diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-11-18 13:16:36 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-11-18 13:16:36 +0000 |
commit | 311b0269b4eb9839fa63f80c8d7a58f32b8138a0 (patch) | |
tree | 07e7870bca8aed6d61fdcc810731c50d2c40af47 /app/controllers/concerns | |
parent | 27909cef6c4170ed9205afa7426b8d3de47cbb0c (diff) | |
download | gitlab-ce-311b0269b4eb9839fa63f80c8d7a58f32b8138a0.tar.gz |
Add latest changes from gitlab-org/gitlab@14-5-stable-eev14.5.0-rc42
Diffstat (limited to 'app/controllers/concerns')
-rw-r--r-- | app/controllers/concerns/gitlab_recaptcha.rb | 22 | ||||
-rw-r--r-- | app/controllers/concerns/group_tree.rb | 8 | ||||
-rw-r--r-- | app/controllers/concerns/integrations/actions.rb (renamed from app/controllers/concerns/integrations_actions.rb) | 4 | ||||
-rw-r--r-- | app/controllers/concerns/integrations/hooks_execution.rb (renamed from app/controllers/concerns/hooks_execution.rb) | 2 | ||||
-rw-r--r-- | app/controllers/concerns/integrations/params.rb | 4 | ||||
-rw-r--r-- | app/controllers/concerns/issuable_actions.rb | 35 | ||||
-rw-r--r-- | app/controllers/concerns/oauth_applications.rb | 10 | ||||
-rw-r--r-- | app/controllers/concerns/one_trust_csp.rb | 2 | ||||
-rw-r--r-- | app/controllers/concerns/workhorse_authorization.rb | 6 |
9 files changed, 75 insertions, 18 deletions
diff --git a/app/controllers/concerns/gitlab_recaptcha.rb b/app/controllers/concerns/gitlab_recaptcha.rb new file mode 100644 index 00000000000..15e856463ea --- /dev/null +++ b/app/controllers/concerns/gitlab_recaptcha.rb @@ -0,0 +1,22 @@ +# frozen_string_literal: true + +module GitlabRecaptcha + extend ActiveSupport::Concern + include Recaptcha::Verify + include RecaptchaHelper + + def load_recaptcha + recaptcha_enabled? && Gitlab::Recaptcha.load_configurations! + end + + def check_recaptcha + return unless load_recaptcha + return if verify_recaptcha + + flash[:alert] = _('There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.') + flash.delete :recaptcha_error + + self.resource = resource_class.new + render action: 'new' + end +end diff --git a/app/controllers/concerns/group_tree.rb b/app/controllers/concerns/group_tree.rb index 35c1f358a77..e02a766d2b9 100644 --- a/app/controllers/concerns/group_tree.rb +++ b/app/controllers/concerns/group_tree.rb @@ -38,13 +38,7 @@ module GroupTree # # Pagination needs to be applied before loading the ancestors to # make sure ancestors are not cut off by pagination. - filtered_groups_relation = Group.where(id: filtered_groups.select(:id)) - - if Feature.enabled?(:linear_group_tree_ancestor_scopes, current_user, default_enabled: :yaml) - filtered_groups_relation.self_and_ancestors - else - Gitlab::ObjectHierarchy.new(filtered_groups_relation).base_and_ancestors - end + Group.where(id: filtered_groups.select(:id)).self_and_ancestors end # rubocop: enable CodeReuse/ActiveRecord end diff --git a/app/controllers/concerns/integrations_actions.rb b/app/controllers/concerns/integrations/actions.rb index dd066cc1b02..6490742c0f8 100644 --- a/app/controllers/concerns/integrations_actions.rb +++ b/app/controllers/concerns/integrations/actions.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -module IntegrationsActions +module Integrations::Actions extend ActiveSupport::Concern included do @@ -8,6 +8,8 @@ module IntegrationsActions include IntegrationsHelper before_action :integration, only: [:edit, :update, :overrides, :test] + + urgency :low, [:test] end def edit diff --git a/app/controllers/concerns/hooks_execution.rb b/app/controllers/concerns/integrations/hooks_execution.rb index 87d215f50e7..af039057a9c 100644 --- a/app/controllers/concerns/hooks_execution.rb +++ b/app/controllers/concerns/integrations/hooks_execution.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -module HooksExecution +module Integrations::HooksExecution extend ActiveSupport::Concern private diff --git a/app/controllers/concerns/integrations/params.rb b/app/controllers/concerns/integrations/params.rb index 62585ab95af..201fb1dc83f 100644 --- a/app/controllers/concerns/integrations/params.rb +++ b/app/controllers/concerns/integrations/params.rb @@ -9,6 +9,7 @@ module Integrations :add_pusher, :alert_events, :api_key, + :api_token, :api_url, :bamboo_url, :branches_to_be_notified, @@ -74,7 +75,8 @@ module Integrations :url, :user_key, :username, - :webhook + :webhook, + :zentao_product_xid ].freeze def integration_params diff --git a/app/controllers/concerns/issuable_actions.rb b/app/controllers/concerns/issuable_actions.rb index e1e662a1968..2d7fbb78209 100644 --- a/app/controllers/concerns/issuable_actions.rb +++ b/app/controllers/concerns/issuable_actions.rb @@ -149,8 +149,20 @@ module IssuableActions .includes(:noteable) .fresh + if paginated_discussions + paginated_discussions_by_type = paginated_discussions.records.group_by(&:table_name) + + notes = if paginated_discussions_by_type['notes'].present? + notes.with_discussion_ids(paginated_discussions_by_type['notes'].map(&:discussion_id)) + else + notes.none + end + + response.headers['X-Next-Page-Cursor'] = paginated_discussions.cursor_for_next_page if paginated_discussions.has_next_page? + end + if notes_filter != UserPreference::NOTES_FILTERS[:only_comments] - notes = ResourceEvents::MergeIntoNotesService.new(issuable, current_user).execute(notes) + notes = ResourceEvents::MergeIntoNotesService.new(issuable, current_user, paginated_notes: paginated_discussions_by_type).execute(notes) end notes = prepare_notes_for_rendering(notes) @@ -159,9 +171,9 @@ module IssuableActions discussions = Discussion.build_collection(notes, issuable) if issuable.is_a?(MergeRequest) - cache_context = [current_user&.cache_key, project.team.human_max_access(current_user&.id)].join(':') - - render_cached(discussions, with: discussion_serializer, cache_context: -> (_) { cache_context }, context: self) + render_cached(discussions, with: discussion_serializer, cache_context: -> (_) { discussion_cache_context }, context: self) + elsif issuable.is_a?(Issue) + render json: discussion_serializer.represent(discussions, context: self) if stale?(etag: [discussion_cache_context, discussions]) else render json: discussion_serializer.represent(discussions, context: self) end @@ -170,6 +182,17 @@ module IssuableActions private + def paginated_discussions + return if params[:per_page].blank? + return unless issuable.instance_of?(Issue) && Feature.enabled?(:paginated_issue_discussions, project, default_enabled: :yaml) + + strong_memoize(:paginated_discussions) do + issuable + .discussion_root_note_ids(notes_filter: notes_filter) + .keyset_paginate(cursor: params[:cursor], per_page: params[:per_page].to_i) + end + end + def notes_filter strong_memoize(:notes_filter) do notes_filter_param = params[:notes_filter]&.to_i @@ -197,6 +220,10 @@ module IssuableActions current_user&.user_preference&.previous_changes&.any? end + def discussion_cache_context + [current_user&.cache_key, project.team.human_max_access(current_user&.id)].join(':') + end + def discussion_serializer DiscussionSerializer.new(project: project, noteable: issuable, current_user: current_user, note_entity: ProjectNoteEntity) end diff --git a/app/controllers/concerns/oauth_applications.rb b/app/controllers/concerns/oauth_applications.rb index d2c746db12d..794307ebb0c 100644 --- a/app/controllers/concerns/oauth_applications.rb +++ b/app/controllers/concerns/oauth_applications.rb @@ -3,6 +3,8 @@ module OauthApplications extend ActiveSupport::Concern + CREATED_SESSION_KEY = :oauth_applications_created + included do before_action :prepare_scopes, only: [:create, :update] end @@ -15,6 +17,14 @@ module OauthApplications end end + def set_created_session + session[CREATED_SESSION_KEY] = true + end + + def get_created_session + session.delete(CREATED_SESSION_KEY) || false + end + def load_scopes @scopes ||= Doorkeeper.configuration.scopes end diff --git a/app/controllers/concerns/one_trust_csp.rb b/app/controllers/concerns/one_trust_csp.rb index 4e98ec586ca..fbd44f52590 100644 --- a/app/controllers/concerns/one_trust_csp.rb +++ b/app/controllers/concerns/one_trust_csp.rb @@ -5,7 +5,7 @@ module OneTrustCSP included do content_security_policy do |policy| - next if policy.directives.blank? + next unless helpers.one_trust_enabled? || policy.directives.present? default_script_src = policy.directives['script-src'] || policy.directives['default-src'] script_src_values = Array.wrap(default_script_src) | ["'unsafe-eval'", 'https://cdn.cookielaw.org https://*.onetrust.com'] diff --git a/app/controllers/concerns/workhorse_authorization.rb b/app/controllers/concerns/workhorse_authorization.rb index a290ba256b6..f9b85944307 100644 --- a/app/controllers/concerns/workhorse_authorization.rb +++ b/app/controllers/concerns/workhorse_authorization.rb @@ -26,7 +26,7 @@ module WorkhorseAuthorization def file_is_valid?(file) return false unless file.is_a?(::UploadedFile) - file_extension_whitelist.include?(File.extname(file.original_filename).downcase.delete('.')) + file_extension_allowlist.include?(File.extname(file.original_filename).downcase.delete('.')) end def uploader_class @@ -37,7 +37,7 @@ module WorkhorseAuthorization raise NotImplementedError end - def file_extension_whitelist - ImportExportUploader::EXTENSION_WHITELIST + def file_extension_allowlist + ImportExportUploader::EXTENSION_ALLOWLIST end end |