diff options
Diffstat (limited to 'app/controllers/concerns/send_file_upload.rb')
-rw-r--r-- | app/controllers/concerns/send_file_upload.rb | 11 |
1 files changed, 1 insertions, 10 deletions
diff --git a/app/controllers/concerns/send_file_upload.rb b/app/controllers/concerns/send_file_upload.rb index 2f06cd84ee5..8b053ef7c59 100644 --- a/app/controllers/concerns/send_file_upload.rb +++ b/app/controllers/concerns/send_file_upload.rb @@ -70,16 +70,7 @@ module SendFileUpload Avatarable::ALLOWED_IMAGE_SCALER_WIDTHS.include?(params[:width]&.to_i) end - # We use two separate feature gates to allow image resizing. - # The first, `:dynamic_image_resizing_requester`, based on the content requester. - # Enabling it for the user would allow that user to send resizing requests for any avatar. - # The second, `:dynamic_image_resizing_owner`, based on the content owner. - # Enabling it for the user would allow anyone to send resizing requests against the mentioned user avatar only. - # This flag allows us to operate on trusted data only, more in https://gitlab.com/gitlab-org/gitlab/-/issues/241533. - # Because of this, you need to enable BOTH to serve resized image, - # as you would need at least one allowed requester and at least one allowed avatar. def scaling_allowed_by_feature_flags?(file_upload) - Feature.enabled?(:dynamic_image_resizing_requester, current_user) && - Feature.enabled?(:dynamic_image_resizing_owner, file_upload.model) + Feature.enabled?(:dynamic_image_resizing, default_enabled: true, type: :ops) end end |