diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-12 03:08:51 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-12 03:08:51 +0300 |
commit | 98a00b024553a603e16380b93fc3f89a169bf438 (patch) | |
tree | 4a6dade546a6857bffc21df2126b113528d746d9 /lib | |
parent | c53e365d68ee800702befb15adfdfac708d5de6f (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib')
-rw-r--r-- | lib/api/namespaces.rb | 3 | ||||
-rw-r--r-- | lib/gitlab/slash_commands/presenters/access.rb | 11 | ||||
-rw-r--r-- | lib/gitlab/slash_commands/verify_request.rb | 50 |
3 files changed, 64 insertions, 0 deletions
diff --git a/lib/api/namespaces.rb b/lib/api/namespaces.rb index 750dc7fc2a1..17425c288fc 100644 --- a/lib/api/namespaces.rb +++ b/lib/api/namespaces.rb @@ -34,6 +34,7 @@ module API params do optional :search, type: String, desc: 'Returns a list of namespaces the user is authorized to view based on the search criteria' optional :owned_only, type: Boolean, desc: 'In GitLab 14.2 and later, returns a list of owned namespaces only' + optional :top_level_only, type: Boolean, default: false, desc: 'Only include top level namespaces' use :pagination use :optional_list_params_ee @@ -43,6 +44,8 @@ module API namespaces = current_user.admin ? Namespace.all : current_user.namespaces(owned_only: owned_only) + namespaces = namespaces.top_most if params[:top_level_only] + namespaces = namespaces.without_project_namespaces.include_route namespaces = namespaces.include_gitlab_subscription_with_hosted_plan if Gitlab.ee? diff --git a/lib/gitlab/slash_commands/presenters/access.rb b/lib/gitlab/slash_commands/presenters/access.rb index e098762f290..56a960c9bbf 100644 --- a/lib/gitlab/slash_commands/presenters/access.rb +++ b/lib/gitlab/slash_commands/presenters/access.rb @@ -42,6 +42,17 @@ module Gitlab ephemeral_response(text: message) end + + def confirm(url) + text = [ + _("To ensure the highest security standards, we verify the source of all slash commands."), + Kernel.format(_("Please confirm the request by accessing %{url} through a web browser."), + url: "<#{url}|this link>"), + _("Upon successful validation, you're granted access to slash commands.") + ].join("\n\n") + + ephemeral_response(text: text) + end end end end diff --git a/lib/gitlab/slash_commands/verify_request.rb b/lib/gitlab/slash_commands/verify_request.rb new file mode 100644 index 00000000000..41f71064573 --- /dev/null +++ b/lib/gitlab/slash_commands/verify_request.rb @@ -0,0 +1,50 @@ +# frozen_string_literal: true + +module Gitlab + module SlashCommands + class VerifyRequest + attr_accessor :integration, :chat_name, :response_url + + def initialize(integration, chat_name, response_url = nil) + @integration = integration + @chat_name = chat_name + @response_url = response_url + end + + def approve! + update_token! + update_source_message + end + + def valid? + return false if integration.token.nil? || chat_name.token.nil? + + ActiveSupport::SecurityUtils.secure_compare(integration.token, chat_name.token) + end + + private + + def update_token! + chat_name.update!(token: integration.token) + end + + def update_source_message + request_body = Gitlab::Json.dump(verified_request_body) + + Gitlab::HTTP.post(response_url, body: request_body, headers: headers) + end + + def verified_request_body + { + 'replace_original' => 'true', + 'text' => _("You've successfully verified! You now have access to slash commands. " \ + "Thanks for helping ensure security!") + } + end + + def headers + { 'Content-Type' => 'application/json' } + end + end + end +end |