Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/gitlab/import_export
diff options
context:
space:
mode:
authorJosé Iván Vargas López <jvargas@gitlab.com>2018-08-29 00:29:06 +0300
committerJosé Iván Vargas López <jvargas@gitlab.com>2018-08-29 00:29:06 +0300
commit27580720e1c26e0508960152753d2230cebbe681 (patch)
tree7cec3ef7b9834846ee473790e465851c9ea27b04 /lib/gitlab/import_export
parent365217eb9a3272133b6db53726d443f1eb126cde (diff)
parent029d5eeb9d2520ba341b3e4e0939e85b4ebd7033 (diff)
Merge branch 'security-mk-exclude-orphaned-upload-files-from-export' into 'master'
[master] Resolve "Orphaned upload files are accessible via project exports" Closes #2695 See merge request gitlab/gitlabhq!2453
Diffstat (limited to 'lib/gitlab/import_export')
-rw-r--r--lib/gitlab/import_export/uploads_manager.rb19
1 files changed, 11 insertions, 8 deletions
diff --git a/lib/gitlab/import_export/uploads_manager.rb b/lib/gitlab/import_export/uploads_manager.rb
index 07875ebb56a..e0d4235e65b 100644
--- a/lib/gitlab/import_export/uploads_manager.rb
+++ b/lib/gitlab/import_export/uploads_manager.rb
@@ -13,13 +13,11 @@ module Gitlab
end
def save
- copy_files(@from, uploads_export_path) if File.directory?(@from)
-
if File.file?(@from) && @relative_export_path == 'avatar'
copy_files(@from, File.join(uploads_export_path, @project.avatar.filename))
end
- copy_from_object_storage
+ copy_project_uploads
true
rescue => e
@@ -48,14 +46,19 @@ module Gitlab
UploadService.new(@project, File.open(upload, 'r'), FileUploader, uploader_context).execute
end
- def copy_from_object_storage
- return unless Gitlab::ImportExport.object_storage?
-
+ def copy_project_uploads
each_uploader do |uploader|
next unless uploader.file
- next if uploader.upload.local? # Already copied, using the old method
- download_and_copy(uploader)
+ if uploader.upload.local?
+ next unless uploader.upload.exist?
+
+ copy_files(uploader.absolute_path, File.join(uploads_export_path, uploader.upload.path))
+ else
+ next unless Gitlab::ImportExport.object_storage?
+
+ download_and_copy(uploader)
+ end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-15 23:43:29 +0300