Merge branch 'jprovazn-direct-upload' into 'master'

Add workhorse authorize method for project/group uploads Closes #44663 See merge request gitlab-org/gitlab-ce!19717
author: Kamil Trzciński (OoO till 3th) <ayufan@ayufan.eu> 2018-07-04 09:50:29 +0000
committer: Kamil Trzciński (OoO till 3th) <ayufan@ayufan.eu> 2018-07-04 09:50:29 +0000
commit: 34694c3afc8e3476f5f070fe1c97aef9119a921b (patch)
tree: 9a1c90f0bfc37d97aa5675cbfc1748cc0fce0f7d /app/controllers
parent: cda22d0780ea9bf598f82f51fffb7c50a4b4b1bc (diff)
parent: 249c24891a3a54d2fd6b9355244cad4e35d722f7 (diff)
download: gitlab-ce-34694c3afc8e3476f5f070fe1c97aef9119a921b.tar.gz
3 files changed, 16 insertions, 2 deletions
diff --git a/app/controllers/concerns/uploads_actions.rb b/app/controllers/concerns/uploads_actions.rb
index 16374146ae4..434459a225a 100644
--- a/app/controllers/concerns/uploads_actions.rb
+++ b/app/controllers/concerns/uploads_actions.rb
@@ -45,6 +45,16 @@ module UploadsActions
     send_upload(uploader, attachment: uploader.filename, disposition: disposition)
   end
 
+  def authorize
+    set_workhorse_internal_api_content_type
+
+    authorized = uploader_class.workhorse_authorize(
+      has_length: false,
+      maximum_size: Gitlab::CurrentSettings.max_attachment_size.megabytes.to_i)
+
+    render json: authorized
+  end
+
   private
 
   # Explicitly set the format.
diff --git a/app/controllers/groups/uploads_controller.rb b/app/controllers/groups/uploads_controller.rb
index f1578f75e88..74760194a1f 100644
--- a/app/controllers/groups/uploads_controller.rb
+++ b/app/controllers/groups/uploads_controller.rb
@@ -1,9 +1,11 @@
 class Groups::UploadsController < Groups::ApplicationController
   include UploadsActions
+  include WorkhorseRequest
 
   skip_before_action :group, if: -> { action_name == 'show' && image_or_video? }
 
-  before_action :authorize_upload_file!, only: [:create]
+  before_action :authorize_upload_file!, only: [:create, :authorize]
+  before_action :verify_workhorse_api!, only: [:authorize]
 
   private
 
diff --git a/app/controllers/projects/uploads_controller.rb b/app/controllers/projects/uploads_controller.rb
index f5cf089ad98..7a85046164c 100644
--- a/app/controllers/projects/uploads_controller.rb
+++ b/app/controllers/projects/uploads_controller.rb
@@ -1,11 +1,13 @@
 class Projects::UploadsController < Projects::ApplicationController
   include UploadsActions
+  include WorkhorseRequest
 
   # These will kick you out if you don't have access.
   skip_before_action :project, :repository,
     if: -> { action_name == 'show' && image_or_video? }
 
-  before_action :authorize_upload_file!, only: [:create]
+  before_action :authorize_upload_file!, only: [:create, :authorize]
+  before_action :verify_workhorse_api!, only: [:authorize]
 
   private
author	Kamil Trzciński (OoO till 3th) <ayufan@ayufan.eu>	2018-07-04 09:50:29 +0000
committer	Kamil Trzciński (OoO till 3th) <ayufan@ayufan.eu>	2018-07-04 09:50:29 +0000
commit	34694c3afc8e3476f5f070fe1c97aef9119a921b (patch)
tree	9a1c90f0bfc37d97aa5675cbfc1748cc0fce0f7d /app/controllers
parent	cda22d0780ea9bf598f82f51fffb7c50a4b4b1bc (diff)
parent	249c24891a3a54d2fd6b9355244cad4e35d722f7 (diff)
download	gitlab-ce-34694c3afc8e3476f5f070fe1c97aef9119a921b.tar.gz