Add latest changes from gitlab-org/gitlab@15-2-stable-eev15.2.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-07-20 18:40:28 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-07-20 18:40:28 +0300
commit: b595cb0c1dec83de5bdee18284abe86614bed33b (patch)
tree: 8c3d4540f193c5ff98019352f554e921b3a41a72 /app/controllers/import
parent: 2f9104a328fc8a4bddeaa4627b595166d24671d0 (diff)
7 files changed, 32 insertions, 32 deletions
diff --git a/app/controllers/import/bitbucket_controller.rb b/app/controllers/import/bitbucket_controller.rb
index 55707000cf8..75193309a4e 100644
--- a/app/controllers/import/bitbucket_controller.rb
+++ b/app/controllers/import/bitbucket_controller.rb
@@ -18,14 +18,14 @@ class Import::BitbucketController < Import::BaseController
     if auth_state.blank? || !ActiveSupport::SecurityUtils.secure_compare(auth_state, params[:state])
       go_to_bitbucket_for_permissions
     else
-      response = oauth_client.auth_code.get_token(params[:code], redirect_uri: users_import_bitbucket_callback_url)
+      response = oauth_client.auth_code.get_token(params[:code], redirect_uri: users_import_bitbucket_callback_url(namespace_id: params[:namespace_id]))
 
       session[:bitbucket_token]         = response.token
       session[:bitbucket_expires_at]    = response.expires_at
       session[:bitbucket_expires_in]    = response.expires_in
       session[:bitbucket_refresh_token] = response.refresh_token
 
-      redirect_to status_import_bitbucket_url
+      redirect_to status_import_bitbucket_url(namespace_id: params[:namespace_id])
     end
   end
 
@@ -78,16 +78,15 @@ class Import::BitbucketController < Import::BaseController
     bitbucket_repos.reject { |repo| repo.valid? }
   end
 
+  def provider_url
+    nil
+  end
+
   override :provider_name
   def provider_name
     :bitbucket
   end
 
-  override :provider_url
-  def provider_url
-    provider.url
-  end
-
   private
 
   def oauth_client
@@ -121,7 +120,7 @@ class Import::BitbucketController < Import::BaseController
   def go_to_bitbucket_for_permissions
     state = SecureRandom.base64(64)
     session[:bitbucket_auth_state] = state
-    redirect_to oauth_client.auth_code.authorize_url(redirect_uri: users_import_bitbucket_callback_url, state: state)
+    redirect_to oauth_client.auth_code.authorize_url(redirect_uri: users_import_bitbucket_callback_url(namespace_id: params[:namespace_id]), state: state)
   end
 
   def bitbucket_unauthorized(exception)
diff --git a/app/controllers/import/bitbucket_server_controller.rb b/app/controllers/import/bitbucket_server_controller.rb
index 00f3f0b08b2..12147196749 100644
--- a/app/controllers/import/bitbucket_server_controller.rb
+++ b/app/controllers/import/bitbucket_server_controller.rb
@@ -49,7 +49,7 @@ class Import::BitbucketServerController < Import::BaseController
     session[bitbucket_server_username_key] = params[:bitbucket_server_username]
     session[bitbucket_server_url_key] = params[:bitbucket_server_url]
 
-    redirect_to status_import_bitbucket_server_path
+    redirect_to status_import_bitbucket_server_path(namespace_id: params[:namespace_id])
   end
 
   # We need to re-expose controller's internal method 'status' as action.
@@ -115,7 +115,7 @@ class Import::BitbucketServerController < Import::BaseController
     unless session[bitbucket_server_url_key].present? &&
         session[bitbucket_server_username_key].present? &&
         session[personal_access_token_key].present?
-      redirect_to new_import_bitbucket_server_path
+      redirect_to new_import_bitbucket_server_path(namespace_id: params[:namespace_id])
     end
   end
 
@@ -170,9 +170,6 @@ class Import::BitbucketServerController < Import::BaseController
           }
         }, status: :unprocessable_entity
       end
-      format.html do
-        redirect_to new_import_bitbucket_server_path
-      end
     end
   end
 end
diff --git a/app/controllers/import/bulk_imports_controller.rb b/app/controllers/import/bulk_imports_controller.rb
index 34f12aebb91..2d607fb7ff7 100644
--- a/app/controllers/import/bulk_imports_controller.rb
+++ b/app/controllers/import/bulk_imports_controller.rb
@@ -17,7 +17,7 @@ class Import::BulkImportsController < ApplicationController
     session[access_token_key] = configure_params[access_token_key]&.strip
     session[url_key] = configure_params[url_key]
 
-    redirect_to status_import_bulk_imports_url
+    redirect_to status_import_bulk_imports_url(namespace_id: params[:namespace_id])
   end
 
   def status
@@ -35,6 +35,12 @@ class Import::BulkImportsController < ApplicationController
         render json: json_response
       end
       format.html do
+        if params[:namespace_id]
+          @namespace = Namespace.find_by_id(params[:namespace_id])
+
+          render_404 unless current_user.can?(:create_subgroup, @namespace)
+        end
+
         @source_url = session[url_key]
       end
     end
diff --git a/app/controllers/import/fogbugz_controller.rb b/app/controllers/import/fogbugz_controller.rb
index b949a99c250..7b580234227 100644
--- a/app/controllers/import/fogbugz_controller.rb
+++ b/app/controllers/import/fogbugz_controller.rb
@@ -17,12 +17,12 @@ class Import::FogbugzController < Import::BaseController
       res = Gitlab::FogbugzImport::Client.new(import_params.to_h.symbolize_keys)
     rescue StandardError
       # If the URI is invalid various errors can occur
-      return redirect_to new_import_fogbugz_path, alert: _('Could not connect to FogBugz, check your URL')
+      return redirect_to new_import_fogbugz_path(namespace_id: params[:namespace_id]), alert: _('Could not connect to FogBugz, check your URL')
     end
     session[:fogbugz_token] = res.get_token
     session[:fogbugz_uri] = params[:uri]
 
-    redirect_to new_user_map_import_fogbugz_path
+    redirect_to new_user_map_import_fogbugz_path(namespace_id: params[:namespace_id])
   end
 
   def new_user_map
@@ -41,12 +41,12 @@ class Import::FogbugzController < Import::BaseController
 
     flash[:notice] = _('The user map has been saved. Continue by selecting the projects you want to import.')
 
-    redirect_to status_import_fogbugz_path
+    redirect_to status_import_fogbugz_path(namespace_id: params[:namespace_id])
   end
 
   def status
     unless client.valid?
-      return redirect_to new_import_fogbugz_path
+      return redirect_to new_import_fogbugz_path(namespace_id: params[:namespace_id])
     end
 
     super
@@ -106,7 +106,7 @@ class Import::FogbugzController < Import::BaseController
   end
 
   def fogbugz_unauthorized(exception)
-    redirect_to new_import_fogbugz_path, alert: exception.message
+    redirect_to new_import_fogbugz_path(namespace_id: params[:namespace_id]), alert: exception.message
   end
 
   def import_params
diff --git a/app/controllers/import/gitea_controller.rb b/app/controllers/import/gitea_controller.rb
index 399a92c59e0..4b4ac07b389 100644
--- a/app/controllers/import/gitea_controller.rb
+++ b/app/controllers/import/gitea_controller.rb
@@ -7,7 +7,7 @@ class Import::GiteaController < Import::GithubController
 
   def new
     if session[access_token_key].present? && provider_url.present?
-      redirect_to status_import_url(namespace_id: params[:namespace_id])
+      redirect_to status_import_url
     end
   end
 
diff --git a/app/controllers/import/github_controller.rb b/app/controllers/import/github_controller.rb
index 8dd40b6254e..9cc58ce542c 100644
--- a/app/controllers/import/github_controller.rb
+++ b/app/controllers/import/github_controller.rb
@@ -23,25 +23,24 @@ class Import::GithubController < Import::BaseController
     if !ci_cd_only? && github_import_configured? && logged_in_with_provider?
       go_to_provider_for_permissions
     elsif session[access_token_key]
-      redirect_to status_import_url(namespace_id: params[:namespace_id])
+      redirect_to status_import_url
     end
   end
 
   def callback
     auth_state = session.delete(auth_state_key)
-    namespace_id = session.delete(:namespace_id)
 
     if auth_state.blank? || !ActiveSupport::SecurityUtils.secure_compare(auth_state, params[:state])
       provider_unauthorized
     else
       session[access_token_key] = get_token(params[:code])
-      redirect_to status_import_url(namespace_id: namespace_id)
+      redirect_to status_import_url
     end
   end
 
   def personal_access_token
     session[access_token_key] = params[:personal_access_token]&.strip
-    redirect_to status_import_url(namespace_id: params[:namespace_id].presence)
+    redirect_to status_import_url
   end
 
   def status
@@ -205,15 +204,15 @@ class Import::GithubController < Import::BaseController
   end
 
   def new_import_url
-    public_send("new_import_#{provider_name}_url", extra_import_params) # rubocop:disable GitlabSecurity/PublicSend
+    public_send("new_import_#{provider_name}_url", extra_import_params.merge({ namespace_id: params[:namespace_id] })) # rubocop:disable GitlabSecurity/PublicSend
   end
 
-  def status_import_url(namespace_id: nil)
-    public_send("status_import_#{provider_name}_url", extra_import_params.merge({ namespace_id: namespace_id })) # rubocop:disable GitlabSecurity/PublicSend
+  def status_import_url
+    public_send("status_import_#{provider_name}_url", extra_import_params.merge({ namespace_id: params[:namespace_id].presence })) # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def callback_import_url
-    public_send("users_import_#{provider_name}_callback_url", extra_import_params) # rubocop:disable GitlabSecurity/PublicSend
+    public_send("users_import_#{provider_name}_callback_url", extra_import_params.merge({ namespace_id: params[:namespace_id] })) # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def provider_unauthorized
@@ -255,7 +254,6 @@ class Import::GithubController < Import::BaseController
 
   def provider_auth
     if !ci_cd_only? && session[access_token_key].blank?
-      session[:namespace_id] = params[:namespace_id]
       go_to_provider_for_permissions
     end
   end
diff --git a/app/controllers/import/gitlab_controller.rb b/app/controllers/import/gitlab_controller.rb
index c846d9d225a..dd25698d0a9 100644
--- a/app/controllers/import/gitlab_controller.rb
+++ b/app/controllers/import/gitlab_controller.rb
@@ -12,8 +12,8 @@ class Import::GitlabController < Import::BaseController
   rescue_from OAuth2::Error, with: :gitlab_unauthorized
 
   def callback
-    session[:gitlab_access_token] = client.get_token(params[:code], callback_import_gitlab_url)
-    redirect_to status_import_gitlab_url
+    session[:gitlab_access_token] = client.get_token(params[:code], callback_import_gitlab_url(namespace_id: params[:namespace_id]))
+    redirect_to status_import_gitlab_url(namespace_id: params[:namespace_id])
   end
 
   # We need to re-expose controller's internal method 'status' as action.
@@ -79,7 +79,7 @@ class Import::GitlabController < Import::BaseController
   end
 
   def go_to_gitlab_for_permissions
-    redirect_to client.authorize_url(callback_import_gitlab_url)
+    redirect_to client.authorize_url(callback_import_gitlab_url(namespace_id: params[:namespace_id]))
   end
 
   def gitlab_unauthorized
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-07-20 18:40:28 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-07-20 18:40:28 +0300
commit	b595cb0c1dec83de5bdee18284abe86614bed33b (patch)
tree	8c3d4540f193c5ff98019352f554e921b3a41a72 /app/controllers/import
parent	2f9104a328fc8a4bddeaa4627b595166d24671d0 (diff)