summaryrefslogtreecommitdiff
path: root/app/controllers/concerns
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/concerns')
-rw-r--r--app/controllers/concerns/dependency_proxy/auth.rb43
-rw-r--r--app/controllers/concerns/dependency_proxy/group_access.rb26
-rw-r--r--app/controllers/concerns/dependency_proxy_access.rb24
-rw-r--r--app/controllers/concerns/integrations_actions.rb11
-rw-r--r--app/controllers/concerns/issuable_collections.rb2
-rw-r--r--app/controllers/concerns/service_params.rb3
-rw-r--r--app/controllers/concerns/snippets_actions.rb3
-rw-r--r--app/controllers/concerns/sorting_preference.rb27
-rw-r--r--app/controllers/concerns/wiki_actions.rb28
-rw-r--r--app/controllers/concerns/workhorse_authorization.rb (renamed from app/controllers/concerns/workhorse_import_export_upload.rb)20
10 files changed, 136 insertions, 51 deletions
diff --git a/app/controllers/concerns/dependency_proxy/auth.rb b/app/controllers/concerns/dependency_proxy/auth.rb
new file mode 100644
index 00000000000..1276feedba6
--- /dev/null
+++ b/app/controllers/concerns/dependency_proxy/auth.rb
@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module DependencyProxy
+ module Auth
+ extend ActiveSupport::Concern
+
+ included do
+ # We disable `authenticate_user!` since the `DependencyProxy::Auth` performs auth using JWT token
+ skip_before_action :authenticate_user!, raise: false
+ prepend_before_action :authenticate_user_from_jwt_token!
+ end
+
+ def authenticate_user_from_jwt_token!
+ return unless dependency_proxy_for_private_groups?
+
+ authenticate_with_http_token do |token, _|
+ user = user_from_token(token)
+ sign_in(user) if user
+ end
+
+ request_bearer_token! unless current_user
+ end
+
+ private
+
+ def dependency_proxy_for_private_groups?
+ Feature.enabled?(:dependency_proxy_for_private_groups, default_enabled: true)
+ end
+
+ def request_bearer_token!
+ # unfortunately, we cannot use https://api.rubyonrails.org/classes/ActionController/HttpAuthentication/Token.html#method-i-authentication_request
+ response.headers['WWW-Authenticate'] = ::DependencyProxy::Registry.authenticate_header
+ render plain: '', status: :unauthorized
+ end
+
+ def user_from_token(token)
+ token_payload = DependencyProxy::AuthTokenService.decoded_token_payload(token)
+ User.find(token_payload['user_id'])
+ rescue JWT::DecodeError, JWT::ExpiredSignature, JWT::ImmatureSignature
+ nil
+ end
+ end
+end
diff --git a/app/controllers/concerns/dependency_proxy/group_access.rb b/app/controllers/concerns/dependency_proxy/group_access.rb
new file mode 100644
index 00000000000..2a923d02752
--- /dev/null
+++ b/app/controllers/concerns/dependency_proxy/group_access.rb
@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module DependencyProxy
+ module GroupAccess
+ extend ActiveSupport::Concern
+
+ included do
+ before_action :verify_dependency_proxy_enabled!
+ before_action :authorize_read_dependency_proxy!
+ end
+
+ private
+
+ def verify_dependency_proxy_enabled!
+ render_404 unless group.dependency_proxy_feature_available?
+ end
+
+ def authorize_read_dependency_proxy!
+ access_denied! unless can?(current_user, :read_dependency_proxy, group)
+ end
+
+ def authorize_admin_dependency_proxy!
+ access_denied! unless can?(current_user, :admin_dependency_proxy, group)
+ end
+ end
+end
diff --git a/app/controllers/concerns/dependency_proxy_access.rb b/app/controllers/concerns/dependency_proxy_access.rb
deleted file mode 100644
index 5036d0cfce4..00000000000
--- a/app/controllers/concerns/dependency_proxy_access.rb
+++ /dev/null
@@ -1,24 +0,0 @@
-# frozen_string_literal: true
-
-module DependencyProxyAccess
- extend ActiveSupport::Concern
-
- included do
- before_action :verify_dependency_proxy_enabled!
- before_action :authorize_read_dependency_proxy!
- end
-
- private
-
- def verify_dependency_proxy_enabled!
- render_404 unless group.dependency_proxy_feature_available?
- end
-
- def authorize_read_dependency_proxy!
- access_denied! unless can?(current_user, :read_dependency_proxy, group)
- end
-
- def authorize_admin_dependency_proxy!
- access_denied! unless can?(current_user, :admin_dependency_proxy, group)
- end
-end
diff --git a/app/controllers/concerns/integrations_actions.rb b/app/controllers/concerns/integrations_actions.rb
index 8e9b038437d..baebedb8e5d 100644
--- a/app/controllers/concerns/integrations_actions.rb
+++ b/app/controllers/concerns/integrations_actions.rb
@@ -6,7 +6,6 @@ module IntegrationsActions
included do
include ServiceParams
- before_action :not_found, unless: :integrations_enabled?
before_action :integration, only: [:edit, :update, :test]
end
@@ -43,12 +42,16 @@ module IntegrationsActions
render json: {}, status: :ok
end
- private
+ def reset
+ integration.destroy!
+
+ flash[:notice] = s_('Integrations|This integration, and inheriting projects were reset.')
- def integrations_enabled?
- false
+ render json: {}, status: :ok
end
+ private
+
def integration
# Using instance variable `@service` still required as it's used in ServiceParams.
# Should be removed once that is refactored to use `@integration`.
diff --git a/app/controllers/concerns/issuable_collections.rb b/app/controllers/concerns/issuable_collections.rb
index 0d7af57328a..3f5f3b6e9df 100644
--- a/app/controllers/concerns/issuable_collections.rb
+++ b/app/controllers/concerns/issuable_collections.rb
@@ -150,7 +150,7 @@ module IssuableCollections
common_attributes + [:project, project: :namespace]
when 'MergeRequest'
common_attributes + [
- :target_project, :latest_merge_request_diff, :approvals, :approved_by_users,
+ :target_project, :latest_merge_request_diff, :approvals, :approved_by_users, :reviewers,
source_project: :route, head_pipeline: :project, target_project: :namespace
]
end
diff --git a/app/controllers/concerns/service_params.rb b/app/controllers/concerns/service_params.rb
index a19c43a227a..c295290a123 100644
--- a/app/controllers/concerns/service_params.rb
+++ b/app/controllers/concerns/service_params.rb
@@ -23,6 +23,9 @@ module ServiceParams
:comment_detail,
:confidential_issues_events,
:confluence_url,
+ :datadog_site,
+ :datadog_env,
+ :datadog_service,
:default_irc_uri,
:device,
:disable_diffs,
diff --git a/app/controllers/concerns/snippets_actions.rb b/app/controllers/concerns/snippets_actions.rb
index 0153ede2821..c93e75b438b 100644
--- a/app/controllers/concerns/snippets_actions.rb
+++ b/app/controllers/concerns/snippets_actions.rb
@@ -9,11 +9,14 @@ module SnippetsActions
include Gitlab::NoteableMetadata
include Snippets::SendBlob
include SnippetsSort
+ include RedisTracking
included do
skip_before_action :verify_authenticity_token,
if: -> { action_name == 'show' && js_request? }
+ track_redis_hll_event :show, name: 'i_snippets_show', feature: :usage_data_i_snippets_show, feature_default_enabled: true
+
respond_to :html
end
diff --git a/app/controllers/concerns/sorting_preference.rb b/app/controllers/concerns/sorting_preference.rb
index a51b68147d5..8d8845e2f41 100644
--- a/app/controllers/concerns/sorting_preference.rb
+++ b/app/controllers/concerns/sorting_preference.rb
@@ -4,8 +4,11 @@ module SortingPreference
include SortingHelper
include CookiesHelper
- def set_sort_order
- set_sort_order_from_user_preference || set_sort_order_from_cookie || params[:sort] || default_sort_order
+ def set_sort_order(field = sorting_field, default_order = default_sort_order)
+ set_sort_order_from_user_preference(field) ||
+ set_sort_order_from_cookie(field) ||
+ params[:sort] ||
+ default_order
end
# Implement sorting_field method on controllers
@@ -29,42 +32,42 @@ module SortingPreference
private
- def set_sort_order_from_user_preference
+ def set_sort_order_from_user_preference(field = sorting_field)
return unless current_user
- return unless sorting_field
+ return unless field
user_preference = current_user.user_preference
sort_param = params[:sort]
- sort_param ||= user_preference[sorting_field]
+ sort_param ||= user_preference[field]
return sort_param if Gitlab::Database.read_only?
- if user_preference[sorting_field] != sort_param
- user_preference.update(sorting_field => sort_param)
+ if user_preference[field] != sort_param
+ user_preference.update(field => sort_param)
end
sort_param
end
- def set_sort_order_from_cookie
+ def set_sort_order_from_cookie(field = sorting_field)
return unless legacy_sort_cookie_name
sort_param = params[:sort] if params[:sort].present?
# fallback to legacy cookie value for backward compatibility
sort_param ||= cookies[legacy_sort_cookie_name]
- sort_param ||= cookies[remember_sorting_key]
+ sort_param ||= cookies[remember_sorting_key(field)]
sort_value = update_cookie_value(sort_param)
- set_secure_cookie(remember_sorting_key, sort_value)
+ set_secure_cookie(remember_sorting_key(field), sort_value)
sort_value
end
# Convert sorting_field to legacy cookie name for backwards compatibility
# :merge_requests_sort => 'mergerequest_sort'
# :issues_sort => 'issue_sort'
- def remember_sorting_key
- @remember_sorting_key ||= sorting_field
+ def remember_sorting_key(field = sorting_field)
+ @remember_sorting_key ||= field
.to_s
.split('_')[0..-2]
.map(&:singularize)
diff --git a/app/controllers/concerns/wiki_actions.rb b/app/controllers/concerns/wiki_actions.rb
index 6abb2e16226..1ae90edd8f7 100644
--- a/app/controllers/concerns/wiki_actions.rb
+++ b/app/controllers/concerns/wiki_actions.rb
@@ -8,6 +8,8 @@ module WikiActions
include RedisTracking
extend ActiveSupport::Concern
+ RESCUE_GIT_TIMEOUTS_IN = %w[show edit history diff pages].freeze
+
included do
before_action { respond_to :html }
@@ -38,6 +40,12 @@ module WikiActions
feature: :track_unique_wiki_page_views, feature_default_enabled: true
helper_method :view_file_button, :diff_file_html_data
+
+ rescue_from ::Gitlab::Git::CommandTimedOut do |exc|
+ raise exc unless RESCUE_GIT_TIMEOUTS_IN.include?(action_name)
+
+ render 'shared/wikis/git_error'
+ end
end
def new
@@ -46,11 +54,7 @@ module WikiActions
# rubocop:disable Gitlab/ModuleWithInstanceVariables
def pages
- @wiki_pages = Kaminari.paginate_array(
- wiki.list_pages(sort: params[:sort], direction: params[:direction])
- ).page(params[:page])
-
- @wiki_entries = WikiDirectory.group_pages(@wiki_pages)
+ @wiki_entries = WikiDirectory.group_pages(wiki_pages)
render 'shared/wikis/pages'
end
@@ -182,6 +186,10 @@ module WikiActions
end
# rubocop:enable Gitlab/ModuleWithInstanceVariables
+ def git_access
+ render 'shared/wikis/git_access'
+ end
+
private
def container
@@ -225,9 +233,19 @@ module WikiActions
unless @sidebar_page # Fallback to default sidebar
@sidebar_wiki_entries, @sidebar_limited = wiki.sidebar_entries
end
+ rescue ::Gitlab::Git::CommandTimedOut => e
+ @sidebar_error = e
end
# rubocop:enable Gitlab/ModuleWithInstanceVariables
+ def wiki_pages
+ strong_memoize(:wiki_pages) do
+ Kaminari.paginate_array(
+ wiki.list_pages(sort: params[:sort], direction: params[:direction])
+ ).page(params[:page])
+ end
+ end
+
def wiki_params
params.require(:wiki).permit(:title, :content, :format, :message, :last_commit_sha)
end
diff --git a/app/controllers/concerns/workhorse_import_export_upload.rb b/app/controllers/concerns/workhorse_authorization.rb
index 3c52f4d7adf..a290ba256b6 100644
--- a/app/controllers/concerns/workhorse_import_export_upload.rb
+++ b/app/controllers/concerns/workhorse_authorization.rb
@@ -1,6 +1,6 @@
# frozen_string_literal: true
-module WorkhorseImportExportUpload
+module WorkhorseAuthorization
extend ActiveSupport::Concern
include WorkhorseRequest
@@ -12,10 +12,9 @@ module WorkhorseImportExportUpload
def authorize
set_workhorse_internal_api_content_type
- authorized = ImportExportUploader.workhorse_authorize(
+ authorized = uploader_class.workhorse_authorize(
has_length: false,
- maximum_size: Gitlab::CurrentSettings.max_import_size.megabytes
- )
+ maximum_size: maximum_size.to_i)
render json: authorized
rescue SocketError
@@ -27,7 +26,18 @@ module WorkhorseImportExportUpload
def file_is_valid?(file)
return false unless file.is_a?(::UploadedFile)
+ file_extension_whitelist.include?(File.extname(file.original_filename).downcase.delete('.'))
+ end
+
+ def uploader_class
+ raise NotImplementedError
+ end
+
+ def maximum_size
+ raise NotImplementedError
+ end
+
+ def file_extension_whitelist
ImportExportUploader::EXTENSION_WHITELIST
- .include?(File.extname(file.original_filename).delete('.'))
end
end
View Lorry Controller Status