175 lines
5.3 KiB
Ruby
175 lines
5.3 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
module API
|
|
class API < Grape::API
|
|
include APIGuard
|
|
|
|
LOG_FILENAME = Rails.root.join("log", "api_json.log")
|
|
|
|
NO_SLASH_URL_PART_REGEX = %r{[^/]+}
|
|
NAMESPACE_OR_PROJECT_REQUIREMENTS = { id: NO_SLASH_URL_PART_REGEX }.freeze
|
|
COMMIT_ENDPOINT_REQUIREMENTS = NAMESPACE_OR_PROJECT_REQUIREMENTS.merge(sha: NO_SLASH_URL_PART_REGEX).freeze
|
|
USER_REQUIREMENTS = { user_id: NO_SLASH_URL_PART_REGEX }.freeze
|
|
|
|
insert_before Grape::Middleware::Error,
|
|
GrapeLogging::Middleware::RequestLogger,
|
|
logger: Logger.new(LOG_FILENAME),
|
|
formatter: Gitlab::GrapeLogging::Formatters::LogrageWithTimestamp.new,
|
|
include: [
|
|
GrapeLogging::Loggers::FilterParameters.new,
|
|
GrapeLogging::Loggers::ClientEnv.new,
|
|
Gitlab::GrapeLogging::Loggers::RouteLogger.new,
|
|
Gitlab::GrapeLogging::Loggers::UserLogger.new,
|
|
Gitlab::GrapeLogging::Loggers::QueueDurationLogger.new,
|
|
Gitlab::GrapeLogging::Loggers::PerfLogger.new,
|
|
Gitlab::GrapeLogging::Loggers::CorrelationIdLogger.new
|
|
]
|
|
|
|
allow_access_with_scope :api
|
|
prefix :api
|
|
|
|
version 'v3', using: :path do
|
|
route :any, '*path' do
|
|
error!('API V3 is no longer supported. Use API V4 instead.', 410)
|
|
end
|
|
end
|
|
|
|
version 'v4', using: :path
|
|
|
|
before do
|
|
header['X-Frame-Options'] = 'SAMEORIGIN'
|
|
header['X-Content-Type-Options'] = 'nosniff'
|
|
end
|
|
|
|
# The locale is set to the current user's locale when `current_user` is loaded
|
|
after { Gitlab::I18n.use_default_locale }
|
|
|
|
rescue_from Gitlab::Access::AccessDeniedError do
|
|
rack_response({ 'message' => '403 Forbidden' }.to_json, 403)
|
|
end
|
|
|
|
rescue_from ActiveRecord::RecordNotFound do
|
|
rack_response({ 'message' => '404 Not found' }.to_json, 404)
|
|
end
|
|
|
|
rescue_from ::Gitlab::ExclusiveLeaseHelpers::FailedToObtainLockError do
|
|
rack_response({ 'message' => '409 Conflict: Resource lock' }.to_json, 409)
|
|
end
|
|
|
|
rescue_from UploadedFile::InvalidPathError do |e|
|
|
rack_response({ 'message' => e.message }.to_json, 400)
|
|
end
|
|
|
|
rescue_from ObjectStorage::RemoteStoreError do |e|
|
|
rack_response({ 'message' => e.message }.to_json, 500)
|
|
end
|
|
|
|
# Retain 405 error rather than a 500 error for Grape 0.15.0+.
|
|
# https://github.com/ruby-grape/grape/blob/a3a28f5b5dfbb2797442e006dbffd750b27f2a76/UPGRADING.md#changes-to-method-not-allowed-routes
|
|
rescue_from Grape::Exceptions::MethodNotAllowed do |e|
|
|
error! e.message, e.status, e.headers
|
|
end
|
|
|
|
rescue_from Grape::Exceptions::Base do |e|
|
|
error! e.message, e.status, e.headers
|
|
end
|
|
|
|
rescue_from Gitlab::Auth::TooManyIps do |e|
|
|
rack_response({ 'message' => '403 Forbidden' }.to_json, 403)
|
|
end
|
|
|
|
rescue_from :all do |exception|
|
|
handle_api_exception(exception)
|
|
end
|
|
|
|
format :json
|
|
content_type :txt, "text/plain"
|
|
|
|
# Ensure the namespace is right, otherwise we might load Grape::API::Helpers
|
|
helpers ::API::Helpers
|
|
helpers ::API::Helpers::CommonHelpers
|
|
|
|
# Keep in alphabetical order
|
|
mount ::API::AccessRequests
|
|
mount ::API::Applications
|
|
mount ::API::Avatar
|
|
mount ::API::AwardEmoji
|
|
mount ::API::Badges
|
|
mount ::API::Boards
|
|
mount ::API::Branches
|
|
mount ::API::BroadcastMessages
|
|
mount ::API::CircuitBreakers
|
|
mount ::API::Commits
|
|
mount ::API::CommitStatuses
|
|
mount ::API::ContainerRegistry
|
|
mount ::API::DeployKeys
|
|
mount ::API::Deployments
|
|
mount ::API::Environments
|
|
mount ::API::Events
|
|
mount ::API::Features
|
|
mount ::API::Files
|
|
mount ::API::GroupBoards
|
|
mount ::API::GroupLabels
|
|
mount ::API::GroupMilestones
|
|
mount ::API::Groups
|
|
mount ::API::GroupVariables
|
|
mount ::API::ImportGithub
|
|
mount ::API::Internal
|
|
mount ::API::Issues
|
|
mount ::API::JobArtifacts
|
|
mount ::API::Jobs
|
|
mount ::API::Keys
|
|
mount ::API::Labels
|
|
mount ::API::Lint
|
|
mount ::API::Markdown
|
|
mount ::API::Members
|
|
mount ::API::MergeRequestDiffs
|
|
mount ::API::MergeRequests
|
|
mount ::API::Namespaces
|
|
mount ::API::Notes
|
|
mount ::API::Discussions
|
|
mount ::API::ResourceLabelEvents
|
|
mount ::API::NotificationSettings
|
|
mount ::API::PagesDomains
|
|
mount ::API::Pipelines
|
|
mount ::API::PipelineSchedules
|
|
mount ::API::ProjectClusters
|
|
mount ::API::ProjectExport
|
|
mount ::API::ProjectImport
|
|
mount ::API::ProjectHooks
|
|
mount ::API::ProjectMilestones
|
|
mount ::API::Projects
|
|
mount ::API::ProjectSnapshots
|
|
mount ::API::ProjectSnippets
|
|
mount ::API::ProjectTemplates
|
|
mount ::API::ProtectedBranches
|
|
mount ::API::ProtectedTags
|
|
mount ::API::Releases
|
|
mount ::API::Release::Links
|
|
mount ::API::Repositories
|
|
mount ::API::Runner
|
|
mount ::API::Runners
|
|
mount ::API::Search
|
|
mount ::API::Services
|
|
mount ::API::Settings
|
|
mount ::API::SidekiqMetrics
|
|
mount ::API::Snippets
|
|
mount ::API::Submodules
|
|
mount ::API::Subscriptions
|
|
mount ::API::Suggestions
|
|
mount ::API::SystemHooks
|
|
mount ::API::Tags
|
|
mount ::API::Templates
|
|
mount ::API::Todos
|
|
mount ::API::Triggers
|
|
mount ::API::Users
|
|
mount ::API::Variables
|
|
mount ::API::Version
|
|
mount ::API::Wikis
|
|
|
|
route :any, '*path' do
|
|
error!('404 Not Found', 404)
|
|
end
|
|
end
|
|
end
|