Do not display details page if package's status is not default
Context
A package might have one of the following statuses: default, hidden, processing, error and pending_destruction.
Currently not all the statuses allow the package to be displayed in the details page.
What does this MR do and why?
- This MR restricts the package details requests REST API and GraphQL only to the packages with status default.
- Add the
_links
object with underlyingweb_path
property to thePackage
type (GraphQL API). - Additionally, we want to prevent displaying links which will lead to 404 page and therefore to add a status check for
web_path
in the_links
field.
How to set up and validate locally
Preparation
-
Prepare a package
def fixture_file_upload(*args, **kwargs) Rack::Test::UploadedFile.new(*args, **kwargs) end FactoryBot.create(:npm_package, project: Project.first)
-
Verify package status
Packages::Package.last.status
When everything went fine
🤞 , a package status should be default. -
Grab required information
Packages::Package.last.id
Write it down somewhere or remember - it will be required at the later step.
Packages::Package.last.project_id
Write it down somewhere or remember - it will be required at the later step.
REST API
-
Create an API call to get a project package using REST API
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/:id/packages/:package_id"
-
Verify that response status is 200 and body contains package details.
-
Create another API call to list packages within a project
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/:id/packages"
-
Verify that response status is 200 and body contains a package with a known id.
Pay attention to the _links object of the corresponding package.
It should contain web_path property with the link to the package details page like/foo/bar/-/packages/3
-
Change package's status, for instance to error
Packages::Package.last.update!(status: "error")
-
Create an API call to get a project package using REST API
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/:id/packages/:package_id"
-
This time response status should be 404.
-
Create one more API call to list packages within a project
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/:id/packages"
-
Verify that response status is 200 and body contains a package with a known id.
Pay attention to the _links object of the corresponding package.
It should not contain web_path property with the link to the package details page.
GraphQL API
-
Change package's status back to default
Packages::Package.last.update!(status: "default")
-
Browse
http://gdk.test:3000/-/graphql-explorer
and query a package{ package(id: "gid://gitlab/Packages::Package/:package_id") { id } }
-
Verify response
{ "data": { "package": { "id": "gid://gitlab/Packages::Package/:package_id" } } }
-
Browse
http://gdk.test:3000/-/graphql-explorer
and query a a project packages{ project(fullPath: "gitlab-org/gitlab-test") { id packages { edges { node { id _links { webPath } } } } } }
-
Verify response
{ "data": { "project": { "id": "gid://gitlab/Project/:project_id", "packages": { "edges": [ { "node": { "id": "gid://gitlab/Packages::Package/:package_id", "_links": { "webPath": "/gitlab-org/gitlab-test/-/packages/:package_id" } } } ] } } } }
-
Now change package's status again to error
Packages::Package.last.update!(status: "error")
-
Browse
http://gdk.test:3000/-/graphql-explorer
and query a package{ package(id: "gid://gitlab/Packages::Package/:package_id") { id } }
-
Verify response
{ "data": { "package": null } }
-
Browse
http://gdk.test:3000/-/graphql-explorer
and query a a project packages{ project(fullPath: "gitlab-org/gitlab-test") { id packages { edges { node { id _links { webPath } } } } } }
-
Verify response
{ "data": { "project": { "id": "gid://gitlab/Project/:project_id", "packages": { "edges": [ { "node": { "id": "gid://gitlab/Packages::Package/:package_id", "_links": { "webPath": null } } } ] } } } }
Screenshots
Query project with a package in status default
Query project with a package in status error
Query package with a status default
Query package with a status error
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #344257 (closed)