When a restricted visibility level of `private` is set in the instance,
creating a snippet with the `visibility` level would always fail.
This happened because:
1. `params[:visibility]` was a string (e.g. "public")
2. `CreateSnippetService` and `UpdateSnippetService` only looked
at `params[:visibility_level]`, which was `nil`.
To fix this, we:
1. Make `CreateSnippetService` look at the newly-built
`snippet.visibility_level`, since the right value is assigned by the
`VisibilityLevel#visibility=` method.
2. Modify `UpdateSnippetService` to handle both `visibility_level` and
`visibility` parameters.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/66050
Previously, you could only access personal snippets in the API if you
had authored them. The documentation doesn't state that this is the
case, and it's quite surprising.
Updates specs to use new rails5 format.
The old format:
`get :show, { some: params }, { some: headers }`
The new format:
`get :show, params: { some: params }, headers: { some: headers }`
Apply the same spam checks to public snippets (either personal snippets
that are public, or public snippets on public projects) as to issues on
public projects.
Adding the necessary API for the new /snippets Restful resource
added with this commit. Added a new Grape class `Snippets`, as
well as a `PersonalSnippet` entity.
Issue: #20042
Merge-Request: !6373
Signed-off-by: Guyzmo <guyzmo+gitlab+pub@m0g.net>
GitLab Bot
Grzegorz Bizon
Ash McKenzie
Stan Hu
Nick Thomas
blackst0ne
Francisco Javier López
Robert Speicher
Jan
Douwe Maan
Jacopo
Sean McGivern
Maxim Rydkin
Robert Schilling
Rémy Coutable
James Lopez
Jarka Kadlecova
Toon Claes
Oswaldo Ferreira
Sean McGivern
Guyzmo