Skip to content

Expose :protected field for ../tags/:tag_name API endpoint

Andrea Leone requested to merge (removed):issue-67127 into master

What does this MR do?

Just like the GET ../branches/:branch_name API request returns the "protected": boolean value for a specific branch, in #67127 (moved) it has been requested to do the same for GET ../tags/:tag_name as the field is not provided.

According to the branches and tag API docs:

# GET /projects/:id/repository/branches/:branch_name
{
  "name": "master",
  "merged": false,
  "protected": true,
  "default": true,
  "developers_can_push": false,
  "developers_can_merge": false,
  "can_push": true,
  "commit": {
    ...
  }
}
# GET /projects/:id/repository/tags/:tag_name
{
  "name": "v5.0.0",
  "message": null,
  "target": "60a8ff033665e1207714d6670fcd7b65304ec02f",
  "commit": {
    ...
  },
  "release": null
}

In this MR, I exposed the "protected": field in the Tag < Grape::Entity in the same fashion as it was done with the branch.

Screenshots

Running a proper GET /projects/:id/repository/tags/:tag_name request now returns the boolean value.

Before After 
{
  "name": "v5.0.0",
  "message": null,
  "target": "60a8ff033665e1207714d6670fcd7b65304ec02f",
  "commit": {
    ...
  },
  "release": null

}

{
  "name": "v5.0.0",
  "message": null,
  "target": "60a8ff033665e1207714d6670fcd7b65304ec02f",
  "commit": {
    ...
  },
  "release": null,
  "protected": true
}

Tested in a local GDK/GitLab-CE instance.

Does this MR meet the acceptance criteria?

Conformity

Performance and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Andrea Leone

Merge request reports