gitlab-ce/project_packages_protection_rules.rb at master

mirror of https://github.com/gitlabhq/gitlabhq.git synced 2025-07-25 16:00:50 +00:00

Files

GitLab Bot 54a2245581 Add latest changes from gitlab-org/gitlab@master

2025-03-25 15:08:02 +00:00

156 lines

7.4 KiB

Ruby

Raw Permalink Blame History

 # frozen_string_literal: true
 module API
   class ProjectPackagesProtectionRules < ::API::Base
     feature_category :package_registry
     helpers ::API::Helpers::PackagesHelpers
     after_validation do
       authenticate!
       authorize_admin_package!
     end
     params do
       requires :id, types: [String, Integer], desc: 'The ID or URL-encoded path of the project'
     end
     resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
       resource ':id/packages/protection/rules' do
         desc 'Get list of package protection rules for a project' do
           success Entities::Projects::Packages::Protection::Rule
           failure [
             { code: 401, message: 'Unauthorized' },
             { code: 403, message: 'Forbidden' },
             { code: 404, message: 'Not Found' }
           ]
           tags %w[projects]
           is_array true
         end
         get do
           present user_project.package_protection_rules, with: Entities::Projects::Packages::Protection::Rule
         end
         desc 'Create a package protection rule for a project' do
           success Entities::Projects::Packages::Protection::Rule
           failure [
             { code: 400, message: 'Bad Request' },
             { code: 401, message: 'Unauthorized' },
             { code: 403, message: 'Forbidden' },
             { code: 404, message: 'Not Found' },
             { code: 422, message: 'Unprocessable Entity' }
           ]
           tags %w[projects]
         end
         params do
           requires :package_name_pattern, type: String,
             desc: 'Package name protected by the rule. For example @my-scope/my-package-*.
             Wildcard character * allowed.'
           requires :package_type, type: String, values: Packages::Protection::Rule.package_types.keys,
             desc: 'Package type protected by the rule. For example npm.'
           optional :minimum_access_level_for_delete, type: String,
             values: Packages::Protection::Rule.minimum_access_level_for_deletes.keys,
             desc: 'Minimum GitLab access level required to delete a package. ' \
               'Valid values include `null`, `owner` or `admin`. ' \
               'If the value is `null`, the default minimum access level is `maintainer`. ' \
               'Must be provided when `minimum_access_level_for_push` is not set. ' \
               'Behind a feature flag named `packages_protected_packages_delete`. Disabled by default.'
           optional :minimum_access_level_for_push, type: String,
             values: Packages::Protection::Rule.minimum_access_level_for_pushes.keys,
             desc: 'Minimum GitLab access level required to push a package. ' \
               'Valid values include `null`, `maintainer`, `owner` or `admin`. ' \
               'If the value is `null`, the default minimum access level is `developer`. ' \
               'Must be provided when `minimum_access_level_for_delete` is not set.'
           at_least_one_of :minimum_access_level_for_push, :minimum_access_level_for_delete
         end
         post do
           params = declared_params
           params.except!(:minimum_access_level_for_delete) if Feature.disabled?(:packages_protected_packages_delete,
             user_project)
           response =
             ::Packages::Protection::CreateRuleService
               .new(project: user_project, current_user: current_user, params: params)
               .execute
           render_api_error!({ error: response.message }, :unprocessable_entity) if response.error?
           present response[:package_protection_rule], with: Entities::Projects::Packages::Protection::Rule
         end
         params do
           requires :package_protection_rule_id, type: Integer, desc: 'The ID of the package protection rule'
         end
         resource ':package_protection_rule_id' do
           desc 'Update a package protection rule for a project' do
             success Entities::Projects::Packages::Protection::Rule
             failure [
               { code: 400, message: 'Bad Request' },
               { code: 401, message: 'Unauthorized' },
               { code: 403, message: 'Forbidden' },
               { code: 404, message: 'Not Found' },
               { code: 422, message: 'Unprocessable Entity' }
             ]
             tags %w[projects]
           end
           params do
             optional :package_name_pattern, type: String,
               desc: 'Package name protected by the rule. For example @my-scope/my-package-*.
               Wildcard character * allowed.'
             optional :package_type, type: String, values: Packages::Protection::Rule.package_types.keys,
               desc: 'Package type protected by the rule. For example npm.'
             optional :minimum_access_level_for_delete, type: String,
               values: Packages::Protection::Rule.minimum_access_level_for_deletes.keys,
               desc: 'Minimum GitLab access level required to delete a package. ' \
                 'Valid values include `null`, `owner` or `admin`. ' \
                 'If the value is `null`, the default minimum access level is `maintainer`. ' \
                 'Must be provided when `minimum_access_level_for_push` is not set. ' \
                 'Behind a feature flag named `packages_protected_packages_delete`. Disabled by default.'
             optional :minimum_access_level_for_push, type: String,
               values: Packages::Protection::Rule.minimum_access_level_for_pushes.keys,
               desc: 'Minimum GitLab access level required to push a package. ' \
                 'Valid values include `null`, `maintainer`, `owner` or `admin`. ' \
                 'If the value is `null`, the default minimum access level is `developer`. ' \
                 'Must be provided when `minimum_access_level_for_delete` is not set.'
           end
           patch do
             package_protection_rule = user_project.package_protection_rules.find(params[:package_protection_rule_id])
             params = declared_params(include_missing: false)
             params.except!(:minimum_access_level_for_delete) if Feature.disabled?(:packages_protected_packages_delete,
               user_project)
             response =
               ::Packages::Protection::UpdateRuleService
                 .new(package_protection_rule, current_user: current_user, params: params)
                 .execute
             render_api_error!({ error: response.message }, :unprocessable_entity) if response.error?
             present response[:package_protection_rule], with: Entities::Projects::Packages::Protection::Rule
           end
           desc 'Delete package protection rule' do
             success code: 204, message: '204 No Content'
             failure [
               { code: 400, message: 'Bad Request' },
               { code: 401, message: 'Unauthorized' },
               { code: 403, message: 'Forbidden' },
               { code: 404, message: 'Not Found' }
             ]
             tags %w[projects]
           end
           delete do
             package_protection_rule = user_project.package_protection_rules.find(params[:package_protection_rule_id])
             destroy_conditionally!(package_protection_rule) do |package_protection_rule|
               response = ::Packages::Protection::DeleteRuleService.new(package_protection_rule,
                 current_user: current_user).execute
               render_api_error!({ error: response.message }, :bad_request) if response.error?
             end
           end
         end
       end
     end
   end
 end

156 lines 7.4 KiB Ruby Raw Permalink Blame History

156 lines

7.4 KiB

Ruby

Raw Permalink Blame History