Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
ce106e93
Commit
ce106e93
authored
Jan 03, 2017
by
Robert Schilling
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add more push rules to the API
parent
7e9dafcd
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
77 additions
and
28 deletions
+77
-28
changelogs/unreleased-ee/api-push-rules.yml
changelogs/unreleased-ee/api-push-rules.yml
+4
-0
doc/api/projects.md
doc/api/projects.md
+16
-4
lib/api/entities.rb
lib/api/entities.rb
+3
-1
lib/api/project_push_rule.rb
lib/api/project_push_rule.rb
+9
-3
spec/requests/api/project_push_rule_spec.rb
spec/requests/api/project_push_rule_spec.rb
+45
-20
No files found.
changelogs/unreleased-ee/api-push-rules.yml
0 → 100644
View file @
ce106e93
---
title
:
Add more push rules to the API
merge_request
:
1022
author
:
Robert Schilling
doc/api/projects.md
View file @
ce106e93
...
@@ -1429,7 +1429,12 @@ Parameters:
...
@@ -1429,7 +1429,12 @@ Parameters:
"project_id"
:
3
,
"project_id"
:
3
,
"commit_message_regex"
:
"Fixes
\d
+
\"
,
"commit_message_regex"
:
"Fixes
\d
+
\"
,
"
deny_delete_tag
": false,
"
deny_delete_tag
": false,
"
created_at
": "
2012-10-12
T
17
:
04
:
47
Z
"
"
created_at
": "
2012-10-12
T
17
:
04
:
47
Z
",
"
member_check
": false,
"
prevent_secrets
": false,
"
author_email_regex
": "",
"
file_name_regex
": "",
"
max_file_size
": 5
}
}
```
```
...
@@ -1443,9 +1448,16 @@ POST /projects/:id/push_rule
...
@@ -1443,9 +1448,16 @@ POST /projects/:id/push_rule
Parameters:
Parameters:
-
`id`
(required) - The ID of a project
| Attribute | Type | Required | Description |
-
`deny_delete_tag`
- Do not allow users to remove git tags with git push
| --------- | ---- | -------- | ----------- |
-
`commit_message_regex`
- Commit message regex
|
`id`
| integer/string | yes | The ID of the project or NAMESPACE/PROJECT_NAME |
|
`deny_delete_tag`
| boolean | no | Deny deleting a tag |
|
`member_check`
| boolean | no | Restrict commits by author (email) to existing GitLab users |
|
`prevent_secrets`
| boolean | no | GitLab will reject any files that are likely to contain secrets |
|
`commit_message_regex`
| string | no | All commit messages must match this |
|
`author_email_regex`
| string | no | All commit author's email must match this |
|
`file_name_regex`
| string | no | All commited filenames must
**not**
match this |
|
`max_file_size`
| integer | no | Maximum file size (MB) |
### Edit project push rule
### Edit project push rule
...
...
lib/api/entities.rb
View file @
ce106e93
...
@@ -60,6 +60,8 @@ module API
...
@@ -60,6 +60,8 @@ module API
class
ProjectPushRule
<
Grape
::
Entity
class
ProjectPushRule
<
Grape
::
Entity
expose
:id
,
:project_id
,
:created_at
expose
:id
,
:project_id
,
:created_at
expose
:commit_message_regex
,
:deny_delete_tag
expose
:commit_message_regex
,
:deny_delete_tag
expose
:member_check
,
:prevent_secrets
,
:author_email_regex
expose
:file_name_regex
,
:max_file_size
end
end
class
BasicProjectDetails
<
Grape
::
Entity
class
BasicProjectDetails
<
Grape
::
Entity
...
@@ -113,7 +115,7 @@ module API
...
@@ -113,7 +115,7 @@ module API
expose
:request_access_enabled
expose
:request_access_enabled
expose
:only_allow_merge_if_all_discussions_are_resolved
expose
:only_allow_merge_if_all_discussions_are_resolved
expose
:approvals_before_merge
expose
:approvals_before_merge
expose
:statistics
,
using:
'API::Entities::ProjectStatistics'
,
if: :statistics
expose
:statistics
,
using:
'API::Entities::ProjectStatistics'
,
if: :statistics
end
end
...
...
lib/api/project_push_rule.rb
View file @
ce106e93
module
API
module
API
# Projects push rule API
class
ProjectPushRule
<
Grape
::
API
class
ProjectPushRule
<
Grape
::
API
before
{
authenticate!
}
before
{
authenticate!
}
before
{
authorize_admin_project
}
before
{
authorize_admin_project
}
...
@@ -10,9 +9,16 @@ module API
...
@@ -10,9 +9,16 @@ module API
resource
:projects
do
resource
:projects
do
helpers
do
helpers
do
params
:push_rule_params
do
params
:push_rule_params
do
optional
:commit_message_regex
,
type:
String
,
desc:
'The commit message regex'
optional
:deny_delete_tag
,
type:
Boolean
,
desc:
'Deny deleting a tag'
optional
:deny_delete_tag
,
type:
Boolean
,
desc:
'Deny deleting a tag'
at_least_one_of
:commit_message_regex
,
:deny_delete_tag
optional
:member_check
,
type:
Boolean
,
desc:
'Restrict commits by author (email) to existing GitLab users'
optional
:prevent_secrets
,
type:
Boolean
,
desc:
'GitLab will reject any files that are likely to contain secrets'
optional
:commit_message_regex
,
type:
String
,
desc:
'All commit messages must match this'
optional
:author_email_regex
,
type:
String
,
desc:
"All commit author's email must match this"
optional
:file_name_regex
,
type:
String
,
desc:
'All commited filenames must not match this'
optional
:max_file_size
,
type:
Integer
,
desc:
'Maximum file size (MB)'
at_least_one_of
:deny_delete_tag
,
:member_check
,
:prevent_secrets
,
:commit_message_regex
,
:author_email_regex
,
:file_name_regex
,
:max_file_size
end
end
end
end
...
...
spec/requests/api/project_push_rule_spec.rb
View file @
ce106e93
...
@@ -19,8 +19,8 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
...
@@ -19,8 +19,8 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
context
"authorized user"
do
context
"authorized user"
do
it
"returns project push rule"
do
it
"returns project push rule"
do
get
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
)
get
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
)
expect
(
response
.
status
).
to
eq
(
200
)
expect
(
response
).
to
have_http_status
(
200
)
expect
(
json_response
).
to
be_an
Hash
expect
(
json_response
).
to
be_an
Hash
expect
(
json_response
[
'project_id'
]).
to
eq
(
project
.
id
)
expect
(
json_response
[
'project_id'
]).
to
eq
(
project
.
id
)
end
end
...
@@ -29,7 +29,8 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
...
@@ -29,7 +29,8 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
context
"unauthorized user"
do
context
"unauthorized user"
do
it
"does not have access to project push rule"
do
it
"does not have access to project push rule"
do
get
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user3
)
get
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user3
)
expect
(
response
.
status
).
to
eq
(
403
)
expect
(
response
).
to
have_http_status
(
403
)
end
end
end
end
end
end
...
@@ -38,20 +39,35 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
...
@@ -38,20 +39,35 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
context
"authorized user"
do
context
"authorized user"
do
it
"adds push rule to project"
do
it
"adds push rule to project"
do
post
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
),
post
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
),
deny_delete_tag:
true
deny_delete_tag:
true
,
member_check:
true
,
prevent_secrets:
true
,
expect
(
response
.
status
).
to
eq
(
201
)
commit_message_regex:
'/JIRA\-\d+/'
,
author_email_regex:
'/[a-zA-Z0-9]+@gitlab.com/'
,
file_name_regex:
'/[a-zA-Z0-9]+.key/'
,
max_file_size:
5
expect
(
json_response
).
to
be_an
Hash
expect
(
response
).
to
have_http_status
(
201
)
expect
(
json_response
[
'project_id'
]).
to
eq
(
project
.
id
)
expect
(
json_response
[
'project_id'
]).
to
eq
(
project
.
id
)
expect
(
json_response
[
'deny_delete_tag'
]).
to
eq
(
true
)
expect
(
json_response
[
'deny_delete_tag'
]).
to
eq
(
true
)
expect
(
json_response
[
'member_check'
]).
to
eq
(
true
)
expect
(
json_response
[
'prevent_secrets'
]).
to
eq
(
true
)
expect
(
json_response
[
'commit_message_regex'
]).
to
eq
(
'/JIRA\-\d+/'
)
expect
(
json_response
[
'author_email_regex'
]).
to
eq
(
'/[a-zA-Z0-9]+@gitlab.com/'
)
expect
(
json_response
[
'file_name_regex'
]).
to
eq
(
'/[a-zA-Z0-9]+.key/'
)
expect
(
json_response
[
'max_file_size'
]).
to
eq
(
5
)
end
end
end
end
it
'returns 400 if no parameter is given'
do
post
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
)
expect
(
response
).
to
have_http_status
(
400
)
end
context
"unauthorized user"
do
context
"unauthorized user"
do
it
"does not add push rule to project"
do
it
"does not add push rule to project"
do
post
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user3
),
post
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user3
),
deny_delete_tag:
true
deny_delete_tag:
true
expect
(
response
.
status
).
to
eq
(
403
)
expect
(
response
).
to
have_http_status
(
403
)
end
end
end
end
end
end
...
@@ -63,9 +79,9 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
...
@@ -63,9 +79,9 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
context
"with existing push rule"
do
context
"with existing push rule"
do
it
"does not add push rule to project"
do
it
"does not add push rule to project"
do
post
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
),
post
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
),
deny_delete_tag:
true
deny_delete_tag:
true
expect
(
response
.
status
).
to
eq
(
422
)
expect
(
response
).
to
have_http_status
(
422
)
end
end
end
end
end
end
...
@@ -78,24 +94,31 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
...
@@ -78,24 +94,31 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
it
"updates an existing project push rule"
do
it
"updates an existing project push rule"
do
put
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
),
put
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
),
deny_delete_tag:
false
,
commit_message_regex:
'Fixes \d+\..*'
deny_delete_tag:
false
,
commit_message_regex:
'Fixes \d+\..*'
expect
(
response
.
status
).
to
eq
(
200
)
expect
(
response
).
to
have_http_status
(
200
)
expect
(
json_response
[
'deny_delete_tag'
]).
to
eq
(
false
)
expect
(
json_response
[
'deny_delete_tag'
]).
to
eq
(
false
)
expect
(
json_response
[
'commit_message_regex'
]).
to
eq
(
'Fixes \d+\..*'
)
expect
(
json_response
[
'commit_message_regex'
]).
to
eq
(
'Fixes \d+\..*'
)
end
end
it
'returns 400 if no parameter is given'
do
put
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
)
expect
(
response
).
to
have_http_status
(
400
)
end
end
end
describe
"PUT /projects/:id/push_rule"
do
describe
"PUT /projects/:id/push_rule"
do
it
"gets error on non existing project push rule"
do
it
"gets error on non existing project push rule"
do
put
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
),
put
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
),
deny_delete_tag:
false
,
commit_message_regex:
'Fixes \d+\..*'
deny_delete_tag:
false
,
commit_message_regex:
'Fixes \d+\..*'
expect
(
response
.
status
).
to
eq
(
404
)
expect
(
response
).
to
have_http_status
(
404
)
end
end
it
"does not update push rule for unauthorized user"
do
it
"does not update push rule for unauthorized user"
do
post
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user3
),
post
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user3
),
deny_delete_tag:
true
deny_delete_tag:
true
expect
(
response
.
status
).
to
eq
(
403
)
expect
(
response
).
to
have_http_status
(
403
)
end
end
end
end
...
@@ -107,8 +130,8 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
...
@@ -107,8 +130,8 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
context
"authorized user"
do
context
"authorized user"
do
it
"deletes push rule from project"
do
it
"deletes push rule from project"
do
delete
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
)
delete
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
)
expect
(
response
.
status
).
to
eq
(
200
)
expect
(
response
).
to
have_http_status
(
200
)
expect
(
json_response
).
to
be_an
Hash
expect
(
json_response
).
to
be_an
Hash
end
end
end
end
...
@@ -116,7 +139,8 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
...
@@ -116,7 +139,8 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
context
"unauthorized user"
do
context
"unauthorized user"
do
it
"returns a 403 error"
do
it
"returns a 403 error"
do
delete
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user3
)
delete
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user3
)
expect
(
response
.
status
).
to
eq
(
403
)
expect
(
response
).
to
have_http_status
(
403
)
end
end
end
end
end
end
...
@@ -125,15 +149,16 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
...
@@ -125,15 +149,16 @@ describe API::ProjectPushRule, 'ProjectPushRule', api: true do
context
"for non existing push rule"
do
context
"for non existing push rule"
do
it
"deletes push rule from project"
do
it
"deletes push rule from project"
do
delete
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
)
delete
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user
)
expect
(
response
.
status
).
to
eq
(
404
)
expect
(
response
).
to
have_http_status
(
404
)
expect
(
json_response
).
to
be_an
Hash
expect
(
json_response
).
to
be_an
Hash
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Push Rule Not Found'
)
expect
(
json_response
[
'message'
]).
to
eq
(
'404 Push Rule Not Found'
)
end
end
it
"returns a 403 error if not authorized"
do
it
"returns a 403 error if not authorized"
do
delete
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user3
)
delete
api
(
"/projects/
#{
project
.
id
}
/push_rule"
,
user3
)
expect
(
response
.
status
).
to
eq
(
403
)
expect
(
response
).
to
have_http_status
(
403
)
end
end
end
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment