Module Gitlab::APIHelpers

# File lib/api/helpers.rb, line 44
def attributes_for_keys(keys)
  attrs = {}
  keys.each do |key|
    attrs[key] = params[key] if params[key].present?
  end
  attrs
end

# File lib/api/helpers.rb, line 26
def authenticate!
  unauthorized! unless current_user
end

# File lib/api/helpers.rb, line 30
def authenticated_as_admin!
  forbidden! unless current_user.is_admin?
end

# File lib/api/helpers.rb, line 34
def authorize! action, subject
  unless abilities.allowed?(current_user, action, subject)
    forbidden!
  end
end

# File lib/api/helpers.rb, line 40
def can?(object, action, subject)
  abilities.allowed?(object, action, subject)
end

# File lib/api/helpers.rb, line 3
def current_user
  @current_user ||= User.find_by_authentication_token(params[:private_token] || env["HTTP_PRIVATE_TOKEN"])
end

# File lib/api/helpers.rb, line 12
def find_project
  project = Project.find_by_id(params[:id]) || Project.find_with_namespace(params[:id])

  if project && can?(current_user, :read_project, project)
    project
  else
    nil
  end
end

# File lib/api/helpers.rb, line 54
def forbidden!
  render_api_error!('403 Forbidden', 403)
end

# File lib/api/helpers.rb, line 69
def not_allowed!
  render_api_error!('Method Not Allowed', 405)
end

# File lib/api/helpers.rb, line 58
def not_found!(resource = nil)
  message = ["404"]
  message << resource if resource
  message << "Not Found"
  render_api_error!(message.join(' '), 404)
end

# File lib/api/helpers.rb, line 22
def paginate(object)
  object.page(params[:page]).per(params[:per_page].to_i)
end

# File lib/api/helpers.rb, line 73
def render_api_error!(message, status)
  error!({'message' => message}, status)
end

# File lib/api/helpers.rb, line 65
def unauthorized!
  render_api_error!('401 Unauthorized', 401)
end

# File lib/api/helpers.rb, line 7
def user_project
  @project ||= find_project
  @project || not_found!
end