API: Respect the 'If-Unmodified-Since' for delete endpoints
This commit is contained in:
parent
7ccef75a26
commit
998afa5f74
22 changed files with 72 additions and 1 deletions
|
@ -67,6 +67,9 @@ module API
|
|||
end
|
||||
delete ":id/access_requests/:user_id" do
|
||||
source = find_source(source_type, params[:id])
|
||||
member = source.public_send(:requesters).find_by!(user_id: params[:user_id])
|
||||
|
||||
check_unmodified_since(member.updated_at)
|
||||
|
||||
status 204
|
||||
::Members::DestroyService.new(source, current_user, params)
|
||||
|
|
|
@ -85,6 +85,7 @@ module API
|
|||
end
|
||||
delete "#{endpoint}/:award_id" do
|
||||
award = awardable.award_emoji.find(params[:award_id])
|
||||
check_unmodified_since(award.updated_at)
|
||||
|
||||
unauthorized! unless award.user == current_user || current_user.admin?
|
||||
|
||||
|
|
|
@ -124,6 +124,7 @@ module API
|
|||
authorize!(:admin_list, user_project)
|
||||
|
||||
list = board_lists.find(params[:list_id])
|
||||
check_unmodified_since(list.updated_at)
|
||||
|
||||
service = ::Boards::Lists::DestroyService.new(user_project, current_user)
|
||||
|
||||
|
|
|
@ -90,6 +90,7 @@ module API
|
|||
end
|
||||
delete ':id' do
|
||||
message = find_message
|
||||
check_unmodified_since(message.updated_at)
|
||||
|
||||
status 204
|
||||
message.destroy
|
||||
|
|
|
@ -125,6 +125,8 @@ module API
|
|||
key = user_project.deploy_keys_projects.find_by(deploy_key_id: params[:key_id])
|
||||
not_found!('Deploy Key') unless key
|
||||
|
||||
check_unmodified_since(key.updated_at)
|
||||
|
||||
status 204
|
||||
key.destroy
|
||||
end
|
||||
|
|
|
@ -78,6 +78,7 @@ module API
|
|||
authorize! :update_environment, user_project
|
||||
|
||||
environment = user_project.environments.find(params[:environment_id])
|
||||
check_unmodified_since(environment.updated_at)
|
||||
|
||||
status 204
|
||||
environment.destroy
|
||||
|
|
|
@ -118,6 +118,8 @@ module API
|
|||
group = find_group!(params[:id])
|
||||
authorize! :admin_group, group
|
||||
|
||||
check_unmodified_since(group.updated_at)
|
||||
|
||||
status 204
|
||||
::Groups::DestroyService.new(group, current_user).execute
|
||||
end
|
||||
|
|
|
@ -11,6 +11,14 @@ module API
|
|||
declared(params, options).to_h.symbolize_keys
|
||||
end
|
||||
|
||||
def check_unmodified_since(last_modified)
|
||||
if_unmodified_since = Time.parse(headers['If-Unmodified-Since']) if headers.key?('If-Unmodified-Since') rescue nil
|
||||
|
||||
if if_unmodified_since && if_unmodified_since < last_modified
|
||||
render_api_error!('412 Precondition Failed', 412)
|
||||
end
|
||||
end
|
||||
|
||||
def current_user
|
||||
return @current_user if defined?(@current_user)
|
||||
|
||||
|
|
|
@ -230,6 +230,8 @@ module API
|
|||
not_found!('Issue') unless issue
|
||||
|
||||
authorize!(:destroy_issue, issue)
|
||||
check_unmodified_since(issue.updated_at)
|
||||
|
||||
status 204
|
||||
issue.destroy
|
||||
end
|
||||
|
|
|
@ -56,6 +56,8 @@ module API
|
|||
label = user_project.labels.find_by(title: params[:name])
|
||||
not_found!('Label') unless label
|
||||
|
||||
check_unmodified_since(label.updated_at)
|
||||
|
||||
status 204
|
||||
label.destroy
|
||||
end
|
||||
|
|
|
@ -94,7 +94,8 @@ module API
|
|||
delete ":id/members/:user_id" do
|
||||
source = find_source(source_type, params[:id])
|
||||
# Ensure that memeber exists
|
||||
source.members.find_by!(user_id: params[:user_id])
|
||||
member = source.members.find_by!(user_id: params[:user_id])
|
||||
check_unmodified_since(member.updated_at)
|
||||
|
||||
status 204
|
||||
::Members::DestroyService.new(source, current_user, declared_params).execute
|
||||
|
|
|
@ -164,6 +164,8 @@ module API
|
|||
merge_request = find_project_merge_request(params[:merge_request_iid])
|
||||
|
||||
authorize!(:destroy_merge_request, merge_request)
|
||||
check_unmodified_since(merge_request.updated_at)
|
||||
|
||||
status 204
|
||||
merge_request.destroy
|
||||
end
|
||||
|
|
|
@ -129,7 +129,9 @@ module API
|
|||
end
|
||||
delete ":id/#{noteables_str}/:noteable_id/notes/:note_id" do
|
||||
note = user_project.notes.find(params[:note_id])
|
||||
|
||||
authorize! :admin_note, note
|
||||
check_unmodified_since(note.updated_at)
|
||||
|
||||
status 204
|
||||
::Notes::DestroyService.new(user_project, current_user).execute(note)
|
||||
|
|
|
@ -96,6 +96,8 @@ module API
|
|||
delete ":id/hooks/:hook_id" do
|
||||
hook = user_project.hooks.find(params.delete(:hook_id))
|
||||
|
||||
check_unmodified_since(hook.updated_at)
|
||||
|
||||
status 204
|
||||
hook.destroy
|
||||
end
|
||||
|
|
|
@ -116,6 +116,8 @@ module API
|
|||
not_found!('Snippet') unless snippet
|
||||
|
||||
authorize! :admin_project_snippet, snippet
|
||||
check_unmodified_since(snippet.updated_at)
|
||||
|
||||
status 204
|
||||
snippet.destroy
|
||||
end
|
||||
|
|
|
@ -334,6 +334,8 @@ module API
|
|||
desc 'Remove a project'
|
||||
delete ":id" do
|
||||
authorize! :remove_project, user_project
|
||||
check_unmodified_since(user_project.updated_at)
|
||||
|
||||
::Projects::DestroyService.new(user_project, current_user, {}).async_execute
|
||||
|
||||
accepted!
|
||||
|
|
|
@ -77,7 +77,9 @@ module API
|
|||
end
|
||||
delete ':id' do
|
||||
runner = get_runner(params[:id])
|
||||
|
||||
authenticate_delete_runner!(runner)
|
||||
check_unmodified_since(runner.updated_at)
|
||||
|
||||
status 204
|
||||
runner.destroy!
|
||||
|
|
|
@ -655,6 +655,8 @@ module API
|
|||
end
|
||||
delete ":id/services/:service_slug" do
|
||||
service = user_project.find_or_initialize_service(params[:service_slug].underscore)
|
||||
# Todo, not sure
|
||||
check_unmodified_since(service.updated_at)
|
||||
|
||||
attrs = service_attributes(service).inject({}) do |hash, key|
|
||||
hash.merge!(key => nil)
|
||||
|
|
|
@ -122,6 +122,7 @@ module API
|
|||
return not_found!('Snippet') unless snippet
|
||||
|
||||
authorize! :destroy_personal_snippet, snippet
|
||||
check_unmodified_since(snippet.updated_at)
|
||||
|
||||
status 204
|
||||
snippet.destroy
|
||||
|
|
|
@ -66,6 +66,8 @@ module API
|
|||
hook = SystemHook.find_by(id: params[:id])
|
||||
not_found!('System hook') unless hook
|
||||
|
||||
check_unmodified_since(hook.updated_at)
|
||||
|
||||
status 204
|
||||
hook.destroy
|
||||
end
|
||||
|
|
|
@ -140,6 +140,8 @@ module API
|
|||
trigger = user_project.triggers.find(params.delete(:trigger_id))
|
||||
return not_found!('Trigger') unless trigger
|
||||
|
||||
check_unmodified_since(trigger.updated_at)
|
||||
|
||||
status 204
|
||||
trigger.destroy
|
||||
end
|
||||
|
|
|
@ -230,7 +230,12 @@ module API
|
|||
key = user.keys.find_by(id: params[:key_id])
|
||||
not_found!('Key') unless key
|
||||
|
||||
<<<<<<< HEAD
|
||||
status 204
|
||||
=======
|
||||
check_unmodified_since(key.updated_at)
|
||||
|
||||
>>>>>>> API: Respect the 'If-Unmodified-Since' for delete endpoints
|
||||
key.destroy
|
||||
end
|
||||
|
||||
|
@ -287,7 +292,14 @@ module API
|
|||
email = user.emails.find_by(id: params[:email_id])
|
||||
not_found!('Email') unless email
|
||||
|
||||
<<<<<<< HEAD
|
||||
Emails::DestroyService.new(user, email: email.email).execute
|
||||
=======
|
||||
check_unmodified_since(email.updated_at)
|
||||
|
||||
email.destroy
|
||||
user.update_secondary_emails!
|
||||
>>>>>>> API: Respect the 'If-Unmodified-Since' for delete endpoints
|
||||
end
|
||||
|
||||
desc 'Delete a user. Available only for admins.' do
|
||||
|
@ -299,11 +311,18 @@ module API
|
|||
end
|
||||
delete ":id" do
|
||||
authenticated_as_admin!
|
||||
|
||||
user = User.find_by(id: params[:id])
|
||||
not_found!('User') unless user
|
||||
|
||||
<<<<<<< HEAD
|
||||
status 204
|
||||
user.delete_async(deleted_by: current_user, params: params)
|
||||
=======
|
||||
check_unmodified_since(user.updated_at)
|
||||
|
||||
::Users::DestroyService.new(current_user).execute(user)
|
||||
>>>>>>> API: Respect the 'If-Unmodified-Since' for delete endpoints
|
||||
end
|
||||
|
||||
desc 'Block a user. Available only for admins.'
|
||||
|
@ -481,6 +500,8 @@ module API
|
|||
key = current_user.keys.find_by(id: params[:key_id])
|
||||
not_found!('Key') unless key
|
||||
|
||||
check_unmodified_since(key.updated_at)
|
||||
|
||||
status 204
|
||||
key.destroy
|
||||
end
|
||||
|
@ -533,6 +554,7 @@ module API
|
|||
email = current_user.emails.find_by(id: params[:email_id])
|
||||
not_found!('Email') unless email
|
||||
|
||||
<<<<<<< HEAD
|
||||
status 204
|
||||
Emails::DestroyService.new(current_user, email: email.email).execute
|
||||
end
|
||||
|
@ -550,6 +572,12 @@ module API
|
|||
.reorder(last_activity_on: :asc)
|
||||
|
||||
present paginate(activities), with: Entities::UserActivity
|
||||
=======
|
||||
check_unmodified_since(email.updated_at)
|
||||
|
||||
email.destroy
|
||||
current_user.update_secondary_emails!
|
||||
>>>>>>> API: Respect the 'If-Unmodified-Since' for delete endpoints
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue