Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/controllers/concerns
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/concerns')
-rw-r--r--app/controllers/concerns/gitlab_recaptcha.rb22
-rw-r--r--app/controllers/concerns/group_tree.rb8
-rw-r--r--app/controllers/concerns/integrations/actions.rb (renamed from app/controllers/concerns/integrations_actions.rb)4
-rw-r--r--app/controllers/concerns/integrations/hooks_execution.rb (renamed from app/controllers/concerns/hooks_execution.rb)2
-rw-r--r--app/controllers/concerns/integrations/params.rb4
-rw-r--r--app/controllers/concerns/issuable_actions.rb35
-rw-r--r--app/controllers/concerns/oauth_applications.rb10
-rw-r--r--app/controllers/concerns/one_trust_csp.rb2
-rw-r--r--app/controllers/concerns/workhorse_authorization.rb6
9 files changed, 75 insertions, 18 deletions
diff --git a/app/controllers/concerns/gitlab_recaptcha.rb b/app/controllers/concerns/gitlab_recaptcha.rb
new file mode 100644
index 00000000000..15e856463ea
--- /dev/null
+++ b/app/controllers/concerns/gitlab_recaptcha.rb
@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module GitlabRecaptcha
+ extend ActiveSupport::Concern
+ include Recaptcha::Verify
+ include RecaptchaHelper
+
+ def load_recaptcha
+ recaptcha_enabled? && Gitlab::Recaptcha.load_configurations!
+ end
+
+ def check_recaptcha
+ return unless load_recaptcha
+ return if verify_recaptcha
+
+ flash[:alert] = _('There was an error with the reCAPTCHA. Please solve the reCAPTCHA again.')
+ flash.delete :recaptcha_error
+
+ self.resource = resource_class.new
+ render action: 'new'
+ end
+end
diff --git a/app/controllers/concerns/group_tree.rb b/app/controllers/concerns/group_tree.rb
index 35c1f358a77..e02a766d2b9 100644
--- a/app/controllers/concerns/group_tree.rb
+++ b/app/controllers/concerns/group_tree.rb
@@ -38,13 +38,7 @@ module GroupTree
#
# Pagination needs to be applied before loading the ancestors to
# make sure ancestors are not cut off by pagination.
- filtered_groups_relation = Group.where(id: filtered_groups.select(:id))
-
- if Feature.enabled?(:linear_group_tree_ancestor_scopes, current_user, default_enabled: :yaml)
- filtered_groups_relation.self_and_ancestors
- else
- Gitlab::ObjectHierarchy.new(filtered_groups_relation).base_and_ancestors
- end
+ Group.where(id: filtered_groups.select(:id)).self_and_ancestors
end
# rubocop: enable CodeReuse/ActiveRecord
end
diff --git a/app/controllers/concerns/integrations_actions.rb b/app/controllers/concerns/integrations/actions.rb
index dd066cc1b02..6490742c0f8 100644
--- a/app/controllers/concerns/integrations_actions.rb
+++ b/app/controllers/concerns/integrations/actions.rb
@@ -1,6 +1,6 @@
# frozen_string_literal: true
-module IntegrationsActions
+module Integrations::Actions
extend ActiveSupport::Concern
included do
@@ -8,6 +8,8 @@ module IntegrationsActions
include IntegrationsHelper
before_action :integration, only: [:edit, :update, :overrides, :test]
+
+ urgency :low, [:test]
end
def edit
diff --git a/app/controllers/concerns/hooks_execution.rb b/app/controllers/concerns/integrations/hooks_execution.rb
index 87d215f50e7..af039057a9c 100644
--- a/app/controllers/concerns/hooks_execution.rb
+++ b/app/controllers/concerns/integrations/hooks_execution.rb
@@ -1,6 +1,6 @@
# frozen_string_literal: true
-module HooksExecution
+module Integrations::HooksExecution
extend ActiveSupport::Concern
private
diff --git a/app/controllers/concerns/integrations/params.rb b/app/controllers/concerns/integrations/params.rb
index 62585ab95af..201fb1dc83f 100644
--- a/app/controllers/concerns/integrations/params.rb
+++ b/app/controllers/concerns/integrations/params.rb
@@ -9,6 +9,7 @@ module Integrations
:add_pusher,
:alert_events,
:api_key,
+ :api_token,
:api_url,
:bamboo_url,
:branches_to_be_notified,
@@ -74,7 +75,8 @@ module Integrations
:url,
:user_key,
:username,
- :webhook
+ :webhook,
+ :zentao_product_xid
].freeze
def integration_params
diff --git a/app/controllers/concerns/issuable_actions.rb b/app/controllers/concerns/issuable_actions.rb
index e1e662a1968..2d7fbb78209 100644
--- a/app/controllers/concerns/issuable_actions.rb
+++ b/app/controllers/concerns/issuable_actions.rb
@@ -149,8 +149,20 @@ module IssuableActions
.includes(:noteable)
.fresh
+ if paginated_discussions
+ paginated_discussions_by_type = paginated_discussions.records.group_by(&:table_name)
+
+ notes = if paginated_discussions_by_type['notes'].present?
+ notes.with_discussion_ids(paginated_discussions_by_type['notes'].map(&:discussion_id))
+ else
+ notes.none
+ end
+
+ response.headers['X-Next-Page-Cursor'] = paginated_discussions.cursor_for_next_page if paginated_discussions.has_next_page?
+ end
+
if notes_filter != UserPreference::NOTES_FILTERS[:only_comments]
- notes = ResourceEvents::MergeIntoNotesService.new(issuable, current_user).execute(notes)
+ notes = ResourceEvents::MergeIntoNotesService.new(issuable, current_user, paginated_notes: paginated_discussions_by_type).execute(notes)
end
notes = prepare_notes_for_rendering(notes)
@@ -159,9 +171,9 @@ module IssuableActions
discussions = Discussion.build_collection(notes, issuable)
if issuable.is_a?(MergeRequest)
- cache_context = [current_user&.cache_key, project.team.human_max_access(current_user&.id)].join(':')
-
- render_cached(discussions, with: discussion_serializer, cache_context: -> (_) { cache_context }, context: self)
+ render_cached(discussions, with: discussion_serializer, cache_context: -> (_) { discussion_cache_context }, context: self)
+ elsif issuable.is_a?(Issue)
+ render json: discussion_serializer.represent(discussions, context: self) if stale?(etag: [discussion_cache_context, discussions])
else
render json: discussion_serializer.represent(discussions, context: self)
end
@@ -170,6 +182,17 @@ module IssuableActions
private
+ def paginated_discussions
+ return if params[:per_page].blank?
+ return unless issuable.instance_of?(Issue) && Feature.enabled?(:paginated_issue_discussions, project, default_enabled: :yaml)
+
+ strong_memoize(:paginated_discussions) do
+ issuable
+ .discussion_root_note_ids(notes_filter: notes_filter)
+ .keyset_paginate(cursor: params[:cursor], per_page: params[:per_page].to_i)
+ end
+ end
+
def notes_filter
strong_memoize(:notes_filter) do
notes_filter_param = params[:notes_filter]&.to_i
@@ -197,6 +220,10 @@ module IssuableActions
current_user&.user_preference&.previous_changes&.any?
end
+ def discussion_cache_context
+ [current_user&.cache_key, project.team.human_max_access(current_user&.id)].join(':')
+ end
+
def discussion_serializer
DiscussionSerializer.new(project: project, noteable: issuable, current_user: current_user, note_entity: ProjectNoteEntity)
end
diff --git a/app/controllers/concerns/oauth_applications.rb b/app/controllers/concerns/oauth_applications.rb
index d2c746db12d..794307ebb0c 100644
--- a/app/controllers/concerns/oauth_applications.rb
+++ b/app/controllers/concerns/oauth_applications.rb
@@ -3,6 +3,8 @@
module OauthApplications
extend ActiveSupport::Concern
+ CREATED_SESSION_KEY = :oauth_applications_created
+
included do
before_action :prepare_scopes, only: [:create, :update]
end
@@ -15,6 +17,14 @@ module OauthApplications
end
end
+ def set_created_session
+ session[CREATED_SESSION_KEY] = true
+ end
+
+ def get_created_session
+ session.delete(CREATED_SESSION_KEY) || false
+ end
+
def load_scopes
@scopes ||= Doorkeeper.configuration.scopes
end
diff --git a/app/controllers/concerns/one_trust_csp.rb b/app/controllers/concerns/one_trust_csp.rb
index 4e98ec586ca..fbd44f52590 100644
--- a/app/controllers/concerns/one_trust_csp.rb
+++ b/app/controllers/concerns/one_trust_csp.rb
@@ -5,7 +5,7 @@ module OneTrustCSP
included do
content_security_policy do |policy|
- next if policy.directives.blank?
+ next unless helpers.one_trust_enabled? || policy.directives.present?
default_script_src = policy.directives['script-src'] || policy.directives['default-src']
script_src_values = Array.wrap(default_script_src) | ["'unsafe-eval'", 'https://cdn.cookielaw.org https://*.onetrust.com']
diff --git a/app/controllers/concerns/workhorse_authorization.rb b/app/controllers/concerns/workhorse_authorization.rb
index a290ba256b6..f9b85944307 100644
--- a/app/controllers/concerns/workhorse_authorization.rb
+++ b/app/controllers/concerns/workhorse_authorization.rb
@@ -26,7 +26,7 @@ module WorkhorseAuthorization
def file_is_valid?(file)
return false unless file.is_a?(::UploadedFile)
- file_extension_whitelist.include?(File.extname(file.original_filename).downcase.delete('.'))
+ file_extension_allowlist.include?(File.extname(file.original_filename).downcase.delete('.'))
end
def uploader_class
@@ -37,7 +37,7 @@ module WorkhorseAuthorization
raise NotImplementedError
end
- def file_extension_whitelist
- ImportExportUploader::EXTENSION_WHITELIST
+ def file_extension_allowlist
+ ImportExportUploader::EXTENSION_ALLOWLIST
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-11 11:46:40 +0300