Skip to content
Snippets Groups Projects
Commit d84cfeaf authored by Sean McGivern's avatar Sean McGivern
Browse files

Merge branch '4269-public-repositories-api' into 'master' 

Allow Repositories API GET endpoints to be requested anonymously

Closes #4269

See merge request !8148
parents 1139da27 c87d93d4
No related branches found
No related tags found
No related merge requests found
Expand all Hide whitespace changes
Inline Side-by-side
changelogs/unreleased/4269-public-repositories-api.yml 0 → 100644
+ 4
0
View file @ d84cfeaf
---
title: Allow Repositories API GET endpoints to be requested anonymously
merge_request: 8148
author:
doc/api/repositories.md
+ 13
5
View file @ d84cfeaf
@@ -2,7 +2,8 @@
@@ -2,7 +2,8 @@
   
## List repository tree ## List repository tree
   
Get a list of repository files and directories in a project. Get a list of repository files and directories in a project. This endpoint can
be accessed without authentication if the repository is publicly accessible.
   
``` ```
GET /projects/:id/repository/tree GET /projects/:id/repository/tree
@@ -71,7 +72,8 @@ Parameters:
@@ -71,7 +72,8 @@ Parameters:
   
## Raw file content ## Raw file content
   
Get the raw file contents for a file by commit SHA and path. Get the raw file contents for a file by commit SHA and path. This endpoint can
be accessed without authentication if the repository is publicly accessible.
   
``` ```
GET /projects/:id/repository/blobs/:sha GET /projects/:id/repository/blobs/:sha
@@ -85,7 +87,8 @@ Parameters:
@@ -85,7 +87,8 @@ Parameters:
   
## Raw blob content ## Raw blob content
   
Get the raw file contents for a blob by blob SHA. Get the raw file contents for a blob by blob SHA. This endpoint can be accessed
without authentication if the repository is publicly accessible.
   
``` ```
GET /projects/:id/repository/raw_blobs/:sha GET /projects/:id/repository/raw_blobs/:sha
@@ -98,7 +101,8 @@ Parameters:
@@ -98,7 +101,8 @@ Parameters:
   
## Get file archive ## Get file archive
   
Get an archive of the repository Get an archive of the repository. This endpoint can be accessed without
authentication if the repository is publicly accessible.
   
``` ```
GET /projects/:id/repository/archive GET /projects/:id/repository/archive
@@ -111,6 +115,9 @@ Parameters:
@@ -111,6 +115,9 @@ Parameters:
   
## Compare branches, tags or commits ## Compare branches, tags or commits
   
This endpoint can be accessed without authentication if the repository is
publicly accessible.
``` ```
GET /projects/:id/repository/compare GET /projects/:id/repository/compare
``` ```
@@ -163,7 +170,8 @@ Response:
@@ -163,7 +170,8 @@ Response:
   
## Contributors ## Contributors
   
Get repository contributors list Get repository contributors list. This endpoint can be accessed without
authentication if the repository is publicly accessible.
   
``` ```
GET /projects/:id/repository/contributors GET /projects/:id/repository/contributors
lib/api/repositories.rb
+ 0
6
View file @ d84cfeaf
@@ -2,7 +2,6 @@ require 'mime/types'
@@ -2,7 +2,6 @@ require 'mime/types'
   
module API module API
class Repositories < Grape::API class Repositories < Grape::API
before { authenticate! }
before { authorize! :download_code, user_project } before { authorize! :download_code, user_project }
   
params do params do
@@ -79,8 +78,6 @@ module API
@@ -79,8 +78,6 @@ module API
optional :format, type: String, desc: 'The archive format' optional :format, type: String, desc: 'The archive format'
end end
get ':id/repository/archive', requirements: { format: Gitlab::Regex.archive_formats_regex } do get ':id/repository/archive', requirements: { format: Gitlab::Regex.archive_formats_regex } do
authorize! :download_code, user_project
begin begin
send_git_archive user_project.repository, ref: params[:sha], format: params[:format] send_git_archive user_project.repository, ref: params[:sha], format: params[:format]
rescue rescue
@@ -96,7 +93,6 @@ module API
@@ -96,7 +93,6 @@ module API
requires :to, type: String, desc: 'The commit, branch name, or tag name to stop comparison' requires :to, type: String, desc: 'The commit, branch name, or tag name to stop comparison'
end end
get ':id/repository/compare' do get ':id/repository/compare' do
authorize! :download_code, user_project
compare = Gitlab::Git::Compare.new(user_project.repository.raw_repository, params[:from], params[:to]) compare = Gitlab::Git::Compare.new(user_project.repository.raw_repository, params[:from], params[:to])
present compare, with: Entities::Compare present compare, with: Entities::Compare
end end
@@ -105,8 +101,6 @@ module API
@@ -105,8 +101,6 @@ module API
success Entities::Contributor success Entities::Contributor
end end
get ':id/repository/contributors' do get ':id/repository/contributors' do
authorize! :download_code, user_project
begin begin
present user_project.repository.contributors, present user_project.repository.contributors,
with: Entities::Contributor with: Entities::Contributor
spec/requests/api/repositories_spec.rb
+ 353
131
View file @ d84cfeaf
This diff is collapsed.
spec/support/api/status_shared_examples.rb 0 → 100644
+ 42
0
View file @ d84cfeaf
# Specs for status checking.
#
# Requires an API request:
# let(:request) { get api("/projects/#{project.id}/repository/branches", user) }
shared_examples_for '400 response' do
before do
# Fires the request
request
end
it 'returns 400' do
expect(response).to have_http_status(400)
end
end
shared_examples_for '403 response' do
before do
# Fires the request
request
end
it 'returns 403' do
expect(response).to have_http_status(403)
end
end
shared_examples_for '404 response' do
let(:message) { nil }
before do
# Fires the request
request
end
it 'returns 404' do
expect(response).to have_http_status(404)
expect(json_response).to be_an Object
if message.present?
expect(json_response['message']).to eq(message)
end
end
end
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment