diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-09-07 09:11:01 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-09-07 09:11:01 +0300 |
| commit | 4bcd95583079cb769cfe8fa5350cbf3864f15f99 (patch) | |
| tree | 06d948026cb8723ee2f895f9485e1c533f60f552 /lib/api | |
| parent | b34fdc03bd8a2242aa422f3319937b0e0864ced2 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/api')
| -rw-r--r-- | lib/api/entities/feature.rb | 6 | ||||
| -rw-r--r-- | lib/api/helpers.rb | 24 |
2 files changed, 28 insertions, 2 deletions
diff --git a/lib/api/entities/feature.rb b/lib/api/entities/feature.rb index 48dd5a22a7e..f341472e8c2 100644 --- a/lib/api/entities/feature.rb +++ b/lib/api/entities/feature.rb @@ -7,8 +7,10 @@ module API expose :state, documentation: { type: 'string', example: 'off' } expose :gates, using: Entities::FeatureGate do |model| model.gates.map do |gate| - value = model.gate_values[gate.key] - + # in Flipper 0.26.1, they removed two GateValues#[] method calls for performance reasons + # https://github.com/flippercloud/flipper/pull/706/commits/ed914b6adc329455a634be843c38db479299efc7 + # https://github.com/flippercloud/flipper/commit/eee20f3ae278d168c8bf70a7a5fcc03bedf432b5 + value = model.gate_values.send(gate.key) # rubocop:disable GitlabSecurity/PublicSend # By default all gate values are populated. Only show relevant ones. if (value.is_a?(Integer) && value == 0) || (value.is_a?(Set) && value.empty?) next diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index edfb1880dc3..4dcca4bdbf9 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -184,6 +184,30 @@ module API end # rubocop: disable CodeReuse/ActiveRecord + def find_pipeline(id) + return unless id + + if id.to_s =~ INTEGER_ID_REGEX + ::Ci::Pipeline.find_by(id: id) + end + end + # rubocop: enable CodeReuse/ActiveRecord + + def find_pipeline!(id) + pipeline = find_pipeline(id) + check_pipeline_access(pipeline) + end + + def check_pipeline_access(pipeline) + return forbidden! unless authorized_project_scope?(pipeline&.project) + + return pipeline if can?(current_user, :read_pipeline, pipeline) + return unauthorized! if authenticate_non_public? + + not_found!('Pipeline') + end + + # rubocop: disable CodeReuse/ActiveRecord def find_group(id) if id.to_s =~ INTEGER_ID_REGEX Group.find_by(id: id) |