diff options
Diffstat (limited to 'app/services/bulk_imports')
| -rw-r--r-- | app/services/bulk_imports/create_service.rb | 33 | ||||
| -rw-r--r-- | app/services/bulk_imports/file_download_service.rb | 18 |
2 files changed, 43 insertions, 8 deletions
diff --git a/app/services/bulk_imports/create_service.rb b/app/services/bulk_imports/create_service.rb index d3c6dcca588..124b5964232 100644 --- a/app/services/bulk_imports/create_service.rb +++ b/app/services/bulk_imports/create_service.rb @@ -57,11 +57,14 @@ module BulkImports bulk_import = BulkImport.create!( user: current_user, source_type: 'gitlab', - source_version: client.instance_version + source_version: client.instance_version, + source_enterprise: client.instance_enterprise ) bulk_import.create_configuration!(credentials.slice(:url, :access_token)) Array.wrap(params).each do |entity| + track_access_level(entity) + BulkImports::Entity.create!( bulk_import: bulk_import, source_type: entity[:source_type], @@ -75,6 +78,34 @@ module BulkImports end end + def track_access_level(entity) + Gitlab::Tracking.event( + self.class.name, + 'create', + label: 'import_access_level', + user: current_user, + extra: { user_role: user_role(entity[:destination_namespace]), import_type: 'bulk_import_group' } + ) + end + + def user_role(destination_namespace) + namespace = Namespace.find_by_full_path(destination_namespace) + # if there is no parent namespace we assume user will be group creator/owner + return owner_role unless destination_namespace + return owner_role unless namespace + return owner_role unless namespace.group_namespace? # user namespace + + membership = current_user.group_members.find_by(source_id: namespace.id) # rubocop:disable CodeReuse/ActiveRecord + + return 'Not a member' unless membership + + Gitlab::Access.human_access(membership.access_level) + end + + def owner_role + Gitlab::Access.human_access(Gitlab::Access::OWNER) + end + def client @client ||= BulkImports::Clients::HTTP.new( url: @credentials[:url], diff --git a/app/services/bulk_imports/file_download_service.rb b/app/services/bulk_imports/file_download_service.rb index 45f1350df92..ee499c782b4 100644 --- a/app/services/bulk_imports/file_download_service.rb +++ b/app/services/bulk_imports/file_download_service.rb @@ -31,14 +31,13 @@ module BulkImports @tmpdir = tmpdir @file_size_limit = file_size_limit @allowed_content_types = allowed_content_types + @remote_content_validated = false end def execute validate_tmpdir validate_filepath validate_url - validate_content_type - validate_content_length download_file @@ -49,7 +48,7 @@ module BulkImports private - attr_reader :configuration, :relative_url, :tmpdir, :file_size_limit, :allowed_content_types + attr_reader :configuration, :relative_url, :tmpdir, :file_size_limit, :allowed_content_types, :response_headers def download_file File.open(filepath, 'wb') do |file| @@ -58,6 +57,15 @@ module BulkImports http_client.stream(relative_url) do |chunk| next if bytes_downloaded == 0 && [301, 302, 303, 307, 308].include?(chunk.code) + @response_headers ||= Gitlab::HTTP::Response::Headers.new(chunk.http_response.to_hash) + + unless @remote_content_validated + validate_content_type + validate_content_length + + @remote_content_validated = true + end + bytes_downloaded += chunk.size validate_size!(bytes_downloaded) @@ -90,10 +98,6 @@ module BulkImports ::Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services? end - def response_headers - @response_headers ||= http_client.head(relative_url).headers - end - def validate_tmpdir Gitlab::Utils.check_allowed_absolute_path!(tmpdir, [Dir.tmpdir]) end |