diff options
author | Sean McGivern <sean@mcgivern.me.uk> | 2018-02-07 15:02:56 +0000 |
---|---|---|
committer | Sean McGivern <sean@mcgivern.me.uk> | 2018-02-07 15:02:56 +0000 |
commit | ee77bb5f7fad94568af35a3739ca3565a10f41e8 (patch) | |
tree | aad9c5b5f0bb12514ba2bca82ec8cc7ee358ad22 /app | |
parent | eed99e9bb73f3993cc80641fbfef8cc86723f8c1 (diff) | |
parent | bed948321173b49564f39837e97212ee4dd96e03 (diff) | |
download | gitlab-ce-ee77bb5f7fad94568af35a3739ca3565a10f41e8.tar.gz |
Merge branch 'rd-35856-backport-lfs-file-locking-api' into 'master'
Backport LFS File Locking API
Closes #35856
See merge request gitlab-org/gitlab-ce!16935
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/concerns/lfs_request.rb | 6 | ||||
-rw-r--r-- | app/controllers/projects/lfs_api_controller.rb | 2 | ||||
-rw-r--r-- | app/controllers/projects/lfs_locks_api_controller.rb | 70 | ||||
-rw-r--r-- | app/models/lfs_file_lock.rb | 12 | ||||
-rw-r--r-- | app/models/project.rb | 1 | ||||
-rw-r--r-- | app/models/repository.rb | 7 | ||||
-rw-r--r-- | app/serializers/lfs_file_lock_entity.rb | 11 | ||||
-rw-r--r-- | app/serializers/lfs_file_lock_serializer.rb | 3 | ||||
-rw-r--r-- | app/services/lfs/lock_file_service.rb | 39 | ||||
-rw-r--r-- | app/services/lfs/locks_finder_service.rb | 17 | ||||
-rw-r--r-- | app/services/lfs/unlock_file_service.rb | 43 |
11 files changed, 208 insertions, 3 deletions
diff --git a/app/controllers/concerns/lfs_request.rb b/app/controllers/concerns/lfs_request.rb index 4311f9d4db9..5e4e8a87153 100644 --- a/app/controllers/concerns/lfs_request.rb +++ b/app/controllers/concerns/lfs_request.rb @@ -10,6 +10,8 @@ module LfsRequest extend ActiveSupport::Concern + CONTENT_TYPE = 'application/vnd.git-lfs+json'.freeze + included do before_action :require_lfs_enabled! before_action :lfs_check_access! @@ -50,7 +52,7 @@ module LfsRequest message: 'Access forbidden. Check your access level.', documentation_url: help_url }, - content_type: "application/vnd.git-lfs+json", + content_type: CONTENT_TYPE, status: 403 ) end @@ -61,7 +63,7 @@ module LfsRequest message: 'Not found.', documentation_url: help_url }, - content_type: "application/vnd.git-lfs+json", + content_type: CONTENT_TYPE, status: 404 ) end diff --git a/app/controllers/projects/lfs_api_controller.rb b/app/controllers/projects/lfs_api_controller.rb index 536f908d2c5..c77f10ef1dd 100644 --- a/app/controllers/projects/lfs_api_controller.rb +++ b/app/controllers/projects/lfs_api_controller.rb @@ -98,7 +98,7 @@ class Projects::LfsApiController < Projects::GitHttpClientController json: { message: lfs_read_only_message }, - content_type: 'application/vnd.git-lfs+json', + content_type: LfsRequest::CONTENT_TYPE, status: 403 ) end diff --git a/app/controllers/projects/lfs_locks_api_controller.rb b/app/controllers/projects/lfs_locks_api_controller.rb new file mode 100644 index 00000000000..3fff0fd69ae --- /dev/null +++ b/app/controllers/projects/lfs_locks_api_controller.rb @@ -0,0 +1,70 @@ +class Projects::LfsLocksApiController < Projects::GitHttpClientController + include LfsRequest + + def create + @result = Lfs::LockFileService.new(project, user, params).execute + + render_json(@result[:lock]) + end + + def unlock + @result = Lfs::UnlockFileService.new(project, user, params).execute + + render_json(@result[:lock]) + end + + def index + @result = Lfs::LocksFinderService.new(project, user, params).execute + + render_json(@result[:locks]) + end + + def verify + @result = Lfs::LocksFinderService.new(project, user, {}).execute + + ours, theirs = split_by_owner(@result[:locks]) + + render_json({ ours: ours, theirs: theirs }, false) + end + + private + + def render_json(data, process = true) + render json: build_payload(data, process), + content_type: LfsRequest::CONTENT_TYPE, + status: @result[:http_status] + end + + def build_payload(data, process) + data = LfsFileLockSerializer.new.represent(data) if process + + return data if @result[:status] == :success + + # When the locking failed due to an existent Lock, the existent record + # is returned in `@result[:lock]` + error_payload(@result[:message], @result[:lock] ? data : {}) + end + + def error_payload(message, custom_attrs = {}) + custom_attrs.merge({ + message: message, + documentation_url: help_url + }) + end + + def split_by_owner(locks) + groups = locks.partition { |lock| lock.user_id == user.id } + + groups.map! do |records| + LfsFileLockSerializer.new.represent(records, root: false) + end + end + + def download_request? + params[:action] == 'index' + end + + def upload_request? + %w(create unlock verify).include?(params[:action]) + end +end diff --git a/app/models/lfs_file_lock.rb b/app/models/lfs_file_lock.rb new file mode 100644 index 00000000000..50bb6ca382d --- /dev/null +++ b/app/models/lfs_file_lock.rb @@ -0,0 +1,12 @@ +class LfsFileLock < ActiveRecord::Base + belongs_to :project + belongs_to :user + + validates :project_id, :user_id, :path, presence: true + + def can_be_unlocked_by?(current_user, forced = false) + return true if current_user.id == user_id + + forced && current_user.can?(:admin_project, project) + end +end diff --git a/app/models/project.rb b/app/models/project.rb index fd8917467e9..0590cc1c720 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -179,6 +179,7 @@ class Project < ActiveRecord::Base has_many :releases has_many :lfs_objects_projects, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent has_many :lfs_objects, through: :lfs_objects_projects + has_many :lfs_file_locks has_many :project_group_links has_many :invited_groups, through: :project_group_links, source: :group has_many :pages_domains diff --git a/app/models/repository.rb b/app/models/repository.rb index 3d6f8f0c305..1cf55fd4332 100644 --- a/app/models/repository.rb +++ b/app/models/repository.rb @@ -164,6 +164,13 @@ class Repository commits end + # Returns a list of commits that are not present in any reference + def new_commits(newrev) + refs = ::Gitlab::Git::RevList.new(raw, newrev: newrev).new_refs + + refs.map { |sha| commit(sha.strip) } + end + # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/384 def find_commits_by_message(query, ref = nil, path = nil, limit = 1000, offset = 0) unless exists? && has_visible_content? && query.present? diff --git a/app/serializers/lfs_file_lock_entity.rb b/app/serializers/lfs_file_lock_entity.rb new file mode 100644 index 00000000000..264a77adc3f --- /dev/null +++ b/app/serializers/lfs_file_lock_entity.rb @@ -0,0 +1,11 @@ +class LfsFileLockEntity < Grape::Entity + root 'locks', 'lock' + + expose :path + expose(:id) { |entity| entity.id.to_s } + expose(:created_at, as: :locked_at) { |entity| entity.created_at.to_s(:iso8601) } + + expose :owner do + expose(:name) { |entity| entity.user&.name } + end +end diff --git a/app/serializers/lfs_file_lock_serializer.rb b/app/serializers/lfs_file_lock_serializer.rb new file mode 100644 index 00000000000..ba8fb1a461d --- /dev/null +++ b/app/serializers/lfs_file_lock_serializer.rb @@ -0,0 +1,3 @@ +class LfsFileLockSerializer < BaseSerializer + entity LfsFileLockEntity +end diff --git a/app/services/lfs/lock_file_service.rb b/app/services/lfs/lock_file_service.rb new file mode 100644 index 00000000000..bbe10f84ef4 --- /dev/null +++ b/app/services/lfs/lock_file_service.rb @@ -0,0 +1,39 @@ +module Lfs + class LockFileService < BaseService + def execute + unless can?(current_user, :push_code, project) + raise Gitlab::GitAccess::UnauthorizedError, 'You have no permissions' + end + + create_lock! + rescue ActiveRecord::RecordNotUnique + error('already locked', 409, current_lock) + rescue Gitlab::GitAccess::UnauthorizedError => ex + error(ex.message, 403) + rescue => ex + error(ex.message, 500) + end + + private + + def current_lock + project.lfs_file_locks.find_by(path: params[:path]) + end + + def create_lock! + lock = project.lfs_file_locks.create!(user: current_user, + path: params[:path]) + + success(http_status: 201, lock: lock) + end + + def error(message, http_status, lock = nil) + { + status: :error, + message: message, + http_status: http_status, + lock: lock + } + end + end +end diff --git a/app/services/lfs/locks_finder_service.rb b/app/services/lfs/locks_finder_service.rb new file mode 100644 index 00000000000..13c6cc6f81c --- /dev/null +++ b/app/services/lfs/locks_finder_service.rb @@ -0,0 +1,17 @@ +module Lfs + class LocksFinderService < BaseService + def execute + success(locks: find_locks) + rescue => ex + error(ex.message, 500) + end + + private + + def find_locks + options = params.slice(:id, :path).compact.symbolize_keys + + project.lfs_file_locks.where(options) + end + end +end diff --git a/app/services/lfs/unlock_file_service.rb b/app/services/lfs/unlock_file_service.rb new file mode 100644 index 00000000000..6c93dc69bb0 --- /dev/null +++ b/app/services/lfs/unlock_file_service.rb @@ -0,0 +1,43 @@ +module Lfs + class UnlockFileService < BaseService + def execute + unless can?(current_user, :push_code, project) + raise Gitlab::GitAccess::UnauthorizedError, 'You have no permissions' + end + + unlock_file + rescue Gitlab::GitAccess::UnauthorizedError => ex + error(ex.message, 403) + rescue ActiveRecord::RecordNotFound + error('Lock not found', 404) + rescue => ex + error(ex.message, 500) + end + + private + + def unlock_file + forced = params[:force] == true + + if lock.can_be_unlocked_by?(current_user, forced) + lock.destroy! + + success(lock: lock, http_status: :ok) + elsif forced + error('You must have master access to force delete a lock', 403) + else + error("#{lock.path} is locked by GitLab User #{lock.user_id}", 403) + end + end + + def lock + return @lock if defined?(@lock) + + @lock = if params[:id].present? + project.lfs_file_locks.find(params[:id]) + elsif params[:path].present? + project.lfs_file_locks.find_by!(path: params[:path]) + end + end + end +end |