Extract EE specific files/lines for Manage lib/api
We have the following files containing EE specific code. We should move them to ee/
lib/api/groups.rb
diff --git a/lib/api/groups.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/lib/api/groups.rb
index 64958ff982a..91134ac3d5b 100644
--- a/lib/api/groups.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/lib/api/groups.rb
@@ -20,8 +20,17 @@ module API
optional :share_with_group_lock, type: Boolean, desc: 'Prevent sharing a project with another group within this group'
end
+ params :optional_params_ee do
+ optional :membership_lock, type: Boolean, desc: 'Prevent adding new members to project membership within this group'
+ optional :ldap_cn, type: String, desc: 'LDAP Common Name'
+ optional :ldap_access, type: Integer, desc: 'A valid access level'
+ optional :shared_runners_minutes_limit, type: Integer, desc: '(admin-only) Pipeline minutes quota for this group'
+ all_or_none_of :ldap_cn, :ldap_access
+ end
+
params :optional_params do
use :optional_params_ce
+ use :optional_params_ee
end
params :statistics_params do
@@ -48,6 +57,8 @@ module API
find_params.fetch(:all_available, current_user&.full_private_access?)
groups = GroupsFinder.new(current_user, find_params).execute
+ # EE-only
+ groups = groups.preload(:ldap_group_links)
groups = groups.search(params[:search]) if params[:search].present?
groups = groups.where.not(id: params[:skip_groups]) if params[:skip_groups].present?
order_options = { params[:order_by] => params[:sort] }
@@ -127,9 +138,25 @@ module API
authorize! :create_group
end
+ ldap_link_attrs = {
+ cn: params.delete(:ldap_cn),
+ group_access: params.delete(:ldap_access)
+ }
+
+ # EE
+ authenticated_as_admin! if params[:shared_runners_minutes_limit]
+
group = ::Groups::CreateService.new(current_user, declared_params(include_missing: false)).execute
if group.persisted?
+ # NOTE: add backwards compatibility for single ldap link
+ if ldap_link_attrs[:cn].present?
+ group.ldap_group_links.create(
+ cn: ldap_link_attrs[:cn],
+ group_access: ldap_link_attrs[:group_access]
+ )
+ end
+
present group, with: Entities::GroupDetail, current_user: current_user
else
render_api_error!("Failed to save group #{group.errors.messages}", 400)
@@ -148,11 +175,25 @@ module API
optional :name, type: String, desc: 'The name of the group'
optional :path, type: String, desc: 'The path of the group'
use :optional_params
+
+ # EE
+ optional :file_template_project_id, type: Integer, desc: 'The ID of a project to use for custom templates in this group'
end
put ':id' do
group = find_group!(params[:id])
authorize! :admin_group, group
+ # Begin EE-specific block
+ if params[:shared_runners_minutes_limit].present? &&
+ group.shared_runners_minutes_limit.to_i !=
+ params[:shared_runners_minutes_limit].to_i
+ authenticated_as_admin!
+ end
+
+ params.delete(:file_template_project_id) unless
+ group.feature_available?(:custom_file_templates_for_namespace)
+ # End EE-specific block
+
if ::Groups::UpdateService.new(group, current_user, declared_params(include_missing: false)).execute
present group, with: Entities::GroupDetail, current_user: current_user
else
@@ -182,6 +223,8 @@ module API
desc 'Remove a group.'
delete ":id" do
+ Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ee/issues/4795')
+
group = find_group!(params[:id])
authorize! :admin_group, group
@@ -260,6 +303,20 @@ module API
render_api_error!("Failed to transfer project #{project.errors.messages}", 400)
end
end
+
+ desc 'Sync a group with LDAP.'
+ post ":id/ldap_sync" do
+ not_found! unless Gitlab::Auth::LDAP::Config.group_sync_enabled?
+
+ group = find_group!(params[:id])
+ authorize! :admin_group, group
+
+ if group.pending_ldap_sync
+ LdapGroupSyncWorker.perform_async(group.id)
+ end
+
+ status 202
+ end
end
end
end
lib/api/projects.rb
diff --git a/lib/api/projects.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/lib/api/projects.rb
index b23fe6cd4e7..188daf7bff8 100644
--- a/lib/api/projects.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/lib/api/projects.rb
@@ -35,6 +35,8 @@ module API
end
end
+ prepend EE::API::Projects # rubocop: disable Cop/InjectEnterpriseEditionModule
+
def self.update_params_at_least_one_of
[
:jobs_enabled,
@@ -313,6 +315,7 @@ module API
optional :path, type: String, desc: 'The path of the repository'
use :optional_project_params
+ use :optional_update_params_ee
at_least_one_of(*::API::Projects.update_params_at_least_one_of)
end
@@ -388,11 +391,7 @@ module API
desc 'Get languages in project repository'
get ':id/languages' do
- if user_project.repository_languages.present?
- user_project.repository_languages.map { |l| [l.name, l.share] }.to_h
- else
- user_project.repository.languages.map { |language| language.values_at(:label, :value) }.to_h
- end
+ user_project.repository.languages.map { |language| language.values_at(:label, :value) }.to_h
end
desc 'Remove a project'
lib/api/services.rb
diff --git a/lib/api/services.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/lib/api/services.rb
index 145897516a0..9015f6590f2 100644
--- a/lib/api/services.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/lib/api/services.rb
@@ -191,7 +191,7 @@ module API
required: true,
name: :password,
type: String,
- desc: 'Passord of the user'
+ desc: 'Password of the user'
}
],
'bugzilla' => [
@@ -435,7 +435,6 @@ module API
desc: 'The ID of a transition that moves issues to a closed state. You can find this number under the JIRA workflow administration (**Administration > Issues > Workflows**) by selecting **View** under **Operations** of the desired workflow of your project. The ID of each state can be found inside the parenthesis of each transition name under the **Transitions (id)** column ([see screenshot][trans]). By default, this ID is set to `2`'
}
],
-
'kubernetes' => [
{
required: true,
@@ -637,6 +636,67 @@ module API
type: String,
desc: 'The password of the user'
}
+ ],
+ # EE-specific services
+ 'github' => [
+ {
+ required: true,
+ name: :token,
+ type: String,
+ desc: 'GitHub API token with repo:status OAuth scope'
+ },
+ {
+ required: true,
+ name: :repository_url,
+ type: String,
+ desc: "GitHub repository URL"
+ }
+ ],
+ 'jenkins' => [
+ {
+ required: true,
+ name: :jenkins_url,
+ type: String,
+ desc: 'Jenkins root URL like https://jenkins.example.com'
+ },
+ {
+ required: true,
+ name: :project_name,
+ type: String,
+ desc: 'The URL-friendly project name. Example: my_project_name'
+ },
+ {
+ required: false,
+ name: :username,
+ type: String,
+ desc: 'A user with access to the Jenkins server, if applicable'
+ },
+ {
+ required: false,
+ name: :password,
+ type: String,
+ desc: 'The password of the user'
+ }
+ ],
+ 'jenkins-deprecated' => [
+ {
+ required: true,
+ name: :project_url,
+ type: String,
+ desc: 'Jenkins project URL like http://jenkins.example.com/job/my-project/'
+ },
+ {
+ required: false,
+ name: :pass_unstable,
+ type: Boolean,
+ desc: 'Multi-project setup enabled?'
+ },
+ {
+ required: false,
+ name: :multiproject_enabled,
+ type: Boolean,
+ desc: 'Should unstable builds be treated as passing?'
+ }
]
}
@@ -653,6 +713,7 @@ module API
EmailsOnPushService,
ExternalWikiService,
FlowdockService,
+ GithubService,
HangoutsChatService,
IrkerService,
JiraService,
@@ -668,7 +729,9 @@ module API
SlackService,
MattermostService,
MicrosoftTeamsService,
- TeamcityService
+ TeamcityService,
+ JenkinsService,
+ JenkinsDeprecatedService
]
if Rails.env.development?
@@ -831,5 +894,17 @@ module API
end
end
end
+
+ desc "Trigger a global slack command" do
+ detail 'Added in GitLab 9.4'
+ end
+ post 'slack/trigger' do
+ if result = SlashCommands::GlobalSlackHandler.new(params).trigger
+ status result[:status] || 200
+ present result
+ else
+ not_found!
+ end
+ end
end
end
lib/api/settings.rb
diff --git a/lib/api/settings.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/lib/api/settings.rb
index b16faffe335..2c21d830912 100644
--- a/lib/api/settings.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/lib/api/settings.rb
@@ -95,8 +95,8 @@ module API
optional :prometheus_metrics_enabled, type: Boolean, desc: 'Enable Prometheus metrics'
optional :recaptcha_enabled, type: Boolean, desc: 'Helps prevent bots from creating accounts'
given recaptcha_enabled: ->(val) { val } do
- requires :recaptcha_site_key, type: String, desc: 'Generate site key at http://www.google.com/recaptcha'
requires :recaptcha_private_key, type: String, desc: 'Generate private key at http://www.google.com/recaptcha'
+ requires :recaptcha_site_key, type: String, desc: 'Generate site key at http://www.google.com/recaptcha'
end
optional :repository_checks_enabled, type: Boolean, desc: "GitLab will periodically run 'git fsck' in all project and wiki repositories to look for silent disk corruption issues."
optional :repository_storages, type: Array[String], desc: 'Storage paths for new projects'
@@ -130,11 +130,42 @@ module API
desc: "Restrictions on the complexity of uploaded #{type.upcase} keys. A value of #{ApplicationSetting::FORBIDDEN_KEY_VALUE} disables all #{type.upcase} keys."
end
+ ## EE-only START
+ optional :elasticsearch_aws, type: Boolean, desc: 'Enable support for AWS hosted elasticsearch'
+ given elasticsearch_aws: ->(val) { val } do
+ optional :elasticsearch_aws_access_key, type: String, desc: 'AWS IAM access key'
+ requires :elasticsearch_aws_region, type: String, desc: 'The AWS region the elasticsearch domain is configured'
+ optional :elasticsearch_aws_secret_access_key, type: String, desc: 'AWS IAM secret access key'
+ end
+ optional :elasticsearch_indexing, type: Boolean, desc: 'Enable Elasticsearch indexing'
+ given elasticsearch_indexing: ->(val) { val } do
+ optional :elasticsearch_search, type: Boolean, desc: 'Enable Elasticsearch search'
+ requires :elasticsearch_url, type: String, desc: 'The url to use for connecting to Elasticsearch. Use a comma-separated list to support clustering (e.g., "http://localhost:9200, http://localhost:9201")'
+ end
+ optional :email_additional_text, type: String, desc: 'Additional text added to the bottom of every email for legal/auditing/compliance reasons'
+ optional :help_text, type: String, desc: 'GitLab server administrator information'
+ optional :repository_size_limit, type: Integer, desc: 'Size limit per repository (MB)'
+ optional :file_template_project_id, type: Integer, desc: 'ID of project where instance-level file templates are stored.'
+ optional :repository_storages, type: Array[String], desc: 'A list of names of enabled storage paths, taken from `gitlab.yml`. New projects will be created in one of these stores, chosen at random.'
+ optional :snowplow_enabled, type: Boolean, desc: 'Enable Snowplow'
+ given snowplow_enabled: ->(val) { val } do
+ requires :snowplow_collector_uri, type: String, desc: 'Snowplow Collector URI'
+ optional :snowplow_cookie_domain, type: String, desc: 'Snowplow cookie domain'
+ optional :snowplow_site_id, type: String, desc: 'Snowplow Site/Application ID'
+ end
+ optional :usage_ping_enabled, type: Boolean, desc: 'Every week GitLab will report license usage back to GitLab, Inc.'
+ ## EE-only END
+
optional_attributes = ::ApplicationSettingsHelper.visible_attributes << :performance_bar_allowed_group_id
+ ## EE-only START
+ optional_attributes += EE::ApplicationSettingsHelper.possible_licensed_attributes
+ ## EE-only END
+
optional(*optional_attributes)
at_least_one_of(*optional_attributes)
end
+ # rubocop: disable CodeReuse/ActiveRecord
put "application/settings" do
attrs = declared_params(include_missing: false)
@@ -156,11 +187,30 @@ module API
attrs[:password_authentication_enabled_for_web] = attrs.delete(:password_authentication_enabled)
end
+ ## EE-only START: Remove unlicensed attributes
+ unless ::License.feature_available?(:repository_mirrors)
+ attrs = attrs.except(*::EE::ApplicationSettingsHelper.repository_mirror_attributes)
+ end
+
+ unless ::License.feature_available?(:external_authorization_service)
+ attrs = attrs.except(*::EE::ApplicationSettingsHelper.external_authorization_service_attributes)
+ end
+
+ unless ::License.feature_available?(:email_additional_text)
+ attrs = attrs.except(:email_additional_text)
+ end
+
+ unless ::License.feature_available?(:custom_file_templates)
+ attrs = attrs.except(:file_template_project_id)
+ end
+ ## EE-only END: Remove unlicensed attributes
+
if ApplicationSettings::UpdateService.new(current_settings, current_user, attrs).execute
present current_settings, with: Entities::ApplicationSetting
else
render_validation_error!(current_settings)
end
end
+ # rubocop: enable CodeReuse/ActiveRecord
end
end
lib/api/users.rb
diff --git a/lib/api/users.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/lib/api/users.rb
index 7d88880d412..ada12b472c5 100644
--- a/lib/api/users.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/lib/api/users.rb
@@ -51,6 +51,9 @@ module API
optional :avatar, type: File, desc: 'Avatar image for user'
optional :private_profile, type: Boolean, desc: 'Flag indicating the user has a private profile'
all_or_none_of :extern_uid, :provider
+
+ # EE
+ optional :shared_runners_minutes_limit, type: Integer, desc: 'Pipeline minutes quota for this user'
end
params :sort_params do
@@ -80,6 +83,9 @@ module API
use :sort_params
use :pagination
use :with_custom_attributes
+
+ # EE
+ optional :skip_ldap, type: Boolean, default: false, desc: 'Skip LDAP users'
end
# rubocop: disable CodeReuse/ActiveRecord
get do