diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-04-20 10:00:54 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-04-20 10:00:54 +0000 |
commit | 3cccd102ba543e02725d247893729e5c73b38295 (patch) | |
tree | f36a04ec38517f5deaaacb5acc7d949688d1e187 /app/controllers/concerns | |
parent | 205943281328046ef7b4528031b90fbda70c75ac (diff) | |
download | gitlab-ce-3cccd102ba543e02725d247893729e5c73b38295.tar.gz |
Add latest changes from gitlab-org/gitlab@14-10-stable-eev14.10.0-rc42
Diffstat (limited to 'app/controllers/concerns')
4 files changed, 38 insertions, 17 deletions
diff --git a/app/controllers/concerns/enforces_two_factor_authentication.rb b/app/controllers/concerns/enforces_two_factor_authentication.rb index c67e73d4e78..b1b6e21644e 100644 --- a/app/controllers/concerns/enforces_two_factor_authentication.rb +++ b/app/controllers/concerns/enforces_two_factor_authentication.rb @@ -10,6 +10,11 @@ module EnforcesTwoFactorAuthentication extend ActiveSupport::Concern + MFA_HELP_PAGE = Rails.application.routes.url_helpers.help_page_url( + 'user/profile/account/two_factor_authentication.html', + anchor: 'enable-two-factor-authentication' + ) + included do before_action :check_two_factor_requirement, except: [:route_not_found] @@ -24,7 +29,16 @@ module EnforcesTwoFactorAuthentication return unless respond_to?(:current_user) if two_factor_authentication_required? && current_user_requires_two_factor? - redirect_to profile_two_factor_auth_path + case self + when GraphqlController + render_error( + _("Authentication error: enable 2FA in your profile settings to continue using GitLab: %{mfa_help_page}") % + { mfa_help_page: MFA_HELP_PAGE }, + status: :unauthorized + ) + else + redirect_to profile_two_factor_auth_path + end end end diff --git a/app/controllers/concerns/integrations/params.rb b/app/controllers/concerns/integrations/params.rb index 80acb369cb2..d256b331174 100644 --- a/app/controllers/concerns/integrations/params.rb +++ b/app/controllers/concerns/integrations/params.rb @@ -89,7 +89,7 @@ module Integrations param_values = return_value[:integration] if param_values.is_a?(ActionController::Parameters) - integration.password_fields.each do |param| + integration.secret_fields.each do |param| param_values.delete(param) if param_values[param].blank? end end diff --git a/app/controllers/concerns/sessionless_authentication.rb b/app/controllers/concerns/sessionless_authentication.rb index 48daacc09c2..7ec9be6baaf 100644 --- a/app/controllers/concerns/sessionless_authentication.rb +++ b/app/controllers/concerns/sessionless_authentication.rb @@ -20,16 +20,21 @@ module SessionlessAuthentication end def sessionless_sign_in(user) - if user.can_log_in_with_non_expired_password? - # Notice we are passing store false, so the user is not - # actually stored in the session and a token is needed - # for every request. If you want the token to work as a - # sign in token, you can simply remove store: false. - sign_in(user, store: false, message: :sessionless_sign_in) - elsif request_authenticator.can_sign_in_bot?(user) - # we suppress callbacks to avoid redirecting the bot - sign_in(user, store: false, message: :sessionless_sign_in, run_callbacks: false) - end + signed_in_user = + if user.can_log_in_with_non_expired_password? + # Notice we are passing store false, so the user is not + # actually stored in the session and a token is needed + # for every request. If you want the token to work as a + # sign in token, you can simply remove store: false. + sign_in(user, store: false, message: :sessionless_sign_in) + elsif request_authenticator.can_sign_in_bot?(user) + # we suppress callbacks to avoid redirecting the bot + sign_in(user, store: false, message: :sessionless_sign_in, run_callbacks: false) + end + + reset_auth_user! if respond_to?(:reset_auth_user!, true) + + signed_in_user end def sessionless_bypass_admin_mode!(&block) diff --git a/app/controllers/concerns/wiki_actions.rb b/app/controllers/concerns/wiki_actions.rb index 714a6f280f3..91de1d8aeae 100644 --- a/app/controllers/concerns/wiki_actions.rb +++ b/app/controllers/concerns/wiki_actions.rb @@ -21,10 +21,6 @@ module WikiActions before_action :load_sidebar, except: [:pages] before_action :set_content_class - before_action do - push_frontend_feature_flag(:wiki_switch_between_content_editor_raw_markdown, @group, default_enabled: :yaml) - end - before_action only: [:show, :edit, :update] do @valid_encoding = valid_encoding? end @@ -223,7 +219,7 @@ module WikiActions def page strong_memoize(:page) do - wiki.find_page(*page_params) + wiki.find_page(*page_params, load_content: load_content?) end end @@ -310,6 +306,12 @@ module WikiActions def send_wiki_file_blob(wiki, file_blob) send_blob(wiki.repository, file_blob) end + + def load_content? + return false if %w[history destroy diff show].include?(params[:action]) + + true + end end WikiActions.prepend_mod |