Add latest changes from gitlab-org/security/gitlab@14-7-stable-ee

9 files changed, 37 insertions, 49 deletions

diff --git a/app/services/concerns/protected_ref_name_sanitizer.rb b/app/services/concerns/protected_ref_name_sanitizer.rb
deleted file mode 100644
index 3966c410fec..00000000000
--- a/app/services/concerns/protected_ref_name_sanitizer.rb
+++ /dev/null
@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-
-module ProtectedRefNameSanitizer
-  def sanitize_name(name)
-    name = CGI.unescapeHTML(name)
-    name = Sanitize.fragment(name)
-
-    # Sanitize.fragment escapes HTML chars, so unescape again to allow names
-    # like `feature->master`
-    CGI.unescapeHTML(name)
-  end
-end
diff --git a/app/services/packages/mark_package_files_for_destruction_service.rb b/app/services/packages/mark_package_files_for_destruction_service.rb
new file mode 100644
index 00000000000..3672b44b409
--- /dev/null
+++ b/app/services/packages/mark_package_files_for_destruction_service.rb
@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module Packages
+  # WARNING: ensure that permissions are verified before using this service.
+  class MarkPackageFilesForDestructionService
+    BATCH_SIZE = 500
+
+    def initialize(package_files)
+      @package_files = package_files
+    end
+
+    def execute
+      @package_files.each_batch(of: BATCH_SIZE) do |batched_package_files|
+        batched_package_files.update_all(status: :pending_destruction)
+      end
+
+      service_response_success('Package files are now pending destruction')
+    end
+
+    private
+
+    def service_response_success(message)
+      ServiceResponse.success(message: message)
+    end
+  end
+end
diff --git a/app/services/packages/destroy_package_service.rb b/app/services/packages/mark_package_for_destruction_service.rb
index 697f1fa3ac8..3417febe79a 100644
--- a/app/services/packages/destroy_package_service.rb
+++ b/app/services/packages/mark_package_for_destruction_service.rb
@@ -1,19 +1,20 @@
 # frozen_string_literal: true
 
 module Packages
-  class DestroyPackageService < BaseContainerService
+  class MarkPackageForDestructionService < BaseContainerService
     alias_method :package, :container
 
     def execute
       return service_response_error("You don't have access to this package", 403) unless user_can_delete_package?
 
-      package.destroy!
+      package.pending_destruction!
 
+      package.mark_package_files_for_destruction
       package.sync_maven_metadata(current_user)
 
-      service_response_success('Package was successfully deleted')
+      service_response_success('Package was successfully marked as pending destruction')
     rescue StandardError
-      service_response_error('Failed to remove the package', 400)
+      service_response_error('Failed to mark the package as pending destruction', 400)
     end
 
     private
diff --git a/app/services/protected_branches/base_service.rb b/app/services/protected_branches/base_service.rb
index 1ab3ccfcaae..f48e02ab4b5 100644
--- a/app/services/protected_branches/base_service.rb
+++ b/app/services/protected_branches/base_service.rb
@@ -2,8 +2,6 @@
 
 module ProtectedBranches
   class BaseService < ::BaseService
-    include ProtectedRefNameSanitizer
-
     # current_user - The user that performs the action
     # params - A hash of parameters
     def initialize(project, current_user = nil, params = {})
@@ -15,14 +13,5 @@ module ProtectedBranches
     def after_execute(*)
       # overridden in EE::ProtectedBranches module
     end
-
-    private
-
-    def filtered_params
-      return unless params
-
-      params[:name] = sanitize_name(params[:name]) if params[:name].present?
-      params
-    end
   end
 end
diff --git a/app/services/protected_branches/create_service.rb b/app/services/protected_branches/create_service.rb
index ea494dd4426..dada449989a 100644
--- a/app/services/protected_branches/create_service.rb
+++ b/app/services/protected_branches/create_service.rb
@@ -21,7 +21,7 @@ module ProtectedBranches
     end
 
     def protected_branch
-      @protected_branch ||= project.protected_branches.new(filtered_params)
+      @protected_branch ||= project.protected_branches.new(params)
     end
   end
 end
diff --git a/app/services/protected_branches/update_service.rb b/app/services/protected_branches/update_service.rb
index 40e9a286af9..1e70f2d9793 100644
--- a/app/services/protected_branches/update_service.rb
+++ b/app/services/protected_branches/update_service.rb
@@ -8,7 +8,7 @@ module ProtectedBranches
       old_merge_access_levels = protected_branch.merge_access_levels.map(&:clone)
       old_push_access_levels = protected_branch.push_access_levels.map(&:clone)
 
-      if protected_branch.update(filtered_params)
+      if protected_branch.update(params)
         after_execute(protected_branch: protected_branch, old_merge_access_levels: old_merge_access_levels, old_push_access_levels: old_push_access_levels)
       end
 
diff --git a/app/services/protected_tags/base_service.rb b/app/services/protected_tags/base_service.rb
deleted file mode 100644
index e0181815f0f..00000000000
--- a/app/services/protected_tags/base_service.rb
+++ /dev/null
@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-
-module ProtectedTags
-  class BaseService < ::BaseService
-    include ProtectedRefNameSanitizer
-
-    private
-
-    def filtered_params
-      return unless params
-
-      params[:name] = sanitize_name(params[:name]) if params[:name].present?
-      params
-    end
-  end
-end
diff --git a/app/services/protected_tags/create_service.rb b/app/services/protected_tags/create_service.rb
index 7d2b583a295..65303f21a4a 100644
--- a/app/services/protected_tags/create_service.rb
+++ b/app/services/protected_tags/create_service.rb
@@ -1,13 +1,13 @@
 # frozen_string_literal: true
 
 module ProtectedTags
-  class CreateService < ProtectedTags::BaseService
+  class CreateService < ::BaseService
     attr_reader :protected_tag
 
     def execute
       raise Gitlab::Access::AccessDeniedError unless can?(current_user, :admin_project, project)
 
-      project.protected_tags.create(filtered_params)
+      project.protected_tags.create(params)
     end
   end
 end
diff --git a/app/services/protected_tags/update_service.rb b/app/services/protected_tags/update_service.rb
index e337ec39898..283aa8882c5 100644
--- a/app/services/protected_tags/update_service.rb
+++ b/app/services/protected_tags/update_service.rb
@@ -1,11 +1,11 @@
 # frozen_string_literal: true
 
 module ProtectedTags
-  class UpdateService < ProtectedTags::BaseService
+  class UpdateService < ::BaseService
     def execute(protected_tag)
       raise Gitlab::Access::AccessDeniedError unless can?(current_user, :admin_project, project)
 
-      protected_tag.update(filtered_params)
+      protected_tag.update(params)
       protected_tag
     end
   end