Add latest changes from gitlab-org/gitlab@14-0-stable-ee

5 files changed, 38 insertions, 15 deletions

diff --git a/app/models/concerns/has_repository.rb b/app/models/concerns/has_repository.rb
index 33f6904bc91..1b4c590694a 100644
--- a/app/models/concerns/has_repository.rb
+++ b/app/models/concerns/has_repository.rb
@@ -14,6 +14,7 @@ module HasRepository
   include Gitlab::Utils::StrongMemoize
 
   delegate :base_dir, :disk_path, to: :storage
+  delegate :change_head, to: :repository
 
   def valid_repo?
     repository.exists?
@@ -117,4 +118,8 @@ module HasRepository
   def repository_size_checker
     raise NotImplementedError
   end
+
+  def after_repository_change_head
+    reload_default_branch
+  end
 end
diff --git a/app/models/lfs_download_object.rb b/app/models/lfs_download_object.rb
index 6383f95d546..319499fd1b7 100644
--- a/app/models/lfs_download_object.rb
+++ b/app/models/lfs_download_object.rb
@@ -3,20 +3,32 @@
 class LfsDownloadObject
   include ActiveModel::Validations
 
-  attr_accessor :oid, :size, :link
+  attr_accessor :oid, :size, :link, :headers
   delegate :sanitized_url, :credentials, to: :sanitized_uri
 
   validates :oid, format: { with: /\A\h{64}\z/ }
   validates :size, numericality: { greater_than_or_equal_to: 0 }
   validates :link, public_url: { protocols: %w(http https) }
+  validate :headers_must_be_hash
 
-  def initialize(oid:, size:, link:)
+  def initialize(oid:, size:, link:, headers: {})
     @oid = oid
     @size = size
     @link = link
+    @headers = headers || {}
   end
 
   def sanitized_uri
     @sanitized_uri ||= Gitlab::UrlSanitizer.new(link)
   end
+
+  def has_authorization_header?
+    headers.keys.map(&:downcase).include?('authorization')
+  end
+
+  private
+
+  def headers_must_be_hash
+    errors.add(:base, "headers must be a Hash") unless headers.is_a?(Hash)
+  end
 end
diff --git a/app/models/project.rb b/app/models/project.rb
index 1f8e8b81015..95ba0973321 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -1661,18 +1661,11 @@ class Project < ApplicationRecord
     :visibility_level
   end
 
-  def change_head(branch)
-    if repository.branch_exists?(branch)
-      repository.before_change_head
-      repository.raw_repository.write_ref('HEAD', "refs/heads/#{branch}")
-      repository.copy_gitattributes(branch)
-      repository.after_change_head
-      ProjectCacheWorker.perform_async(self.id, [], [:commit_count])
-      reload_default_branch
-    else
-      errors.add(:base, _("Could not change HEAD: branch '%{branch}' does not exist") % { branch: branch })
-      false
-    end
+  override :after_repository_change_head
+  def after_repository_change_head
+    ProjectCacheWorker.perform_async(self.id, [], [:commit_count])
+
+    super
   end
 
   def forked_from?(other_project)
diff --git a/app/models/repository.rb b/app/models/repository.rb
index 1bd61fe48cb..a77aaf02e06 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -466,6 +466,7 @@ class Repository
   # Runs code after the HEAD of a repository is changed.
   def after_change_head
     expire_all_method_caches
+    container.after_repository_change_head
   end
 
   # Runs code after a new commit has been pushed.
@@ -1142,6 +1143,18 @@ class Repository
     Gitlab::CurrentSettings.pick_repository_storage
   end
 
+  def change_head(branch)
+    if branch_exists?(branch)
+      before_change_head
+      raw_repository.write_ref('HEAD', "refs/heads/#{branch}")
+      copy_gitattributes(branch)
+      after_change_head
+    else
+      container.errors.add(:base, _("Could not change HEAD: branch '%{branch}' does not exist") % { branch: branch })
+      false
+    end
+  end
+
   private
 
   # TODO Genericize finder, later split this on finders by Ref or Oid
diff --git a/app/models/user.rb b/app/models/user.rb
index 52bf9149ee2..ce702131151 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -2095,7 +2095,7 @@ class User < ApplicationRecord
   end
 
   def check_username_format
-    return if username.blank? || Mime::EXTENSION_LOOKUP.keys.none? { |type| username.end_with?(type) }
+    return if username.blank? || Mime::EXTENSION_LOOKUP.keys.none? { |type| username.end_with?(".#{type}") }
 
     errors.add(:username, _('ending with MIME type format is not allowed.'))
   end