diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-20 08:43:02 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-20 08:43:02 +0000 |
commit | d9ab72d6080f594d0b3cae15f14b3ef2c6c638cb (patch) | |
tree | 2341ef426af70ad1e289c38036737e04b0aa5007 /app/controllers/groups | |
parent | d6e514dd13db8947884cd58fe2a9c2a063400a9b (diff) | |
download | gitlab-ce-d9ab72d6080f594d0b3cae15f14b3ef2c6c638cb.tar.gz |
Add latest changes from gitlab-org/gitlab@14-4-stable-eev14.4.0-rc42
Diffstat (limited to 'app/controllers/groups')
8 files changed, 88 insertions, 37 deletions
diff --git a/app/controllers/groups/boards_controller.rb b/app/controllers/groups/boards_controller.rb index 60708c13b85..e8e6a7e5c1a 100644 --- a/app/controllers/groups/boards_controller.rb +++ b/app/controllers/groups/boards_controller.rb @@ -11,6 +11,7 @@ class Groups::BoardsController < Groups::ApplicationController push_frontend_feature_flag(:board_multi_select, group, default_enabled: :yaml) push_frontend_feature_flag(:swimlanes_buffered_rendering, group, default_enabled: :yaml) push_frontend_feature_flag(:iteration_cadences, group, default_enabled: :yaml) + push_frontend_feature_flag(:labels_widget, group, default_enabled: :yaml) end feature_category :boards diff --git a/app/controllers/groups/dependency_proxy/application_controller.rb b/app/controllers/groups/dependency_proxy/application_controller.rb index fd9db41f748..18a6ff93e15 100644 --- a/app/controllers/groups/dependency_proxy/application_controller.rb +++ b/app/controllers/groups/dependency_proxy/application_controller.rb @@ -21,8 +21,14 @@ module Groups authenticate_with_http_token do |token, _| @authentication_result = EMPTY_AUTH_RESULT - found_user = user_from_token(token) - sign_in(found_user) if found_user.is_a?(User) + user_or_deploy_token = ::DependencyProxy::AuthTokenService.user_or_deploy_token_from_jwt(token) + + if user_or_deploy_token.is_a?(User) + @authentication_result = Gitlab::Auth::Result.new(user_or_deploy_token, nil, :user, []) + sign_in(user_or_deploy_token) + elsif user_or_deploy_token.is_a?(DeployToken) + @authentication_result = Gitlab::Auth::Result.new(user_or_deploy_token, nil, :deploy_token, []) + end end request_bearer_token! unless authenticated_user @@ -39,28 +45,6 @@ module Groups response.headers['WWW-Authenticate'] = ::DependencyProxy::Registry.authenticate_header render plain: '', status: :unauthorized end - - def user_from_token(token) - token_payload = ::DependencyProxy::AuthTokenService.decoded_token_payload(token) - - if token_payload['user_id'] - token_user = User.find(token_payload['user_id']) - return unless token_user - - @authentication_result = Gitlab::Auth::Result.new(token_user, nil, :user, []) - return token_user - elsif token_payload['deploy_token'] - deploy_token = DeployToken.active.find_by_token(token_payload['deploy_token']) - return unless deploy_token - - @authentication_result = Gitlab::Auth::Result.new(deploy_token, nil, :deploy_token, []) - return deploy_token - end - - nil - rescue JWT::DecodeError, JWT::ExpiredSignature, JWT::ImmatureSignature - nil - end end end end diff --git a/app/controllers/groups/dependency_proxy_for_containers_controller.rb b/app/controllers/groups/dependency_proxy_for_containers_controller.rb index f7dc552bd3e..e19b8ae35f8 100644 --- a/app/controllers/groups/dependency_proxy_for_containers_controller.rb +++ b/app/controllers/groups/dependency_proxy_for_containers_controller.rb @@ -5,11 +5,15 @@ class Groups::DependencyProxyForContainersController < ::Groups::DependencyProxy include DependencyProxy::GroupAccess include SendFileUpload include ::PackagesHelper # for event tracking + include WorkhorseRequest before_action :ensure_group - before_action :ensure_token_granted! + before_action :ensure_token_granted!, only: [:blob, :manifest] before_action :ensure_feature_enabled! + before_action :verify_workhorse_api!, only: [:authorize_upload_blob, :upload_blob] + skip_before_action :verify_authenticity_token, only: [:authorize_upload_blob, :upload_blob] + attr_reader :token feature_category :dependency_proxy @@ -38,6 +42,8 @@ class Groups::DependencyProxyForContainersController < ::Groups::DependencyProxy end def blob + return blob_via_workhorse if Feature.enabled?(:dependency_proxy_workhorse, group, default_enabled: :yaml) + result = DependencyProxy::FindOrCreateBlobService .new(group, image, token, params[:sha]).execute @@ -50,11 +56,47 @@ class Groups::DependencyProxyForContainersController < ::Groups::DependencyProxy end end + def authorize_upload_blob + set_workhorse_internal_api_content_type + + render json: DependencyProxy::FileUploader.workhorse_authorize(has_length: false) + end + + def upload_blob + @group.dependency_proxy_blobs.create!( + file_name: blob_file_name, + file: params[:file], + size: params[:file].size + ) + + event_name = tracking_event_name(object_type: :blob, from_cache: false) + track_package_event(event_name, :dependency_proxy, namespace: group, user: auth_user) + + head :ok + end + private + def blob_via_workhorse + blob = @group.dependency_proxy_blobs.find_by_file_name(blob_file_name) + + if blob.present? + event_name = tracking_event_name(object_type: :blob, from_cache: true) + track_package_event(event_name, :dependency_proxy, namespace: group, user: auth_user) + + send_upload(blob.file) + else + send_dependency(token, DependencyProxy::Registry.blob_url(image, params[:sha]), blob_file_name) + end + end + + def blob_file_name + @blob_file_name ||= params[:sha].sub('sha256:', '') + '.gz' + end + def group strong_memoize(:group) do - Group.find_by_full_path(params[:group_id], follow_redirects: request.get?) + Group.find_by_full_path(params[:group_id], follow_redirects: true) end end diff --git a/app/controllers/groups/group_members_controller.rb b/app/controllers/groups/group_members_controller.rb index 9b8d5cfe476..6e59f159636 100644 --- a/app/controllers/groups/group_members_controller.rb +++ b/app/controllers/groups/group_members_controller.rb @@ -25,19 +25,15 @@ class Groups::GroupMembersController < Groups::ApplicationController def index @sort = params[:sort].presence || sort_value_name - @members = GroupMembersFinder - .new(@group, current_user, params: filter_params) - .execute(include_relations: requested_relations) - if can?(current_user, :admin_group_member, @group) @skip_groups = @group.related_group_ids - @invited_members = @members.invite + @invited_members = invited_members @invited_members = @invited_members.search_invite_email(params[:search_invited]) if params[:search_invited].present? @invited_members = present_invited_members(@invited_members) end - @members = present_group_members(@members.non_invite) + @members = present_group_members(non_invited_members) @requesters = present_members( AccessRequestsFinder.new(@group).execute(current_user) @@ -51,6 +47,20 @@ class Groups::GroupMembersController < Groups::ApplicationController private + def group_members + @group_members ||= GroupMembersFinder + .new(@group, current_user, params: filter_params) + .execute(include_relations: requested_relations) + end + + def invited_members + group_members.invite.with_invited_user_state + end + + def non_invited_members + group_members.non_invite + end + def present_invited_members(invited_members) present_members(invited_members .page(params[:invited_members_page]) diff --git a/app/controllers/groups/packages_controller.rb b/app/controllers/groups/packages_controller.rb index 47f1816cc4c..d02a8262948 100644 --- a/app/controllers/groups/packages_controller.rb +++ b/app/controllers/groups/packages_controller.rb @@ -6,6 +6,10 @@ module Groups feature_category :package_registry + before_action do + push_frontend_feature_flag(:package_list_apollo, default_enabled: :yaml) + end + private def verify_packages_enabled! diff --git a/app/controllers/groups/registry/repositories_controller.rb b/app/controllers/groups/registry/repositories_controller.rb index 3aaaf6ade6b..549a148bfb8 100644 --- a/app/controllers/groups/registry/repositories_controller.rb +++ b/app/controllers/groups/registry/repositories_controller.rb @@ -3,6 +3,7 @@ module Groups module Registry class RepositoriesController < Groups::ApplicationController include PackagesHelper + include ::Registry::ConnectionErrorsHandler before_action :verify_container_registry_enabled! before_action :authorize_read_container_image! diff --git a/app/controllers/groups/runners_controller.rb b/app/controllers/groups/runners_controller.rb index f37c08da22a..5c21c7b023c 100644 --- a/app/controllers/groups/runners_controller.rb +++ b/app/controllers/groups/runners_controller.rb @@ -10,8 +10,10 @@ class Groups::RunnersController < Groups::ApplicationController feature_category :runner def index - finder = Ci::RunnersFinder.new(current_user: current_user, params: { group: @group }) - @group_runners_limited_count = finder.execute.except(:limit, :offset).page.total_count_with_limit(:all, limit: 1000) + ::Gitlab::Database.allow_cross_joins_across_databases(url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/336433') do + finder = Ci::RunnersFinder.new(current_user: current_user, params: { group: @group }) + @group_runners_limited_count = finder.execute.except(:limit, :offset).page.total_count_with_limit(:all, limit: 1000) + end end def runner_list_group_view_vue_ui_enabled @@ -61,9 +63,11 @@ class Groups::RunnersController < Groups::ApplicationController private def runner - @runner ||= Ci::RunnersFinder.new(current_user: current_user, params: { group: @group }).execute - .except(:limit, :offset) - .find(params[:id]) + ::Gitlab::Database.allow_cross_joins_across_databases(url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/336433') do + @runner ||= Ci::RunnersFinder.new(current_user: current_user, params: { group: @group }).execute + .except(:limit, :offset) + .find(params[:id]) + end end def runner_params diff --git a/app/controllers/groups/settings/ci_cd_controller.rb b/app/controllers/groups/settings/ci_cd_controller.rb index a290ef9b5e7..e125385f841 100644 --- a/app/controllers/groups/settings/ci_cd_controller.rb +++ b/app/controllers/groups/settings/ci_cd_controller.rb @@ -23,6 +23,11 @@ module Groups @group_runners = runners_finder.execute.page(params[:page]).per(NUMBER_OF_RUNNERS_PER_PAGE) @sort = runners_finder.sort_key + + # Allow sql generated by the two relations above, @all_group_runners and @group_runners + ::Gitlab::Database.allow_cross_joins_across_databases(url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/336433') do + render + end end def update |