Add Project Access Token related endpoints

lib/gitlab/client/projects.rb

@@ -715,5 +715,74 @@ def project_deploy_tokens(project, options = {})
     def project_languages(project)
       get("/projects/#{url_encode project}/languages")
     end
+
+    # List all project access tokens.
+    #
+    # @example
+    #   Gitlab.project_access_tokens(42)
+    #
+    # @param [Integer, String] project The ID or path of a project.
+    # @option options [String] :state Limit by active/inactive state. Optional.
+    #
+    # @return [Array<Gitlab::ObjectifiedHash>]
+    def project_access_tokens(project, options = {})
+      get("/projects/#{url_encode project}/access_tokens", query: options)
+    end
+
+    # Get a specific project access token.
+    #
+    # @example
+    #   Gitlab.project_access_token(42, 1234)
+    #
+    # @param [Integer, String] project The ID or path of a project.
+    # @param [Integer] token_id The ID of the project access token.
+    #
+    # @return [Gitlab::ObjectifiedHash] Information about the specified project access token.
+    def project_access_token(project, token_id)
+      get("/projects/#{url_encode project}/access_tokens/#{token_id}")
+    end
+
+    # Creates a new project access token.
+    #
+    # @example
+    #   Gitlab.create_project_access_token(42, 'My Token', ['api'], '2024-12-12', access_level: 40)
+    #
+    # @param  [Integer, String] project The ID or path of a project.
+    # @param  [String] name The name of the project access token.
+    # @param  [Array] scopes List of scopes of the project access token.
+    # @param  [String] expires_at A date string in the format YYYY-MM-DD.
+    # @option options [Integer] :access_level Access level. Optional. Defaults to 40.
+    #
+    # @return [Gitlab::ObjectifiedHash] Information about the created project access token.
+    def create_project_access_token(project, name, scopes, expires_at, options = {})
+      post("/projects/#{url_encode project}/access_tokens", body: { name: name, scopes: scopes, expires_at: expires_at }.merge(options))
+    end
+
+    # Rotate a project access token.
+    #
+    # @example
+    #   Gitlab.rotate_project_access_token(42, 1234)
+    #
+    # @param [Integer, String] project The ID or path of a project.
+    # @param [Integer] token_id The ID of the project access token.
+    # @option options [String] :expires_at A date string in the format YEAR-MONTH-DAY.
+    #
+    # @return [Gitlab::ObjectifiedHash] Information about the specified project access token.
+    def rotate_project_access_token(project, token_id, options = {})
+      post("/projects/#{url_encode project}/access_tokens/#{token_id}/rotate", query: options)
+    end
+
+    # Revoke a project access token.
+    #
+    # @example
+    #   Gitlab.revoke_project_access_token(42, 1234)
+    #
+    # @param [Integer, String] project The ID or path of a project.
+    # @param [Integer] token_id The ID of the project access token.
+    #
+    # @return [Gitlab::ObjectifiedHash]
+    def revoke_project_access_token(project, token_id)
+      delete("/projects/#{url_encode project}/access_tokens/#{token_id}")
+    end
   end
 end

spec/fixtures/project_access_token_create.json

@@ -0,0 +1,16 @@
+{
+  "id": 2,
+  "name": "Reporter Token",
+  "revoked": false,
+  "created_at": "2024-09-13T03:05:43.075Z",
+  "scopes": [
+    "api"
+  ],
+  "user_id": 2,
+  "last_used_at": null,
+  "last_used_at": "2024-09-13T04:10:23.075Z",
+  "active": true,
+  "expires_at": "2024-09-20",
+  "access_level": 20,
+  "token": "glpat-aRandomStringAsToken"
+}

spec/fixtures/project_access_token_get.json

@@ -0,0 +1,15 @@
+{
+  "id": 2,
+  "name": "Reporter Token",
+  "revoked": false,
+  "created_at": "2024-09-13T03:05:43.075Z",
+  "scopes": [
+    "api"
+  ],
+  "user_id": 2,
+  "last_used_at": null,
+  "last_used_at": "2024-09-13T04:10:23.075Z",
+  "active": true,
+  "expires_at": "2024-09-20",
+  "access_level": 20
+}

spec/fixtures/project_access_tokens_get_all.json

@@ -0,0 +1,33 @@
+[
+  {
+    "id": 2,
+    "name": "Reporter Token",
+    "revoked": false,
+    "created_at": "2024-09-13T03:05:43.075Z",
+    "scopes": [
+      "api"
+    ],
+    "user_id": 2,
+    "last_used_at": null,
+    "last_used_at": "2024-09-13T04:10:23.075Z",
+    "active": true,
+    "expires_at": "2024-09-20",
+    "access_level": 20
+  },
+  {
+    "id": 3,
+    "name": "Developer Token",
+    "revoked": false,
+    "created_at": "2024-09-13T03:06:20.075Z",
+    "scopes": [
+      "read_api",
+      "read_repository"
+    ],
+    "user_id": 2,
+    "last_used_at": null,
+    "last_used_at": "2024-09-13T06:15:23.075Z",
+    "active": true,
+    "expires_at": "2024-09-25",
+    "access_level": 40
+  }
+]

spec/gitlab/client/projects_spec.rb

@@ -937,4 +937,96 @@
       expect(@project_languages.to_hash.keys).to contain_exactly('Ruby', 'Shell')
     end
   end
+
+  describe '.project_access_tokens' do
+    before do
+      stub_get('/projects/2/access_tokens', 'project_access_tokens_get_all')
+      @tokens = Gitlab.project_access_tokens(2)
+    end
+
+    it 'gets the correct resource' do
+      expect(a_get('/projects/2/access_tokens')).to have_been_made
+    end
+
+    it 'gets an array of project access tokens' do
+      expect(@tokens.first.id).to eq(2)
+      expect(@tokens.last.id).to eq(3)
+    end
+  end
+
+  describe '.project_access_token' do
+    before do
+      stub_get('/projects/2/access_tokens/2', 'project_access_token_get')
+      @token = Gitlab.project_access_token(2, 2)
+    end
+
+    it 'gets the correct resource' do
+      expect(a_get('/projects/2/access_tokens/2')).to have_been_made
+    end
+
+    it 'gets a project access token' do
+      expect(@token.user_id).to eq(2)
+      expect(@token.id).to eq(2)
+      expect(@token.access_level).to eq(20)
+      expect(@token.scopes).to eq(['api'])
+      expect(@token.name).to eq('Reporter Token')
+    end
+  end
+
+  describe '.create_project_access_token' do
+    before do
+      stub_post('/projects/2/access_tokens', 'project_access_token_create')
+      @token = Gitlab.create_project_access_token(2, 'Reporter Token', ['api'], '2024-09-20')
+    end
+
+    it 'posts the correct resource' do
+      expect(a_post('/projects/2/access_tokens').with(body: 'name=Reporter%20Token&scopes%5B%5D=api&expires_at=2024-09-20')).to have_been_made
+    end
+
+    it 'returns a valid project access token' do
+      expect(@token.user_id).to eq(2)
+      expect(@token.id).to eq(2)
+      expect(@token.access_level).to eq(20)
+      expect(@token.scopes).to eq(['api'])
+      expect(@token.name).to eq('Reporter Token')
+      expect(@token.token).to eq('glpat-aRandomStringAsToken')
+    end
+  end
+
+  describe '.rotate_project_access_token' do
+    before do
+      stub_post('/projects/2/access_tokens/2/rotate', 'project_access_token_create')
+      @token = Gitlab.rotate_project_access_token(2, 2)
+    end
+
+    it 'posts the correct resource' do
+      expect(a_post('/projects/2/access_tokens/2/rotate')).to have_been_made
+    end
+
+    it 'returns a valid project access token' do
+      expect(@token.user_id).to eq(2)
+      expect(@token.id).to eq(2)
+      expect(@token.access_level).to eq(20)
+      expect(@token.scopes).to eq(['api'])
+      expect(@token.name).to eq('Reporter Token')
+      expect(@token.token).to eq('glpat-aRandomStringAsToken')
+    end
+  end
+
+  describe '.revoke_project_access_token' do
+    before do
+      stub_request(:delete, "#{Gitlab.endpoint}/projects/2/access_tokens/2")
+        .with(headers: { 'PRIVATE-TOKEN' => Gitlab.private_token })
+        .to_return(status: 204)
+      @token = Gitlab.revoke_project_access_token(2, 2)
+    end
+
+    it 'deletes the correct resource' do
+      expect(a_delete('/projects/2/access_tokens/2')).to have_been_made
+    end
+
+    it 'removes a token' do
+      expect(@token.to_h).to be_empty
+    end
+  end
 end