Merge branch 'osw-persist-tmp-snippet-uploads' into 'master'

Persist tmp snippet uploads at users

See merge request gitlab/gitlabhq!3138

5 files changed, 87 insertions, 32 deletions

diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb
index 8ea5450b4e8..fad036b8df8 100644
--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -137,7 +137,7 @@ class SnippetsController < ApplicationController
 
   def move_temporary_files
     params[:files].each do |file|
-      FileMover.new(file, @snippet).execute
+      FileMover.new(file, from_model: current_user, to_model: @snippet).execute
     end
   end
 end
diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb
index 5d28635232b..94bd18f70d4 100644
--- a/app/controllers/uploads_controller.rb
+++ b/app/controllers/uploads_controller.rb
@@ -41,7 +41,11 @@ class UploadsController < ApplicationController
       when Note
         can?(current_user, :read_project, model.project)
       when User
-        true
+        # We validate the current user has enough (writing)
+        # access to itself when a secret is given.
+        # For instance, user avatars are readable by anyone,
+        # while temporary, user snippet uploads are not.
+        !secret? || can?(current_user, :update_user, model)
       when Appearance
         true
       else
@@ -56,9 +60,13 @@ class UploadsController < ApplicationController
   def authorize_create_access!
     return unless model
 
-    # for now we support only personal snippets comments. Only personal_snippet
-    # is allowed as a model to #create through routing.
-    authorized = can?(current_user, :create_note, model)
+    authorized =
+      case model
+      when User
+        can?(current_user, :update_user, model)
+      else
+        can?(current_user, :create_note, model)
+      end
 
     render_unauthorized unless authorized
   end
@@ -75,6 +83,10 @@ class UploadsController < ApplicationController
     User === model || Appearance === model
   end
 
+  def secret?
+    params[:secret].present?
+  end
+
   def upload_model_class
     MODEL_CLASSES[params[:model]] || raise(UnknownUploadModelError)
   end
diff --git a/app/helpers/snippets_helper.rb b/app/helpers/snippets_helper.rb
index ecb2b2d707b..6ccc1fb2ed1 100644
--- a/app/helpers/snippets_helper.rb
+++ b/app/helpers/snippets_helper.rb
@@ -1,6 +1,16 @@
 # frozen_string_literal: true
 
 module SnippetsHelper
+  def snippets_upload_path(snippet, user)
+    return unless user
+
+    if snippet&.persisted?
+      upload_path('personal_snippet', id: snippet.id)
+    else
+      upload_path('user', id: user.id)
+    end
+  end
+
   def reliable_snippet_path(snippet, opts = nil)
     if snippet.project_id?
       project_snippet_path(snippet.project, snippet, opts)
diff --git a/app/uploaders/file_mover.rb b/app/uploaders/file_mover.rb
index 236b7ed2b3d..12be1e2bb22 100644
--- a/app/uploaders/file_mover.rb
+++ b/app/uploaders/file_mover.rb
@@ -1,22 +1,29 @@
 # frozen_string_literal: true
 
 class FileMover
-  attr_reader :secret, :file_name, :model, :update_field
+  include Gitlab::Utils::StrongMemoize
 
-  def initialize(file_path, model, update_field = :description)
+  attr_reader :secret, :file_name, :from_model, :to_model, :update_field
+
+  def initialize(file_path, update_field = :description, from_model:, to_model:)
     @secret = File.split(File.dirname(file_path)).last
     @file_name = File.basename(file_path)
-    @model = model
+    @from_model = from_model
+    @to_model = to_model
     @update_field = update_field
   end
 
   def execute
+    temp_file_uploader.retrieve_from_store!(file_name)
+
     return unless valid?
 
+    uploader.retrieve_from_store!(file_name)
+
     move
 
     if update_markdown
-      uploader.record_upload
+      update_upload_model
       uploader.schedule_background_upload
     end
   end
@@ -24,52 +31,77 @@ class FileMover
   private
 
   def valid?
-    Pathname.new(temp_file_path).realpath.to_path.start_with?(
-      (Pathname(temp_file_uploader.root) + temp_file_uploader.base_dir).to_path
-    )
+    if temp_file_uploader.file_storage?
+      Pathname.new(temp_file_path).realpath.to_path.start_with?(
+        (Pathname(temp_file_uploader.root) + temp_file_uploader.base_dir).to_path
+      )
+    else
+      temp_file_uploader.exists?
+    end
   end
 
   def move
-    FileUtils.mkdir_p(File.dirname(file_path))
-    FileUtils.move(temp_file_path, file_path)
+    if temp_file_uploader.file_storage?
+      FileUtils.mkdir_p(File.dirname(file_path))
+      FileUtils.move(temp_file_path, file_path)
+    else
+      uploader.copy_file(temp_file_uploader.file)
+      temp_file_uploader.upload.destroy!
+    end
   end
 
   def update_markdown
-    updated_text = model.read_attribute(update_field)
-                        .gsub(temp_file_uploader.markdown_link, uploader.markdown_link)
-    model.update_attribute(update_field, updated_text)
+    updated_text = to_model.read_attribute(update_field)
+                           .gsub(temp_file_uploader.markdown_link, uploader.markdown_link)
+    to_model.update_attribute(update_field, updated_text)
   rescue
     revert
     false
   end
 
-  def temp_file_path
-    return @temp_file_path if @temp_file_path
+  def update_upload_model
+    return unless upload = temp_file_uploader.upload
+    return if upload.destroyed?
 
-    temp_file_uploader.retrieve_from_store!(file_name)
+    upload.update!(model: to_model)
+  end
 
-    @temp_file_path = temp_file_uploader.file.path
+  def temp_file_path
+    strong_memoize(:temp_file_path) do
+      temp_file_uploader.file.path
+    end
   end
 
   def file_path
-    return @file_path if @file_path
-
-    uploader.retrieve_from_store!(file_name)
-
-    @file_path = uploader.file.path
+    strong_memoize(:file_path) do
+      uploader.file.path
+    end
   end
 
   def uploader
-    @uploader ||= PersonalFileUploader.new(model, secret: secret)
+    @uploader ||=
+      begin
+        uploader = PersonalFileUploader.new(to_model, secret: secret)
+
+        # Enforcing a REMOTE object storage given FileUploader#retrieve_from_store! won't do it
+        # (there's no upload at the target yet).
+        if uploader.class.object_store_enabled?
+          uploader.object_store = ::ObjectStorage::Store::REMOTE
+        end
+
+        uploader
+      end
   end
 
   def temp_file_uploader
-    @temp_file_uploader ||= PersonalFileUploader.new(nil, secret: secret)
+    @temp_file_uploader ||= PersonalFileUploader.new(from_model, secret: secret)
   end
 
   def revert
-    Rails.logger.warn("Markdown not updated, file move reverted for #{model}")
+    Rails.logger.warn("Markdown not updated, file move reverted for #{to_model}")
 
-    FileUtils.move(file_path, temp_file_path)
+    if temp_file_uploader.file_storage?
+      FileUtils.move(file_path, temp_file_path)
+    end
   end
 end
diff --git a/app/views/layouts/snippets.html.haml b/app/views/layouts/snippets.html.haml
index 5f986c81ff4..841b2a5e79c 100644
--- a/app/views/layouts/snippets.html.haml
+++ b/app/views/layouts/snippets.html.haml
@@ -1,9 +1,10 @@
 - header_title _("Snippets"), snippets_path
+- snippets_upload_path = snippets_upload_path(@snippet, current_user)
 
 - content_for :page_specific_javascripts do
-  - if @snippet && current_user
+  - if snippets_upload_path
     -# haml-lint:disable InlineJavaScript
     :javascript
-      window.uploads_path = "#{upload_path('personal_snippet', id: @snippet.id)}";
+      window.uploads_path = "#{snippets_upload_path}";
 
 = render template: "layouts/application"