diff options
Diffstat (limited to 'app/controllers')
20 files changed, 103 insertions, 16 deletions
diff --git a/app/controllers/admin/application_controller.rb b/app/controllers/admin/application_controller.rb index ef182b981f1..b742b7e19cf 100644 --- a/app/controllers/admin/application_controller.rb +++ b/app/controllers/admin/application_controller.rb @@ -4,10 +4,7 @@ # # Automatically sets the layout and ensures an administrator is logged in class Admin::ApplicationController < ApplicationController - before_action :authenticate_admin! - layout 'admin' + include EnforcesAdminAuthentication - def authenticate_admin! - render_404 unless current_user.admin? - end + layout 'admin' end diff --git a/app/controllers/admin/clusters/applications_controller.rb b/app/controllers/admin/clusters/applications_controller.rb new file mode 100644 index 00000000000..7400cc16175 --- /dev/null +++ b/app/controllers/admin/clusters/applications_controller.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +class Admin::Clusters::ApplicationsController < Clusters::ApplicationsController + include EnforcesAdminAuthentication + + private + + def clusterable + @clusterable ||= InstanceClusterablePresenter.fabricate(Clusters::Instance.new, current_user: current_user) + end +end diff --git a/app/controllers/admin/clusters_controller.rb b/app/controllers/admin/clusters_controller.rb new file mode 100644 index 00000000000..f54933de10f --- /dev/null +++ b/app/controllers/admin/clusters_controller.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +class Admin::ClustersController < Clusters::ClustersController + include EnforcesAdminAuthentication + + layout 'admin' + + private + + def clusterable + @clusterable ||= InstanceClusterablePresenter.fabricate(Clusters::Instance.new, current_user: current_user) + end +end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index ceaa84acaba..4cbab6811bc 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -27,6 +27,7 @@ class ApplicationController < ActionController::Base before_action :check_impersonation_availability around_action :set_locale + around_action :set_session_storage after_action :set_page_title_header, if: :json_request? after_action :limit_unauthenticated_session_times @@ -434,6 +435,10 @@ class ApplicationController < ActionController::Base Gitlab::I18n.with_user_locale(current_user, &block) end + def set_session_storage(&block) + Gitlab::Session.with_session(session, &block) + end + def set_page_title_header # Per https://tools.ietf.org/html/rfc5987, headers need to be ISO-8859-1, not UTF-8 response.headers['Page-Title'] = URI.escape(page_title('GitLab')) diff --git a/app/controllers/clusters/clusters_controller.rb b/app/controllers/clusters/clusters_controller.rb index edaf07063ec..73ebd4e0e42 100644 --- a/app/controllers/clusters/clusters_controller.rb +++ b/app/controllers/clusters/clusters_controller.rb @@ -156,6 +156,7 @@ class Clusters::ClustersController < Clusters::BaseController :enabled, :name, :environment_scope, + :managed, provider_gcp_attributes: [ :gcp_project_id, :zone, @@ -174,6 +175,7 @@ class Clusters::ClustersController < Clusters::BaseController :enabled, :name, :environment_scope, + :managed, platform_kubernetes_attributes: [ :namespace, :api_url, diff --git a/app/controllers/concerns/enforces_admin_authentication.rb b/app/controllers/concerns/enforces_admin_authentication.rb new file mode 100644 index 00000000000..3ef92730df6 --- /dev/null +++ b/app/controllers/concerns/enforces_admin_authentication.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +# == EnforcesAdminAuthentication +# +# Controller concern to enforce that users are authenticated as admins +# +# Upon inclusion, adds `authenticate_admin!` as a before_action +# +module EnforcesAdminAuthentication + extend ActiveSupport::Concern + + included do + before_action :authenticate_admin! + end + + def authenticate_admin! + render_404 unless current_user.admin? + end +end diff --git a/app/controllers/groups/variables_controller.rb b/app/controllers/groups/variables_controller.rb index b44e3b0fff4..11e3cfb01e4 100644 --- a/app/controllers/groups/variables_controller.rb +++ b/app/controllers/groups/variables_controller.rb @@ -41,7 +41,7 @@ module Groups end def variable_params_attributes - %i[id key secret_value protected masked _destroy] + %i[id variable_type key secret_value protected masked _destroy] end def authorize_admin_build! diff --git a/app/controllers/help_controller.rb b/app/controllers/help_controller.rb index 10cdce98437..837c26c630a 100644 --- a/app/controllers/help_controller.rb +++ b/app/controllers/help_controller.rb @@ -7,7 +7,7 @@ class HelpController < ApplicationController # Taken from Jekyll # https://github.com/jekyll/jekyll/blob/3.5-stable/lib/jekyll/document.rb#L13 - YAML_FRONT_MATTER_REGEXP = /\A(---\s*\n.*?\n?)^((---|\.\.\.)\s*$\n?)/m + YAML_FRONT_MATTER_REGEXP = /\A(---\s*\n.*?\n?)^((---|\.\.\.)\s*$\n?)/m.freeze def index # Remove YAML frontmatter so that it doesn't look weird diff --git a/app/controllers/import/bitbucket_server_controller.rb b/app/controllers/import/bitbucket_server_controller.rb index 643a3bfed1f..f71ea8642cd 100644 --- a/app/controllers/import/bitbucket_server_controller.rb +++ b/app/controllers/import/bitbucket_server_controller.rb @@ -15,8 +15,8 @@ class Import::BitbucketServerController < Import::BaseController # (https://community.atlassian.com/t5/Answers-Developer-Questions/stash-repository-names/qaq-p/499054) # # Bitbucket Server starts personal project names with a tilde. - VALID_BITBUCKET_PROJECT_CHARS = /\A~?[\w\-\.\s]+\z/ - VALID_BITBUCKET_CHARS = /\A[\w\-\.\s]+\z/ + VALID_BITBUCKET_PROJECT_CHARS = /\A~?[\w\-\.\s]+\z/.freeze + VALID_BITBUCKET_CHARS = /\A[\w\-\.\s]+\z/.freeze def new end diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index d9b3b4bbbd9..2a8dd997d04 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -86,7 +86,8 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController log_audit_event(current_user, with: oauth['provider']) identity_linker ||= auth_module::IdentityLinker.new(current_user, oauth) - identity_linker.link + + link_identity(identity_linker) if identity_linker.changed? redirect_identity_linked @@ -100,6 +101,10 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController end end + def link_identity(identity_linker) + identity_linker.link + end + def redirect_identity_exists redirect_to after_sign_in_path_for(current_user) end diff --git a/app/controllers/profiles/preferences_controller.rb b/app/controllers/profiles/preferences_controller.rb index 0e30df1b15b..62f98d9e549 100644 --- a/app/controllers/profiles/preferences_controller.rb +++ b/app/controllers/profiles/preferences_controller.rb @@ -44,7 +44,9 @@ class Profiles::PreferencesController < Profiles::ApplicationController :project_view, :theme_id, :first_day_of_week, - :preferred_language + :preferred_language, + :time_display_relative, + :time_format_in_24h ] end end diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb index b9c52618d4b..d3746248bd3 100644 --- a/app/controllers/profiles_controller.rb +++ b/app/controllers/profiles_controller.rb @@ -106,6 +106,7 @@ class ProfilesController < Profiles::ApplicationController :organization, :private_profile, :include_private_contributions, + :timezone, status: [:emoji, :message] ) end diff --git a/app/controllers/projects/environments_controller.rb b/app/controllers/projects/environments_controller.rb index d8812c023ca..5a4adea497b 100644 --- a/app/controllers/projects/environments_controller.rb +++ b/app/controllers/projects/environments_controller.rb @@ -14,6 +14,7 @@ class Projects::EnvironmentsController < Projects::ApplicationController push_frontend_feature_flag(:metrics_time_window) push_frontend_feature_flag(:environment_metrics_use_prometheus_endpoint) push_frontend_feature_flag(:environment_metrics_show_multiple_dashboards) + push_frontend_feature_flag(:grafana_dashboard_link) end def index diff --git a/app/controllers/projects/mirrors_controller.rb b/app/controllers/projects/mirrors_controller.rb index ef330ae00f4..6c6adc233b7 100644 --- a/app/controllers/projects/mirrors_controller.rb +++ b/app/controllers/projects/mirrors_controller.rb @@ -81,6 +81,7 @@ class Projects::MirrorsController < Projects::ApplicationController password ssh_known_hosts regenerate_ssh_private_key + _destroy ] ] end diff --git a/app/controllers/projects/pipeline_schedules_controller.rb b/app/controllers/projects/pipeline_schedules_controller.rb index 6b721c8fdf7..72e939a3310 100644 --- a/app/controllers/projects/pipeline_schedules_controller.rb +++ b/app/controllers/projects/pipeline_schedules_controller.rb @@ -98,7 +98,7 @@ class Projects::PipelineSchedulesController < Projects::ApplicationController def schedule_params params.require(:schedule) .permit(:description, :cron, :cron_timezone, :ref, :active, - variables_attributes: [:id, :key, :secret_value, :_destroy] ) + variables_attributes: [:id, :variable_type, :key, :secret_value, :_destroy] ) end def authorize_play_pipeline_schedule! diff --git a/app/controllers/projects/pipelines_controller.rb b/app/controllers/projects/pipelines_controller.rb index 22c4b8eef1f..db3b7c8b177 100644 --- a/app/controllers/projects/pipelines_controller.rb +++ b/app/controllers/projects/pipelines_controller.rb @@ -169,7 +169,7 @@ class Projects::PipelinesController < Projects::ApplicationController end def create_params - params.require(:pipeline).permit(:ref, variables_attributes: %i[key secret_value]) + params.require(:pipeline).permit(:ref, variables_attributes: %i[key variable_type secret_value]) end # rubocop: disable CodeReuse/ActiveRecord diff --git a/app/controllers/projects/settings/operations_controller.rb b/app/controllers/projects/settings/operations_controller.rb index 5cfb0ac307d..b5c77e5bbf4 100644 --- a/app/controllers/projects/settings/operations_controller.rb +++ b/app/controllers/projects/settings/operations_controller.rb @@ -5,6 +5,10 @@ module Projects class OperationsController < Projects::ApplicationController before_action :authorize_update_environment! + before_action do + push_frontend_feature_flag(:grafana_dashboard_link) + end + helper_method :error_tracking_setting def show diff --git a/app/controllers/projects/stages_controller.rb b/app/controllers/projects/stages_controller.rb new file mode 100644 index 00000000000..c8db5b1277f --- /dev/null +++ b/app/controllers/projects/stages_controller.rb @@ -0,0 +1,25 @@ +# frozen_string_literal: true + +class Projects::StagesController < Projects::PipelinesController + before_action :authorize_update_pipeline! + + def play_manual + ::Ci::PlayManualStageService + .new(@project, current_user, pipeline: pipeline) + .execute(stage) + + respond_to do |format| + format.json do + render json: StageSerializer + .new(project: @project, current_user: @current_user) + .represent(stage) + end + end + end + + private + + def stage + @pipeline_stage ||= pipeline.find_stage_by_name!(params[:stage_name]) + end +end diff --git a/app/controllers/projects/variables_controller.rb b/app/controllers/projects/variables_controller.rb index 05a79d59ffd..646728e8167 100644 --- a/app/controllers/projects/variables_controller.rb +++ b/app/controllers/projects/variables_controller.rb @@ -38,6 +38,6 @@ class Projects::VariablesController < Projects::ApplicationController end def variable_params_attributes - %i[id key secret_value protected masked _destroy] + %i[id variable_type key secret_value protected masked _destroy] end end diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb index 568c6e2a852..060b09f015c 100644 --- a/app/controllers/uploads_controller.rb +++ b/app/controllers/uploads_controller.rb @@ -56,8 +56,9 @@ class UploadsController < ApplicationController def authorize_create_access! return unless model - # for now we support only personal snippets comments - authorized = can?(current_user, :comment_personal_snippet, model) + # for now we support only personal snippets comments. Only personal_snippet + # is allowed as a model to #create through routing. + authorized = can?(current_user, :create_note, model) render_unauthorized unless authorized end |