module Gitlab::APIHelpers

# File lib/api/helpers.rb, line 35
def attributes_for_keys(keys)
  attrs = {}
  keys.each do |key|
    attrs[key] = params[key] if params[key].present?
  end
  attrs
end

# File lib/api/helpers.rb, line 21
def authenticate!
  unauthorized! unless current_user
end

# File lib/api/helpers.rb, line 25
def authenticated_as_admin!
  forbidden! unless current_user.is_admin?
end

# File lib/api/helpers.rb, line 29
def authorize! action, subject
  unless abilities.allowed?(current_user, action, subject)
    forbidden!
  end
end

# File lib/api/helpers.rb, line 3
def current_user
  @current_user ||= User.find_by_authentication_token(params[:private_token] || env["HTTP_PRIVATE_TOKEN"])
end

# File lib/api/helpers.rb, line 45
def forbidden!
  render_api_error!('403 Forbidden', 403)
end

# File lib/api/helpers.rb, line 60
def not_allowed!
  render_api_error!('Method Not Allowed', 405)
end

# File lib/api/helpers.rb, line 49
def not_found!(resource = nil)
  message = ["404"]
  message << resource if resource
  message << "Not Found"
  render_api_error!(message.join(' '), 404)
end

# File lib/api/helpers.rb, line 17
def paginate(object)
  object.page(params[:page]).per(params[:per_page].to_i)
end

# File lib/api/helpers.rb, line 64
def render_api_error!(message, status)
  error!({'message' => message}, status)
end

# File lib/api/helpers.rb, line 56
def unauthorized!
  render_api_error!('401 Unauthorized', 401)
end

# File lib/api/helpers.rb, line 7
def user_project
  if @project ||= current_user.projects.find_by_id(params[:id]) ||
                  current_user.projects.find_by_code(params[:id])
  else
    not_found!
  end

  @project
end