Filters are provided in query parameters in a standard name=value
fashion. The following filters are
currently supported:
permission.
. See the
section "Permission Filters" below for more details.
The following three sub-sections list parameters supported for permission filters (where [root]
is
the root permission filter name, e.g. {@code permission}, {@code permission.1} etc.) depending on the
permission resource. The system determines which filter to apply (Global, Project or Repository permission)
based on the [root]
permission value. E.g. {@code ADMIN} is a global permission,
{@code PROJECT_ADMIN} is a project permission and {@code REPO_ADMIN} is a repository permission. Note
that the parameters for a given resource will be looked up in the order as they are listed below, that is e.g.
for a project resource, if both {@code projectId} and {@code projectKey} are provided, the system will
use {@code projectId} for the lookup.
The permission value under [root]
is the only required and recognized parameter, as global
permissions do not apply to a specific resource.
Example valid filter: permission=ADMIN
.
[root]
- specifies the project permission[root].projectId
- specifies the project ID to lookup the project by[root].projectKey
- specifies the project key to lookup the project by
Example valid filter: permission.1=PROJECT_ADMIN&permission.1.projectKey=TEST_PROJECT
.
[root]
- specifies the repository permission[root].projectId
- specifies the repository ID to lookup the repository by[root].projectKey
and [root].repositorySlug
- specifies the project key and
repository slug to lookup the repository by; both values need to be provided for this look up to be
triggeredpermission.2=REPO_ADMIN&permission.2.projectKey=TEST_PROJECT&permission.2.repositorySlug=test_repo
.]]>]]>
This resource accepts POST multipart form data, containing a single image in a form-field named 'avatar'.
There are configurable server limits on both the dimensions (1024x1024 pixels by default) and uploaded file size (1MB by default). Several different image formats are supported, but PNG and JPEG are preferred due to the file size limit.
This resource has Cross-Site Request Forgery (XSRF) protection. To allow the request to
pass the XSRF check the caller needs to send an X-Atlassian-Token
HTTP header with the
value no-check
.
An example curl request to upload an image name 'avatar.png' would be:
curl -X POST -u username:password -H "X-Atlassian-Token: no-check" http://example.com/rest/api/latest/users/jdoe/avatar.png -F avatar=@avatar.png
Users are always allowed to update their own avatar. To update someone else's avatar the authenticated user must have global ADMIN permission, or global SYS_ADMIN permission to update a SYS_ADMIN user's avatar.]]>
The authenticated user must have REPO_ADMIN permission for the specified repository or a higher project or global permission to call this resource. In addition, a user may not demote a group's permission level if their own permission level would be reduced as a result.]]>
In addition, a user may not revoke a group's permissions if it will reduce their own permission level.]]>
The authenticated user must have REPO_ADMIN permission for the specified repository or a higher project or global permission to call this resource. In addition, a user may not reduce their own permission level unless they have a project or global permission that already implies that permission.]]>
In addition, a user may not revoke their own repository permissions if they do not have a higher project or global permission.]]>
The authenticated user must have REPO_ADMIN permission for the specified repository or a higher project or global permission to call this resource.]]>
Optionally clients can specify following filters.]]>
The authenticated user must have REPO_READ permission for the specified repository to call this resource.]]>
Only authenticated users may call this resource.]]>
General commit comment:
{ "text": "An insightful general comment on a commit." }Reply to a comment:
{ "text": "A measured reply.", "parent": { "id": 1 } }General file comment:
{ "text": "An insightful general comment on a file.", "anchor": { "path": "path/to/file", "srcPath": "path/to/file" } }File line comment:
{ "text": "A pithy comment on a particular line within a file.", "anchor": { "line": 1, "lineType": "CONTEXT", "fileType": "FROM" "path": "path/to/file", "srcPath": "path/to/file" } }Note: general file comments are an experimental feature and may change in the near future!
For file and line comments, 'path' refers to the path of the file to which the comment should be applied and 'srcPath' refers to the path the that file used to have (only required for copies and moves).
For line comments, 'line' refers to the line in the diff that the comment should apply to. 'lineType' refers to the type of diff hunk, which can be:
The authenticated user must have REPO_READ permission for the repository that the commit is in to call this resource.]]>
The authenticated user must have REPO_READ permission for the repository that the commit is in to call this resource.]]>
version
that must match
the server's version of the comment or the update will fail. To determine the current version of the comment,
the comment should be fetched from the server prior to the update. Look for the 'version' attribute in the
returned JSON structure.
The authenticated user must have REPO_READ permission for the repository that the commit is in to call this resource.]]>
The authenticated user must have REPO_READ permission for the specified repository to call this resource.]]>
The authenticated user must have REPO_READ permission for the specified project to call this resource.]]>
The authenticated user must have REPO_ADMIN permission for the specified repository to call this resource.]]>
The authenticated user must have REPO_READ permission for the specified repository and PROJECT_ADMIN on the target project to call this resource. Note that users always have PROJECT_ADMIN permission on their personal projects.]]>
The authenticated user must have REPO_READ permission for the specified repository to call this resource.]]>
The repository's slug is derived from its name. If the name changes the slug may also change.
This API can be used to move the repository to a different project by setting the new project in the request, example: {@code {"project":{"key":"NEW_KEY"}}} .
The authenticated user must have REPO_ADMIN permission for the specified repository to call this resource.]]>
The authenticated user must have REPO_READ permission for the specified repository to call this resource.]]>
Updating the state of a task is allowed for any user having READ access to the repository. However only the task's creator, the context's author or an admin of the context's repository can update the task's text. (For a pull request task, those are the task's creator, the pull request's author or an admin on the repository containing the pull request). Additionally the task's text cannot be updated if it has been resolved.]]>
The authenticated user must have:
The authenticated user must have:
The authenticated user must have PROJECT_ADMIN permission for the specified project or a higher global permission to call this resource. In addition, a user may not reduce their own permission level unless they have a global permission that already implies that permission.]]>
In addition, a user may not revoke their own project permissions if they do not have a higher global permission.]]>
The authenticated user must have PROJECT_ADMIN permission for the specified project or a higher global permission to call this resource.]]>
The authenticated user must have PROJECT_ADMIN permission for the specified project or a higher global permission to call this resource.]]>
In addition, a user may not revoke a group's permissions if it will reduce their own permission level.]]>
The authenticated user must have PROJECT_ADMIN permission for the specified project or a higher global permission to call this resource. In addition, a user may not demote a group's permission level if their own permission level would be reduced as a result.]]>
The authenticated user must have PROJECT_ADMIN permission for the specified project or a higher global permission to call this resource.]]>
General pull request comment:
{ "text": "An insightful general comment on a pull request." }Reply to a comment:
{ "text": "A measured reply.", "parent": { "id": 1 } }General file comment:
{ "text": "An insightful general comment on a file.", "anchor": { "path": "path/to/file", "srcPath": "path/to/file" } }File line comment:
{ "text": "A pithy comment on a particular line within a file.", "anchor": { "line": 1, "lineType": "CONTEXT", "fileType": "FROM" "path": "path/to/file", "srcPath": "path/to/file" } }Note: general file comments are an experimental feature and may change in the near future!
For file and line comments, 'path' refers to the path of the file to which the comment should be applied and 'srcPath' refers to the path the that file used to have (only required for copies and moves).
For line comments, 'line' refers to the line in the diff that the comment should apply to. 'lineType' refers to the type of diff hunk, which can be:
The authenticated user must have REPO_READ permission for the repository that this pull request targets to call this resource.]]>
The authenticated user must have REPO_READ permission for the repository that this pull request targets to call this resource.]]>
version
that must match the
server's version of the comment or the update will fail. To determine the current version of
the comment, the comment should be fetched from the server prior to the update. Look for the
'version' attribute in the returned JSON structure.
The authenticated user must have REPO_READ permission for the repository that this pull request targets to call this resource.]]>
POST_RECEIVE
]]>The authenticated user must have REPO_ADMIN permission for the specified repository to call this resource.]]>
The authenticated user must have REPO_READ permission for the repository that this pull request targets to call this resource.]]>
Deprecated since 4.2. Use /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/pull-requests/{pullRequestId}/participants/{userSlug} instead]]>
Deprecated since 4.2. Use /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/pull-requests/{pullRequestId}/participants/{userSlug} instead]]>
avatar
and the value a data URI containing Base64-encoded image data. The URI should be in
the following format:
data:(content type, e.g. image/png);base64,(data)If the data is not Base64-encoded, or if a character set is defined in the URI, or the URI is otherwise invalid, project creation will fail.
The authenticated user must have PROJECT_CREATE permission to call this resource.]]>
The authenticated user must have PROJECT_ADMIN permission for the specified project to call this resource.]]>
To include a custom avatar for the updated project, the project definition should contain an additional attribute
with the key avatar
and the value a data URI containing Base64-encoded image data. The URI should be
in the following format:
data:(content type, e.g. image/png);base64,(data)
If the data is not Base64-encoded, or if a character set is defined in the URI, or the URI is otherwise invalid,
project creation will fail.
The authenticated user must have PROJECT_ADMIN permission for the specified project to call this resource.]]>
The authenticated user must have PROJECT_VIEW permission for the specified project to call this resource.]]>
The authenticated user must have PROJECT_VIEW permission for the specified project to call this resource.]]>
This resource accepts POST multipart form data, containing a single image in a form-field named 'avatar'.
There are configurable server limits on both the dimensions (1024x1024 pixels by default) and uploaded file size (1MB by default). Several different image formats are supported, but PNG and JPEG are preferred due to the file size limit.
This resource has Cross-Site Request Forgery (XSRF) protection. To allow the request to
pass the XSRF check the caller needs to send an X-Atlassian-Token
HTTP header with the
value no-check
.
An example curl request to upload an image name 'avatar.png' would be:
curl -X POST -u username:password -H "X-Atlassian-Token: no-check" http://example.com/rest/api/1.0/projects/STASH/avatar.png -F avatar=@avatar.png
The authenticated user must have PROJECT_ADMIN permission for the specified project to call this resource.]]>
If the user is already a participant in the pull request, their previous role is replaced with the supplied role unless they are already assigned the AUTHOR role which cannot be changed and will result in a Bad Request (400) response code.
The authenticated user must have REPO_WRITE permission for the repository that this pull request targets to call this resource.]]>
Afterwards, the user will still remain a participant in the pull request but their role will be reduced to PARTICIPANT. This is because once made a participant of a pull request, a user will forever remain a participant. Only their role may be altered.
The authenticated user must have REPO_WRITE permission for the repository that this pull request targets to call this resource. Deprecated since 4.2. Use /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/pull-requests/{pullRequestId}/participants/{userSlug} instead]]>
Afterwards, the user will still remain a participant in the pull request but their role will be reduced to PARTICIPANT. This is because once made a participant of a pull request, a user will forever remain a participant. Only their role may be altered.
The authenticated user must have REPO_WRITE permission for the repository that this pull request targets to call this resource. Deprecated since 4.2. Use /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/pull-requests/{pullRequestId}/participants/{userSlug} instead]]>
Note on permissions. In absence of the {@code permission} query parameter the implicit 'read' permission is assumed. Please note that this permission is lower than the REPO_READ permission rather than being equal to it. The implicit 'read' permission for a given repository is assigned to any user that has any of the higher permissions, such as REPO_READ, as well as to anonymous users if the repository is marked as public. The important implication of the above is that an anonymous request to this resource with a permission level REPO_READ is guaranteed to receive an empty list of repositories as a result. For anonymous requests it is therefore recommended to not specify the permission parameter at all.]]>
Warning: It is possible to downgrade the license during update, applying a license with a lower number of permitted users. If the number of currently-licensed users exceeds the limits of the new license, pushing will be disabled until the licensed user count is brought into compliance with the new license.
The authenticated user must have SYS_ADMIN permission. ADMIN users may view the current license details, but they may not update the license.]]>
srcPath
must also be specified to
produce the correct diff.
Note: This RESTful endpoint is currently not paged. The server will internally apply a hard cap to the streamed lines, and it is not possible to request subsequent pages if that cap is exceeded.
The authenticated user must have REPO_READ permission for the repository that this pull request targets to call this resource.]]>
false
to stream the diff without comments]]>srcPath
must also be specified to
produce the correct diff.
Note: This RESTful endpoint is currently not paged. The server will internally apply a hard cap to the streamed lines, and it is not possible to request subsequent pages if that cap is exceeded.
The authenticated user must have REPO_READ permission for the repository that this pull request targets to call this resource.]]>
false
to stream the diff without comments]]>Different types of activity items may be introduced in newer versions of Stash or by user installed plugins, so clients should be flexible enough to handle unexpected entity shapes in the returned page.
The authenticated user must have REPO_READ permission for the repository that this pull request targets to call this resource.]]>
The authenticated user must have REPO_READ permission for the repository that this pull request targets to call this resource.]]>
The authenticated user must either:
The authenticated user must have REPO_READ permission for the specified repository to call this resource.]]>
The authenticated user must have REPO_READ permission for the context repository to call this resource.]]>
The authenticated user must have REPO_READ permission for the specified repository to call this resource.]]>
The authenticated user must have REPO_READ permission for the specified repository to call this resource.]]>
This resource will call all RestFragments that are registered with the key bitbucket.repository.settings.pullRequests. If any fragment fails validations by returning a non-empty Map of errors, then no fragments will execute.
The property keys for the settings that are bundled with the application are
This resource will call all RestFragments that are registered with the key bitbucket.repository.settings.pullRequests. If any fragment fails validations by returning a non-empty Map of errors, then no fragments will execute.
Only the settings that should be updated need to be included in the request.
The property keys for the settings that are bundled with the application are
at
commit or, if not specified, from the tip of the default branch.
Unless the repository is public, the authenticated user must have REPO_READ access to call this resource.]]>
at
commit does not contain the requested path.]]>at
commit or, if not specified, from the tip of the default branch.
Unless the repository is public, the authenticated user must have REPO_READ access to call this resource.]]>
at
commit does not contain the requested path.]]>The authenticated user must have the ADMIN permission to call this resource.]]>
false
to not add them to a group]]>The authenticated user must have the ADMIN permission to call this resource.]]>
The authenticated user must have the ADMIN permission to call this resource.]]>
In the request entity, the context attribute is the group and the itemName is the user.
The authenticated user must have the ADMIN permission to call this resource.]]>
groups/add-user
, but with the context and
itemName attributes of the supplied request entity reversed. On the face of it this may appear
redundant, but it facilitates a specific UI component in Stash.
In the request entity, the context attribute is the user and the itemName is the group.
The authenticated user must have the ADMIN permission to call this resource.]]>
The authenticated user must have the ADMIN permission to call this resource.
In the request entity, the context attribute is the group and the itemName is the user.]]>
In the request entity, the context attribute is the user and the itemName is the group.
The authenticated user must have the ADMIN permission to call this resource.]]>
The authenticated user must have the LICENSED_USER permission to call this resource.]]>
The authenticated user must have the LICENSED_USER permission to call this resource.]]>
truncated
flags will be set to
true
on the segments, hunks and diffs substructures in the returned JSON response.
The authenticated user must have REPO_READ permission for the specified repository to call this resource.]]>
truncated
flags will be set to
true
on the segments, hunks and diffs substructures in the returned JSON response.
The authenticated user must have REPO_READ permission for the specified repository to call this resource.]]>