diff --git a/docs/api/api.rst b/docs/api/api.rst --- a/docs/api/api.rst +++ b/docs/api/api.rst @@ -9,34 +9,16 @@ methods. Everything is available by send ``/_admin/api``. -API access for web views -++++++++++++++++++++++++ - -API access can also be turned on for each web view in Kallithea that is -decorated with the ``@LoginRequired`` decorator. Some views use -``@LoginRequired(api_access=True)`` and are always available. By default only -RSS/Atom feed views are enabled. Other views are -only available if they have been whitelisted. Edit the -``api_access_controllers_whitelist`` option in your .ini file and define views -that should have API access enabled. +API keys +-------- -For example, to enable API access to patch/diff, raw file and archive:: - - api_access_controllers_whitelist = - ChangesetController:changeset_patch, - ChangesetController:changeset_raw, - FilesController:raw, - FilesController:archivefile - -After this change, a Kallithea view can be accessed without login by adding a -GET parameter ``?api_key=`` to the URL. - -Exposing raw diffs is a good way to integrate with -third-party services like code review, or build farms that can download archives. +Every Kallithea user automatically receives an API key, which they can +view under "My Account". On this page, API keys can also be revoked, and +additional API keys can be generated. API access -++++++++++ +---------- Clients must send JSON encoded JSON-RPC requests:: @@ -76,7 +58,7 @@ the reponse will have a failure descript API client -++++++++++ +---------- Kallithea comes with a ``kallithea-api`` command line tool, providing a convenient way to call the JSON-RPC API. @@ -110,11 +92,11 @@ so you don't have to specify them every API methods -+++++++++++ +----------- pull ----- +^^^^ Pull the given repo from remote location. Can be used to automatically keep remote repos up to date. @@ -136,7 +118,7 @@ OUTPUT:: error : null rescan_repos ------------- +^^^^^^^^^^^^ Rescan repositories. If ``remove_obsolete`` is set, Kallithea will delete repos that are in the database but not in the filesystem. @@ -159,7 +141,7 @@ OUTPUT:: error : null invalidate_cache ----------------- +^^^^^^^^^^^^^^^^ Invalidate the cache for a repository. This command can only be executed using the api_key of a user with admin rights, @@ -181,7 +163,7 @@ OUTPUT:: error : null lock ----- +^^^^ Set the locking state on the given repository by the given user. If the param ``userid`` is skipped, it is set to the ID of the user who is calling this method. @@ -212,7 +194,7 @@ OUTPUT:: error : null get_ip ------- +^^^^^^ Return IP address as seen from Kallithea server, together with all defined IP addresses for given user. @@ -244,12 +226,12 @@ OUTPUT:: error : null get_user --------- +^^^^^^^^ Get a user by username or userid. The result is empty if user can't be found. If userid param is skipped, it is set to id of user who is calling this method. Any userid can be specified when the command is executed using the api_key of a user with admin rights. -Regular users can only speicy their own userid. +Regular users can only specify their own userid. INPUT:: @@ -288,7 +270,7 @@ OUTPUT:: error: null get_users ---------- +^^^^^^^^^ List all existing users. This command can only be executed using the api_key of a user with admin rights. @@ -325,7 +307,7 @@ OUTPUT:: .. _create-user: create_user ------------ +^^^^^^^^^^^ Create new user. This command can only be executed using the api_key of a user with admin rights. @@ -371,7 +353,7 @@ Example:: kallithea-api create_user username:bent email:bent@example.com firstname:Bent lastname:Bentsen extern_type:ldap extern_name:uid=bent,dc=example,dc=com update_user ------------ +^^^^^^^^^^^ Update the given user if such user exists. This command can only be executed using the api_key of a user with admin rights. @@ -415,7 +397,7 @@ OUTPUT:: error: null delete_user ------------ +^^^^^^^^^^^ Delete the given user if such a user exists. This command can only be executed using the api_key of a user with admin rights. @@ -439,7 +421,7 @@ OUTPUT:: error: null get_user_group --------------- +^^^^^^^^^^^^^^ Get an existing user group. This command can only be executed using the api_key of a user with admin rights. @@ -481,7 +463,7 @@ OUTPUT:: error : null get_user_groups ---------------- +^^^^^^^^^^^^^^^ List all existing user groups. This command can only be executed using the api_key of a user with admin rights. @@ -507,7 +489,7 @@ OUTPUT:: error : null create_user_group ------------------ +^^^^^^^^^^^^^^^^^ Create a new user group. This command can only be executed using the api_key of a user with admin rights. @@ -537,7 +519,7 @@ OUTPUT:: error: null add_user_to_user_group ----------------------- +^^^^^^^^^^^^^^^^^^^^^^ Adds a user to a user group. If the user already is in that group, success will be ``false``. @@ -564,7 +546,7 @@ OUTPUT:: error: null remove_user_from_user_group ---------------------------- +^^^^^^^^^^^^^^^^^^^^^^^^^^^ Remove a user from a user group. If the user isn't in the given group, success will be ``false``. @@ -591,7 +573,7 @@ OUTPUT:: error: null get_repo --------- +^^^^^^^^ Get an existing repository by its name or repository_id. Members will contain either users_group or users associated to that repository. @@ -604,7 +586,9 @@ INPUT:: api_key : "" method : "get_repo" args: { - "repoid" : "" + "repoid" : "", + "with_revision_names": " = Optional(False)", + "with_pullrequests": " = Optional(False)", } OUTPUT:: @@ -630,7 +614,7 @@ OUTPUT:: "raw_id": "", "revision": "", "short_id": "" - } + }, "owner": "", "fork_of": "", "members" : [ @@ -658,7 +642,7 @@ OUTPUT:: "permission" : "repository.(read|write|admin)" }, … - ] + ], "followers": [ { "user_id" : "", @@ -675,12 +659,74 @@ OUTPUT:: "last_login": "", }, … - ] + ], + + "tags": { + "": "", + ... + }, + "branches": { + "": "", + ... + }, + "bookmarks": { + "": "", + ... + }, + + "pull_requests": [ + { + "status": "", + "pull_request_id": , + "description": "", + "title": "", + "url": "", + "reviewers": [ + { + "username": "", + }, + ... + ], + "org_repo_url": "", + "org_ref_parts": [ + "", + "", + "" + ], + "other_ref_parts": [ + "", + "", + "" + ], + "comments": [ + { + "username": "", + "text": "", + "comment_id": "", + }, + ... + ], + "owner": "", + "statuses": [ + { + "status": "", # "under_review", "approved" or "rejected" + "reviewer": "", + "modified_at": "" # iso 8601 date, server's timezone + }, + ... + ], + "revisions": [ + "", + ... + ] + }, + ... + ] } error: null get_repos ---------- +^^^^^^^^^ List all existing repositories. This command can only be executed using the api_key of a user with admin rights, @@ -717,7 +763,7 @@ OUTPUT:: error: null get_repo_nodes --------------- +^^^^^^^^^^^^^^ Return a list of files and directories for a given path at the given revision. It is possible to specify ret_type to show only ``files`` or ``dirs``. @@ -748,7 +794,7 @@ OUTPUT:: error: null create_repo ------------ +^^^^^^^^^^^ Create a repository. If the repository name contains "/", the repository will be created in the repository group indicated by that path. Any such repository @@ -802,7 +848,7 @@ OUTPUT:: error: null update_repo ------------ +^^^^^^^^^^^ Update a repository. This command can only be executed using the api_key of a user with admin rights, @@ -862,7 +908,7 @@ OUTPUT:: error: null fork_repo ---------- +^^^^^^^^^ Create a fork of the given repo. If using Celery, this will return success message immediately and a fork will be created @@ -898,7 +944,7 @@ OUTPUT:: error: null delete_repo ------------ +^^^^^^^^^^^ Delete a repository. This command can only be executed using the api_key of a user with admin rights, @@ -925,7 +971,7 @@ OUTPUT:: error: null grant_user_permission ---------------------- +^^^^^^^^^^^^^^^^^^^^^ Grant permission for a user on the given repository, or update the existing one if found. This command can only be executed using the api_key of a user with admin rights. @@ -951,7 +997,7 @@ OUTPUT:: error: null revoke_user_permission ----------------------- +^^^^^^^^^^^^^^^^^^^^^^ Revoke permission for a user on the given repository. This command can only be executed using the api_key of a user with admin rights. @@ -976,7 +1022,7 @@ OUTPUT:: error: null grant_user_group_permission ---------------------------- +^^^^^^^^^^^^^^^^^^^^^^^^^^^ Grant permission for a user group on the given repository, or update the existing one if found. @@ -1003,7 +1049,7 @@ OUTPUT:: error: null revoke_user_group_permission ----------------------------- +^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Revoke permission for a user group on the given repository. This command can only be executed using the api_key of a user with admin rights. @@ -1026,3 +1072,235 @@ OUTPUT:: "success": true } error: null + +get_changesets +^^^^^^^^^^^^^^ + +Get changesets of a given repository. This command can only be executed using the api_key +of a user with read permissions to the repository. + +INPUT:: + + id : + api_key : "" + method : "get_changesets" + args: { + "repoid" : "", + "start": " = Optional(None)", + "end": " = Optional(None)", + "start_date": " = Optional(None)", # in "%Y-%m-%dT%H:%M:%S" format + "end_date": " = Optional(None)", # in "%Y-%m-%dT%H:%M:%S" format + "branch_name": " = Optional(None)", + "reverse": " = Optional(False)", + "with_file_list": " = Optional(False)" + } + +OUTPUT:: + + id : + result: [ + { + "raw_id": "", + "short_id": "short_id": "", + "author": "", + "date": "", + "message": "", + "revision": "", + + "added": [], + "changed": [], + "removed": [] + }, + ... + ] + error: null + +get_changeset +^^^^^^^^^^^^^ + +Get information and review status for a given changeset. This command can only +be executed using the api_key of a user with read permissions to the +repository. + +INPUT:: + + id : + api_key : "" + method : "get_changeset" + args: { + "repoid" : "", + "raw_id" : "", + "with_reviews": " = Optional(False)" + } + +OUTPUT:: + + id : + result: { + "author": "", + "date": "", + "message": "", + "raw_id": "", + "revision": "", + "short_id": "", + "reviews": [{ + "reviewer": "", + "modified_at": "", # iso 8601 date, server's timezone + "status": "", # "under_review", "approved" or "rejected" + }, + ... + ] + } + error: null + +Example output:: + + { + "id" : 1, + "error" : null, + "result" : { + "author" : { + "email" : "user@example.com", + "name" : "Kallithea Admin" + }, + "changed" : [], + "short_id" : "e1022d3d28df", + "date" : "2017-03-28T09:09:03", + "added" : [ + "README.rst" + ], + "removed" : [], + "revision" : 0, + "raw_id" : "e1022d3d28dfba02f626cde65dbe08f4ceb0e4e7", + "message" : "Added file via Kallithea", + "id" : "e1022d3d28dfba02f626cde65dbe08f4ceb0e4e7", + "reviews" : [ + { + "status" : "under_review", + "modified_at" : "2017-03-28T09:17:08.618", + "reviewer" : "user" + } + ] + } + } + +get_pullrequest +^^^^^^^^^^^^^^^ + +Get information and review status for a given pull request. This command can only be executed +using the api_key of a user with read permissions to the original repository. + +INPUT:: + + id : + api_key : "" + method : "get_pullrequest" + args: { + "pullrequest_id" : "", + } + +OUTPUT:: + + id : + result: { + "status": "", + "pull_request_id": , + "description": "", + "title": "", + "url": "", + "reviewers": [ + { + "username": "", + }, + ... + ], + "org_repo_url": "", + "org_ref_parts": [ + "", + "", + "" + ], + "other_ref_parts": [ + "", + "", + "" + ], + "comments": [ + { + "username": "", + "text": "", + "comment_id": "", + }, + ... + ], + "owner": "", + "statuses": [ + { + "status": "", # "under_review", "approved" or "rejected" + "reviewer": "", + "modified_at": "" # iso 8601 date, server's timezone + }, + ... + ], + "revisions": [ + "", + ... + ] + }, + error: null + +comment_pullrequest +^^^^^^^^^^^^^^^^^^^ + +Add comment, change status or close a given pull request. This command can only be executed +using the api_key of a user with read permissions to the original repository. + +INPUT:: + + id : + api_key : "" + method : "comment_pullrequest" + args: { + "pull_request_id": "", + "comment_msg": Optional(''), + "status": Optional(None), # "under_review", "approved" or "rejected" + "close_pr": Optional(False)", + } + +OUTPUT:: + + id : + result: True + error: null + + +API access for web views +------------------------ + +API access can also be turned on for each web view in Kallithea that is +decorated with the ``@LoginRequired`` decorator. Some views use +``@LoginRequired(api_access=True)`` and are always available. By default only +RSS/Atom feed views are enabled. Other views are +only available if they have been whitelisted. Edit the +``api_access_controllers_whitelist`` option in your .ini file and define views +that should have API access enabled. + +For example, to enable API access to patch/diff, raw file and archive:: + + api_access_controllers_whitelist = + ChangesetController:changeset_patch, + ChangesetController:changeset_raw, + FilesController:raw, + FilesController:archivefile + +After this change, a Kallithea view can be accessed without login using +bearer authentication, by including this header with the request:: + + Authentication: Bearer + +Alternatively, the API key can be passed in the URL query string using +``?api_key=``, though this is not recommended due to the increased +risk of API key leaks, and support will likely be removed in the future. + +Exposing raw diffs is a good way to integrate with +third-party services like code review, or build farms that can download archives.