diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-02-24 15:09:55 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-02-24 15:09:55 +0000 |
commit | fd9a56d56f84b36779fc4db2da37204c22585fe4 (patch) | |
tree | c0b1ec9aa2f49aa5623bae34dfef4e286caf56b3 /lib | |
parent | 552e85a58645e5321b33dacc8d410fa88fb75a85 (diff) | |
download | gitlab-ce-fd9a56d56f84b36779fc4db2da37204c22585fe4.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib')
-rw-r--r-- | lib/banzai/filter/inline_observability_filter.rb | 6 | ||||
-rw-r--r-- | lib/banzai/filter/inline_observability_redactor_filter.rb | 77 | ||||
-rw-r--r-- | lib/banzai/pipeline/post_process_pipeline.rb | 1 | ||||
-rw-r--r-- | lib/gitlab/no_cache_headers.rb | 1 | ||||
-rw-r--r-- | lib/gitlab/observability.rb | 13 | ||||
-rw-r--r-- | lib/tasks/gitlab/tw/codeowners.rake | 2 |
6 files changed, 8 insertions, 92 deletions
diff --git a/lib/banzai/filter/inline_observability_filter.rb b/lib/banzai/filter/inline_observability_filter.rb index 334c04f2b59..fdba12b4a0a 100644 --- a/lib/banzai/filter/inline_observability_filter.rb +++ b/lib/banzai/filter/inline_observability_filter.rb @@ -4,7 +4,7 @@ module Banzai module Filter class InlineObservabilityFilter < ::Banzai::Filter::InlineEmbedsFilter def call - return doc unless can_view_observability? + return doc unless Gitlab::Observability.enabled?(group) super end @@ -34,10 +34,6 @@ module Banzai private - def can_view_observability? - Feature.enabled?(:observability_group_tab, group) - end - def group context[:group] || context[:project]&.group end diff --git a/lib/banzai/filter/inline_observability_redactor_filter.rb b/lib/banzai/filter/inline_observability_redactor_filter.rb deleted file mode 100644 index 8cd1084e904..00000000000 --- a/lib/banzai/filter/inline_observability_redactor_filter.rb +++ /dev/null @@ -1,77 +0,0 @@ -# frozen_string_literal: true - -module Banzai - module Filter - class InlineObservabilityRedactorFilter < HTML::Pipeline::Filter - include Gitlab::Utils::StrongMemoize - - CSS_SELECTOR = '.js-render-observability' - - XPATH = Gitlab::Utils::Nokogiri.css_to_xpath(CSS_SELECTOR).freeze - EMBED_LIMIT = 100 - - def call - return doc if Gitlab::Utils.to_boolean(ENV.fetch('STANDALONE_OBSERVABILITY_UI', false)) - - nodes.each do |node| - group_id = group_ids_by_nodes[node] - user_has_access = group_id && user_access_by_group_id[group_id] - node.remove unless user_has_access - end - - doc - end - - private - - def user - context[:current_user] - end - - # Returns all observability embed placeholder nodes - # - # Removes any nodes beyond the first 100 - # - # @return [Nokogiri::XML::NodeSet] - def nodes - nodes = doc.xpath(XPATH) - nodes.drop(EMBED_LIMIT).each(&:remove) - nodes - end - strong_memoize_attr :nodes - - # Returns a mapping representing whether the current user has permission to access observability - # for group-ids linked in by the embed nodes - # - # @return [Hash<String, Boolean>] - def user_access_by_group_id - user_groups_from_nodes.each_with_object({}) do |group, user_access| - user_access[group.id] = Gitlab::Observability.allowed?(user, group, :read_observability) - end - end - strong_memoize_attr :user_access_by_group_id - - # Maps a node to the group_id linked by the node - # - # @return [Hash<Nokogiri::XML::Node, string>] - def group_ids_by_nodes - nodes.each_with_object({}) do |node, group_ids| - url = node.attribute('data-frame-url').to_s - next unless url - - group_id = Gitlab::Observability.group_id_from_url(url) - group_ids[node] = group_id if group_id - end - end - strong_memoize_attr :group_ids_by_nodes - - # Returns the list of groups linked in the embed nodes and readable by the user - # - # @return [ActiveRecord_Relation] - def user_groups_from_nodes - GroupsFinder.new(user, filter_group_ids: group_ids_by_nodes.values.uniq).execute - end - strong_memoize_attr :user_groups_from_nodes - end - end -end diff --git a/lib/banzai/pipeline/post_process_pipeline.rb b/lib/banzai/pipeline/post_process_pipeline.rb index b9cf5b4fbdd..f8035698b9b 100644 --- a/lib/banzai/pipeline/post_process_pipeline.rb +++ b/lib/banzai/pipeline/post_process_pipeline.rb @@ -16,7 +16,6 @@ module Banzai [ Filter::ReferenceRedactorFilter, Filter::InlineMetricsRedactorFilter, - Filter::InlineObservabilityRedactorFilter, # UploadLinkFilter must come before RepositoryLinkFilter to # prevent unnecessary Gitaly calls from being made. Filter::UploadLinkFilter, diff --git a/lib/gitlab/no_cache_headers.rb b/lib/gitlab/no_cache_headers.rb index 2d03741480d..6afb108dcfd 100644 --- a/lib/gitlab/no_cache_headers.rb +++ b/lib/gitlab/no_cache_headers.rb @@ -4,7 +4,6 @@ module Gitlab module NoCacheHeaders DEFAULT_GITLAB_NO_CACHE_HEADERS = { 'Cache-Control' => "#{ActionDispatch::Http::Cache::Response::DEFAULT_CACHE_CONTROL}, no-store, no-cache", - 'Pragma' => 'no-cache', # HTTP 1.0 compatibility 'Expires' => 'Fri, 01 Jan 1990 00:00:00 GMT' }.freeze diff --git a/lib/gitlab/observability.rb b/lib/gitlab/observability.rb index 853eecc946f..47220e33189 100644 --- a/lib/gitlab/observability.rb +++ b/lib/gitlab/observability.rb @@ -19,6 +19,12 @@ module Gitlab 'https://observe.gitlab.com' end + def enabled?(group = nil) + return Feature.enabled?(:observability_group_tab, group) if group + + Feature.enabled?(:observability_group_tab) + end + def valid_observability_url?(url) uri = URI.parse(url) observability_uri = URI.parse(Gitlab::Observability.observability_url) @@ -31,13 +37,6 @@ module Gitlab false end - def group_id_from_url(url) - return unless valid_observability_url?(url) - - group_id = URI.parse(url).path.split('/')[1] - group_id.to_i unless group_id.to_i <= 0 - end - def allowed_for_action?(user, group, action) return false if action.nil? diff --git a/lib/tasks/gitlab/tw/codeowners.rake b/lib/tasks/gitlab/tw/codeowners.rake index 0c6a78ccc77..8861e8574b3 100644 --- a/lib/tasks/gitlab/tw/codeowners.rake +++ b/lib/tasks/gitlab/tw/codeowners.rake @@ -58,7 +58,7 @@ namespace :tw do CodeOwnerRule.new('Pipeline Security', '@marcel.amirault'), CodeOwnerRule.new('Portfolio Management', '@msedlakjakubowski'), CodeOwnerRule.new('Product Analytics', '@lciutacu'), - CodeOwnerRule.new('Product Intelligence', '@dianalogan'), + CodeOwnerRule.new('Product Intelligence', '@lciutacu'), CodeOwnerRule.new('Product Planning', '@msedlakjakubowski'), CodeOwnerRule.new('Project Management', '@msedlakjakubowski'), CodeOwnerRule.new('Provision', '@fneill'), |