Conan remove package API endpoint

Implements the DELETE API endpoint for the conan package registry to remove conan packages and their package files.

Conan remove package API endpoint
Implements the DELETE API endpoint for the conan package registry to remove conan packages and their package files.
e02a2b28 · Steve Abrams · Dmitriy Zaporozhets · a7e2d31e · e02a2b28 · e02a2b28
Commit e02a2b28 authored Nov 12, 2019 by Steve Abrams Committed by Dmitriy Zaporozhets Nov 12, 2019
4 changed files
--- a/ee/app/models/packages/package.rb
+++ b/ee/app/models/packages/package.rb
@@ -28,6 +28,11 @@ class Packages::Package < ApplicationRecord
  scope :with_name_like, ->(name) { where(arel_table[:name].matches(name)) }
  scope :with_version, ->(version) { where(version: version) }
  scope :with_package_type, ->(package_type) { where(package_type: package_type) }
+
+  scope :with_conan_channel, ->(package_channel) do
+    joins(:conan_metadatum).where(packages_conan_metadata: { package_channel: package_channel })
+  end
+
  scope :has_version, -> { where.not(version: nil) }
  scope :preload_files, -> { preload(:package_files) }
  scope :last_of_each_version, -> { where(id: all.select('MAX(id) AS id').group(:version)) }

--- a/ee/lib/api/conan_packages.rb
+++ b/ee/lib/api/conan_packages.rb
@@ -179,6 +179,15 @@ module API

          present upload_urls, with: EE::API::Entities::ConanPackage::ConanUploadUrls
        end
+
+        desc 'Delete Package' do
+          detail 'This feature was introduced in GitLab 12.5'
+        end
+        delete do
+          authorize!(:destroy_package, project)
+
+          package.destroy
+        end
      end

      params do
@@ -296,6 +305,17 @@ module API
        end
      end

+      def package
+        strong_memoize(:package) do
+          project.packages
+            .with_name(params[:package_name])
+            .with_version(params[:package_version])
+            .with_conan_channel(params[:package_channel])
+            .order_created
+            .last
+        end
+      end
+
      def find_personal_access_token
        personal_access_token = find_personal_access_token_from_conan_jwt ||
          find_personal_access_token_from_conan_http_basic_auth

--- a/ee/spec/models/packages/package_spec.rb
+++ b/ee/spec/models/packages/package_spec.rb
@@ -99,5 +99,15 @@ RSpec.describe Packages::Package, type: :model do
        is_expected.to match_array([package2, package3])
      end
    end
+
+    describe '.with_conan_channel' do
+      let!(:package) { create(:conan_package) }
+
+      subject { described_class.with_conan_channel('stable') }
+
+      it 'includes only packages with specified version' do
+        is_expected.to match_array([package])
+      end
+    end
  end
 end
--- a/ee/spec/requests/api/conan_packages_spec.rb
+++ b/ee/spec/requests/api/conan_packages_spec.rb
@@ -413,6 +413,30 @@ describe API::ConanPackages do
        expect(response.body).to eq(expected_response.to_json)
      end
    end
+
+    describe 'DELETE /api/v4/packages/conan/v1/conans/:package_name/package_version/:package_username/:package_channel' do
+      let(:recipe_path) { package.conan_recipe_path }
+
+      subject { delete api("/packages/conan/v1/conans/#{recipe_path}"), headers: headers}
+
+      it_behaves_like 'rejects invalid recipe'
+
+      it 'returns unauthorized for users without valid permission' do
+        subject
+
+        expect(response).to have_gitlab_http_status(403)
+      end
+
+      context 'with delete permissions' do
+        before do
+          project.add_maintainer(user)
+        end
+
+        it 'deletes a package' do
+          expect { subject }.to change { Packages::Package.count }.from(2).to(1)
+        end
+      end
+    end
  end

  context 'file endpoints' do