Commit 1162d89a authored by Travis Miller's avatar Travis Miller Committed by Rémy Coutable
Browse files

Add administrative endpoint to list all pages domains

parent e897d8b7
......@@ -69,6 +69,10 @@ def expired?
current < x509.not_before || x509.not_after < current
end
def expiration
x509&.not_after
end
def subject
return unless x509
x509.subject.to_s
......
---
title: Add administrative endpoint to list all pages domains
merge_request: 15160
author: Travis Miller
type: added
......@@ -4,6 +4,31 @@ Endpoints for connecting custom domain(s) and TLS certificates in [GitLab Pages]
The GitLab Pages feature must be enabled to use these endpoints. Find out more about [administering](../administration/pages/index.md) and [using](../user/project/pages/index.md) the feature.
## List all pages domains
Get a list of all pages domains. The user must have admin permissions.
```http
GET /pages/domains
```
```bash
curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/pages/domains
```
```json
[
{
"domain": "ssl.domain.example",
"url": "https://ssl.domain.example",
"certificate": {
"expired": false,
"expiration": "2020-04-12T14:32:00.000Z"
}
}
]
```
## List pages domains
Get a list of project pages domains. The user must have permissions to view pages domains.
......
......@@ -1042,6 +1042,11 @@ class CustomAttribute < Grape::Entity
expose :value
end
class PagesDomainCertificateExpiration < Grape::Entity
expose :expired?, as: :expired
expose :expiration
end
class PagesDomainCertificate < Grape::Entity
expose :subject
expose :expired?, as: :expired
......@@ -1049,12 +1054,23 @@ class PagesDomainCertificate < Grape::Entity
expose :certificate_text
end
class PagesDomainBasic < Grape::Entity
expose :domain
expose :url
expose :certificate,
as: :certificate_expiration,
if: ->(pages_domain, _) { pages_domain.certificate? },
using: PagesDomainCertificateExpiration do |pages_domain|
pages_domain
end
end
class PagesDomain < Grape::Entity
expose :domain
expose :url
expose :certificate,
if: ->(pages_domain, _) { pages_domain.certificate? },
using: PagesDomainCertificate do |pages_domain|
if: ->(pages_domain, _) { pages_domain.certificate? },
using: PagesDomainCertificate do |pages_domain|
pages_domain
end
end
......
......@@ -155,6 +155,11 @@ def authenticate_by_gitlab_shell_token!
end
end
def authenticated_with_full_private_access!
authenticate!
forbidden! unless current_user.full_private_access?
end
def authenticated_as_admin!
authenticate!
forbidden! unless current_user.admin?
......@@ -190,6 +195,10 @@ def require_pages_enabled!
not_found! unless user_project.pages_available?
end
def require_pages_config_enabled!
not_found! unless Gitlab.config.pages.enabled
end
def can?(object, action, subject = :global)
Ability.allowed?(object, action, subject)
end
......
......@@ -4,7 +4,6 @@ class PagesDomains < Grape::API
before do
authenticate!
require_pages_enabled!
end
after_validation do
......@@ -29,10 +28,31 @@ def normalize_params_file_to_string
end
end
resource :pages do
before do
require_pages_config_enabled!
authenticated_with_full_private_access!
end
desc "Get all pages domains" do
success Entities::PagesDomainBasic
end
params do
use :pagination
end
get "domains" do
present paginate(PagesDomain.all), with: Entities::PagesDomainBasic
end
end
params do
requires :id, type: String, desc: 'The ID of a project'
end
resource :projects, requirements: { id: %r{[^/]+} } do
before do
require_pages_enabled!
end
desc 'Get all pages domains' do
success Entities::PagesDomain
end
......
{
"type": "object",
"properties": {
"domain": { "type": "string" },
"url": { "type": "uri" },
"certificate_expiration": {
"type": "object",
"properties": {
"expired": { "type": "boolean" },
"expiration": { "type": "string" }
},
"required": ["expired", "expiration"],
"additionalProperties": false
}
},
"required": ["domain", "url"],
"additionalProperties": false
}
{
"type": "object",
"properties": {
"domain": { "type": "string" },
"url": { "type": "uri" },
"certificate": {
"type": "object",
"properties": {
"subject": { "type": "string" },
"expired": { "type": "boolean" },
"certificate": { "type": "string" },
"certificate_text": { "type": "string" }
},
"required": ["subject", "expired"],
"additionalProperties": false
}
},
"required": ["domain", "url"],
"additionalProperties": false
}
{
"type": "array",
"items": { "$ref": "pages_domain/basic.json" }
}
{
"type": "array",
"items": {
"type": "object",
"properties": {
"domain": { "type": "string" },
"url": { "type": "uri" },
"certificate": {
"type": "object",
"properties": {
"subject": { "type": "string" },
"expired": { "type": "boolean" },
"certificate": { "type": "string" },
"certificate_text": { "type": "string" }
},
"required": ["subject", "expired"],
"additionalProperties": false
}
},
"required": ["domain", "url"],
"additionalProperties": false
}
"items": { "$ref": "pages_domain/detail.json" }
}
......@@ -3,6 +3,7 @@
describe API::PagesDomains do
set(:project) { create(:project) }
set(:user) { create(:user) }
set(:admin) { create(:admin) }
set(:pages_domain) { create(:pages_domain, domain: 'www.domain.test', project: project) }
set(:pages_domain_secure) { create(:pages_domain, :with_certificate, :with_key, domain: 'ssl.domain.test', project: project) }
......@@ -23,12 +24,49 @@
allow(Gitlab.config.pages).to receive(:enabled).and_return(true)
end
describe 'GET /pages/domains' do
context 'when pages is disabled' do
before do
allow(Gitlab.config.pages).to receive(:enabled).and_return(false)
end
it_behaves_like '404 response' do
let(:request) { get api('/pages/domains', admin) }
end
end
context 'when pages is enabled' do
context 'when authenticated as an admin' do
it 'returns paginated all pages domains' do
get api('/pages/domains', admin)
expect(response).to have_gitlab_http_status(200)
expect(response).to match_response_schema('public_api/v4/pages_domain_basics')
expect(response).to include_pagination_headers
expect(json_response).to be_an Array
expect(json_response.size).to eq(3)
expect(json_response.last).to have_key('domain')
expect(json_response.last).to have_key('certificate_expiration')
expect(json_response.last['certificate_expiration']['expired']).to be true
expect(json_response.first).not_to have_key('certificate_expiration')
end
end
context 'when authenticated as a non-member' do
it_behaves_like '403 response' do
let(:request) { get api('/pages/domains', user) }
end
end
end
end
describe 'GET /projects/:project_id/pages/domains' do
shared_examples_for 'get pages domains' do
it 'returns paginated pages domains' do
get api(route, user)
expect(response).to have_gitlab_http_status(200)
expect(response).to match_response_schema('public_api/v4/pages_domains')
expect(response).to include_pagination_headers
expect(json_response).to be_an Array
expect(json_response.size).to eq(3)
......@@ -99,6 +137,7 @@
get api(route_domain, user)
expect(response).to have_gitlab_http_status(200)
expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
expect(json_response['domain']).to eq(pages_domain.domain)
expect(json_response['url']).to eq(pages_domain.url)
expect(json_response['certificate']).to be_nil
......@@ -108,6 +147,7 @@
get api(route_secure_domain, user)
expect(response).to have_gitlab_http_status(200)
expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
expect(json_response['domain']).to eq(pages_domain_secure.domain)
expect(json_response['url']).to eq(pages_domain_secure.url)
expect(json_response['certificate']['subject']).to eq(pages_domain_secure.subject)
......@@ -118,6 +158,7 @@
get api(route_expired_domain, user)
expect(response).to have_gitlab_http_status(200)
expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
expect(json_response['certificate']['expired']).to be true
end
end
......@@ -187,6 +228,7 @@
pages_domain = PagesDomain.find_by(domain: json_response['domain'])
expect(response).to have_gitlab_http_status(201)
expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
expect(pages_domain.domain).to eq(params[:domain])
expect(pages_domain.certificate).to be_nil
expect(pages_domain.key).to be_nil
......@@ -197,6 +239,7 @@
pages_domain = PagesDomain.find_by(domain: json_response['domain'])
expect(response).to have_gitlab_http_status(201)
expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
expect(pages_domain.domain).to eq(params_secure[:domain])
expect(pages_domain.certificate).to eq(params_secure[:certificate])
expect(pages_domain.key).to eq(params_secure[:key])
......@@ -270,6 +313,7 @@
pages_domain_secure.reload
expect(response).to have_gitlab_http_status(200)
expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
expect(pages_domain_secure.certificate).to be_nil
expect(pages_domain_secure.key).to be_nil
end
......@@ -279,6 +323,7 @@
pages_domain.reload
expect(response).to have_gitlab_http_status(200)
expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
expect(pages_domain.certificate).to eq(params_secure[:certificate])
expect(pages_domain.key).to eq(params_secure[:key])
end
......@@ -288,6 +333,7 @@
pages_domain_expired.reload
expect(response).to have_gitlab_http_status(200)
expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
expect(pages_domain_expired.certificate).to eq(params_secure[:certificate])
expect(pages_domain_expired.key).to eq(params_secure[:key])
end
......@@ -297,6 +343,7 @@
pages_domain_secure.reload
expect(response).to have_gitlab_http_status(200)
expect(response).to match_response_schema('public_api/v4/pages_domain/detail')
expect(pages_domain_secure.certificate).to eq(params_secure_nokey[:certificate])
end
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment