::Repositories, api: true do
|
||||||
context "unauthorized user" do
|
context "unauthorized user" do
|
||||||
it "does not return project commits" do
|
it "does not return project commits" do
|
||||||
get api("/projects/#{project.id}/repository/tree?recursive=1")
|
get api("/projects/#{project.id}/repository/tree?recursive=1")
|
||||||
expect(response).to have_http_status(401)
|
|
||||||
|
expect(response).to have_http_status(404)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "GET /projects/:id/repository/blobs/:sha" do
|
describe "GET /projects/:id/repository/blobs/:sha & /projects/:id/repository/commits/:sha" do
|
||||||
it "gets the raw file contents" do
|
shared_examples_for 'repository blob' do
|
||||||
get api("/projects/#{project.id}/repository/blobs/master?filepath=README.md", user)
|
it 'returns the repository blob for /repository/blobs/master' do
|
||||||
expect(response).to have_http_status(200)
|
get api("/projects/#{project.id}/repository/blobs/master?filepath=README.md", current_user)
|
||||||
|
|
||||||
|
expect(response).to have_http_status(200)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'returns the repository blob for /repository/commits/master' do
|
||||||
|
get api("/projects/#{project.id}/repository/commits/master/blob?filepath=README.md", current_user)
|
||||||
|
|
||||||
|
expect(response).to have_http_status(200)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when unauthenticated' do
|
||||||
|
it_behaves_like 'repository blob' do
|
||||||
|
let(:project) { create(:project, :public) }
|
||||||
|
let(:current_user) { nil }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when authenticated' do
|
||||||
|
it_behaves_like 'repository blob' do
|
||||||
|
let(:current_user) { user }
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
it "returns 404 for invalid branch_name" do
|
it "returns 404 for invalid branch_name" do
|
||||||
|
@ -99,17 +140,26 @@ describe API::Repositories, api: true do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "GET /projects/:id/repository/commits/:sha/blob" do
|
|
||||||
it "gets the raw file contents" do
|
|
||||||
get api("/projects/#{project.id}/repository/commits/master/blob?filepath=README.md", user)
|
|
||||||
expect(response).to have_http_status(200)
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
describe "GET /projects/:id/repository/raw_blobs/:sha" do
|
describe "GET /projects/:id/repository/raw_blobs/:sha" do
|
||||||
it "gets the raw file contents" do
|
shared_examples_for 'repository raw blob' do
|
||||||
get api("/projects/#{project.id}/repository/raw_blobs/#{sample_blob.oid}", user)
|
it 'returns the repository raw blob' do
|
||||||
expect(response).to have_http_status(200)
|
get api("/projects/#{project.id}/repository/raw_blobs/#{sample_blob.oid}", current_user)
|
||||||
|
|
||||||
|
expect(response).to have_http_status(200)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when unauthenticated' do
|
||||||
|
it_behaves_like 'repository raw blob' do
|
||||||
|
let(:project) { create(:project, :public) }
|
||||||
|
let(:current_user) { nil }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when authenticated' do
|
||||||
|
it_behaves_like 'repository raw blob' do
|
||||||
|
let(:current_user) { user }
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'returns a 404 for unknown blob' do
|
it 'returns a 404 for unknown blob' do
|
||||||
|
@ -122,31 +172,55 @@ describe API::Repositories, api: true do
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "GET /projects/:id/repository/archive(.:format)?:sha" do
|
describe "GET /projects/:id/repository/archive(.:format)?:sha" do
|
||||||
it "gets the archive" do
|
shared_examples_for 'repository archive' do
|
||||||
get api("/projects/#{project.id}/repository/archive", user)
|
it 'returns the repository archive' do
|
||||||
repo_name = project.repository.name.gsub("\.git", "")
|
get api("/projects/#{project.id}/repository/archive", current_user)
|
||||||
expect(response).to have_http_status(200)
|
|
||||||
type, params = workhorse_send_data
|
expect(response).to have_http_status(200)
|
||||||
expect(type).to eq('git-archive')
|
|
||||||
expect(params['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.tar.gz/)
|
repo_name = project.repository.name.gsub("\.git", "")
|
||||||
|
type, params = workhorse_send_data
|
||||||
|
|
||||||
|
expect(type).to eq('git-archive')
|
||||||
|
expect(params['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.tar.gz/)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'returns the repository archive archive.zip' do
|
||||||
|
get api("/projects/#{project.id}/repository/archive.zip", user)
|
||||||
|
|
||||||
|
expect(response).to have_http_status(200)
|
||||||
|
|
||||||
|
repo_name = project.repository.name.gsub("\.git", "")
|
||||||
|
type, params = workhorse_send_data
|
||||||
|
|
||||||
|
expect(type).to eq('git-archive')
|
||||||
|
expect(params['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.zip/)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'returns the repository archive archive.tar.bz2' do
|
||||||
|
get api("/projects/#{project.id}/repository/archive.tar.bz2", user)
|
||||||
|
|
||||||
|
expect(response).to have_http_status(200)
|
||||||
|
|
||||||
|
repo_name = project.repository.name.gsub("\.git", "")
|
||||||
|
type, params = workhorse_send_data
|
||||||
|
|
||||||
|
expect(type).to eq('git-archive')
|
||||||
|
expect(params['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.tar.bz2/)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
it "gets the archive.zip" do
|
context 'when unauthenticated' do
|
||||||
get api("/projects/#{project.id}/repository/archive.zip", user)
|
it_behaves_like 'repository archive' do
|
||||||
repo_name = project.repository.name.gsub("\.git", "")
|
let(:project) { create(:project, :public) }
|
||||||
expect(response).to have_http_status(200)
|
let(:current_user) { nil }
|
||||||
type, params = workhorse_send_data
|
end
|
||||||
expect(type).to eq('git-archive')
|
|
||||||
expect(params['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.zip/)
|
|
||||||
end
|
end
|
||||||
|
|
||||||
it "gets the archive.tar.bz2" do
|
context 'when authenticated' do
|
||||||
get api("/projects/#{project.id}/repository/archive.tar.bz2", user)
|
it_behaves_like 'repository archive' do
|
||||||
repo_name = project.repository.name.gsub("\.git", "")
|
let(:current_user) { user }
|
||||||
expect(response).to have_http_status(200)
|
end
|
||||||
type, params = workhorse_send_data
|
|
||||||
expect(type).to eq('git-archive')
|
|
||||||
expect(params['ArchivePath']).to match(/#{repo_name}\-[^\.]+\.tar.bz2/)
|
|
||||||
end
|
end
|
||||||
|
|
||||||
it "returns 404 for invalid sha" do
|
it "returns 404 for invalid sha" do
|
||||||
|
@ -156,55 +230,93 @@ describe API::Repositories, api: true do
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'GET /projects/:id/repository/compare' do
|
describe 'GET /projects/:id/repository/compare' do
|
||||||
it "compares branches" do
|
shared_examples_for 'repository compare' do
|
||||||
get api("/projects/#{project.id}/repository/compare", user), from: 'master', to: 'feature'
|
it "compares branches" do
|
||||||
expect(response).to have_http_status(200)
|
get api("/projects/#{project.id}/repository/compare", current_user), from: 'master', to: 'feature'
|
||||||
expect(json_response['commits']).to be_present
|
|
||||||
expect(json_response['diffs']).to be_present
|
expect(response).to have_http_status(200)
|
||||||
|
expect(json_response['commits']).to be_present
|
||||||
|
expect(json_response['diffs']).to be_present
|
||||||
|
end
|
||||||
|
|
||||||
|
it "compares tags" do
|
||||||
|
get api("/projects/#{project.id}/repository/compare", current_user), from: 'v1.0.0', to: 'v1.1.0'
|
||||||
|
|
||||||
|
expect(response).to have_http_status(200)
|
||||||
|
expect(json_response['commits']).to be_present
|
||||||
|
expect(json_response['diffs']).to be_present
|
||||||
|
end
|
||||||
|
|
||||||
|
it "compares commits" do
|
||||||
|
get api("/projects/#{project.id}/repository/compare", current_user), from: sample_commit.id, to: sample_commit.parent_id
|
||||||
|
|
||||||
|
expect(response).to have_http_status(200)
|
||||||
|
expect(json_response['commits']).to be_empty
|
||||||
|
expect(json_response['diffs']).to be_empty
|
||||||
|
expect(json_response['compare_same_ref']).to be_falsey
|
||||||
|
end
|
||||||
|
|
||||||
|
it "compares commits in reverse order" do
|
||||||
|
get api("/projects/#{project.id}/repository/compare", current_user), from: sample_commit.parent_id, to: sample_commit.id
|
||||||
|
|
||||||
|
expect(response).to have_http_status(200)
|
||||||
|
expect(json_response['commits']).to be_present
|
||||||
|
expect(json_response['diffs']).to be_present
|
||||||
|
end
|
||||||
|
|
||||||
|
it "compares same refs" do
|
||||||
|
get api("/projects/#{project.id}/repository/compare", current_user), from: 'master', to: 'master'
|
||||||
|
|
||||||
|
expect(response).to have_http_status(200)
|
||||||
|
expect(json_response['commits']).to be_empty
|
||||||
|
expect(json_response['diffs']).to be_empty
|
||||||
|
expect(json_response['compare_same_ref']).to be_truthy
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
it "compares tags" do
|
context 'when unauthenticated' do
|
||||||
get api("/projects/#{project.id}/repository/compare", user), from: 'v1.0.0', to: 'v1.1.0'
|
it_behaves_like 'repository compare' do
|
||||||
expect(response).to have_http_status(200)
|
let(:project) { create(:project, :public) }
|
||||||
expect(json_response['commits']).to be_present
|
let(:current_user) { nil }
|
||||||
expect(json_response['diffs']).to be_present
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
it "compares commits" do
|
context 'when authenticated' do
|
||||||
get api("/projects/#{project.id}/repository/compare", user), from: sample_commit.id, to: sample_commit.parent_id
|
it_behaves_like 'repository compare' do
|
||||||
expect(response).to have_http_status(200)
|
let(:current_user) { user }
|
||||||
expect(json_response['commits']).to be_empty
|
end
|
||||||
expect(json_response['diffs']).to be_empty
|
|
||||||
expect(json_response['compare_same_ref']).to be_falsey
|
|
||||||
end
|
|
||||||
|
|
||||||
it "compares commits in reverse order" do
|
|
||||||
get api("/projects/#{project.id}/repository/compare", user), from: sample_commit.parent_id, to: sample_commit.id
|
|
||||||
expect(response).to have_http_status(200)
|
|
||||||
expect(json_response['commits']).to be_present
|
|
||||||
expect(json_response['diffs']).to be_present
|
|
||||||
end
|
|
||||||
|
|
||||||
it "compares same refs" do
|
|
||||||
get api("/projects/#{project.id}/repository/compare", user), from: 'master', to: 'master'
|
|
||||||
expect(response).to have_http_status(200)
|
|
||||||
expect(json_response['commits']).to be_empty
|
|
||||||
expect(json_response['diffs']).to be_empty
|
|
||||||
expect(json_response['compare_same_ref']).to be_truthy
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'GET /projects/:id/repository/contributors' do
|
describe 'GET /projects/:id/repository/contributors' do
|
||||||
it 'returns valid data' do
|
shared_examples_for 'repository contributors' do
|
||||||
get api("/projects/#{project.id}/repository/contributors", user)
|
it 'returns valid data' do
|
||||||
expect(response).to have_http_status(200)
|
get api("/projects/#{project.id}/repository/contributors", user)
|
||||||
expect(json_response).to be_an Array
|
|
||||||
contributor = json_response.first
|
expect(response).to have_http_status(200)
|
||||||
expect(contributor['email']).to eq('tiagonbotelho@hotmail.com')
|
expect(json_response).to be_an Array
|
||||||
expect(contributor['name']).to eq('tiagonbotelho')
|
|
||||||
expect(contributor['commits']).to eq(1)
|
first_contributor = json_response.first
|
||||||
expect(contributor['additions']).to eq(0)
|
|
||||||
expect(contributor['deletions']).to eq(0)
|
expect(first_contributor['email']).to eq('tiagonbotelho@hotmail.com')
|
||||||
|
expect(first_contributor['name']).to eq('tiagonbotelho')
|
||||||
|
expect(first_contributor['commits']).to eq(1)
|
||||||
|
expect(first_contributor['additions']).to eq(0)
|
||||||
|
expect(first_contributor['deletions']).to eq(0)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when unauthenticated' do
|
||||||
|
it_behaves_like 'repository contributors' do
|
||||||
|
let(:project) { create(:project, :public) }
|
||||||
|
let(:current_user) { nil }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when authenticated' do
|
||||||
|
it_behaves_like 'repository contributors' do
|
||||||
|
let(:current_user) { user }
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue