diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-25 18:10:33 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-25 18:10:33 +0300 |
commit | a8c1bc6f757ecacbc3481e52a3f4cefb6c6db5fd (patch) | |
tree | 7ba85d57835274f11674c33155e68b6af33f2687 /app/finders | |
parent | 76ef00aac974a463243dcda6f692b17ff5d439bc (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/finders')
-rw-r--r-- | app/finders/packages/group_or_project_package_finder.rb | 12 | ||||
-rw-r--r-- | app/finders/packages/pypi/package_finder.rb | 10 |
2 files changed, 20 insertions, 2 deletions
diff --git a/app/finders/packages/group_or_project_package_finder.rb b/app/finders/packages/group_or_project_package_finder.rb index fb8bcfc7d42..5b5f70bf459 100644 --- a/app/finders/packages/group_or_project_package_finder.rb +++ b/app/finders/packages/group_or_project_package_finder.rb @@ -26,9 +26,9 @@ module Packages def base if project? - packages_for_project(@project_or_group) + project_packages elsif group? - packages_visible_to_user(@current_user, within_group: @project_or_group) + group_packages else ::Packages::Package.none end @@ -41,5 +41,13 @@ module Packages def group? @project_or_group.is_a?(::Group) end + + def project_packages + packages_for_project(@project_or_group) + end + + def group_packages + packages_visible_to_user(@current_user, within_group: @project_or_group) + end end end diff --git a/app/finders/packages/pypi/package_finder.rb b/app/finders/packages/pypi/package_finder.rb index 574e9770363..3a37e404b79 100644 --- a/app/finders/packages/pypi/package_finder.rb +++ b/app/finders/packages/pypi/package_finder.rb @@ -12,6 +12,16 @@ module Packages def packages base.pypi.has_version end + + def group_packages + # PyPI finds packages without checking permissions. + # The package download endpoint uses obfuscation to secure the file + # instead of authentication. This is behavior the PyPI package + # manager defines and is not something GitLab controls. + ::Packages::Package.for_projects( + @project_or_group.all_projects.select(:id) + ).installable + end end end end |