module SystemCheck
  module App
    class UploadsPathTmpPermissionCheck < SystemCheck::BaseCheck
      set_name 'Uploads directory tmp has correct permissions?'
      set_skip_reason 'skipped (no tmp uploads folder yet)'

      def skip?
        !File.directory?(uploads_fullpath) || !Dir.exist?(upload_path_tmp)
      end

      def check?
        # If tmp upload dir has incorrect permissions, assume others do as well
        # Verify drwx------ permissions
        File.stat(upload_path_tmp).mode == 040700 && File.owned?(upload_path_tmp)
      end

      def show_error
        try_fixing_it(
          "sudo chown -R #{gitlab_user} #{uploads_fullpath}",
          "sudo find #{uploads_fullpath} -type f -exec chmod 0644 {} \\;",
          "sudo find #{uploads_fullpath} -type d -not -path #{uploads_fullpath} -exec chmod 0700 {} \\;"
        )
        for_more_information(
          see_installation_guide_section 'GitLab'
        )
        fix_and_rerun
      end

      private

      def upload_path_tmp
        File.join(uploads_fullpath, 'tmp')
      end

      def uploads_fullpath
        File.realpath(Rails.root.join('public/uploads'))
      end
    end
  end
end