Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/services/projects/readme_renderer_service.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/services/projects/readme_renderer_service.rb')
-rw-r--r--app/services/projects/readme_renderer_service.rb27
1 files changed, 27 insertions, 0 deletions
diff --git a/app/services/projects/readme_renderer_service.rb b/app/services/projects/readme_renderer_service.rb
new file mode 100644
index 00000000000..6871976aded
--- /dev/null
+++ b/app/services/projects/readme_renderer_service.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Projects
+ class ReadmeRendererService < BaseService
+ include Rails.application.routes.url_helpers
+
+ TEMPLATE_PATH = Rails.root.join('app', 'views', 'projects', 'readme_templates')
+
+ def execute
+ render(params[:template_name] || :default)
+ end
+
+ private
+
+ def render(template_name)
+ ERB.new(File.read(sanitized_filename(template_name)), trim_mode: '<>').result(binding)
+ end
+
+ def sanitized_filename(template_name)
+ path = Gitlab::Utils.check_path_traversal!("#{template_name}.md.tt")
+ path = TEMPLATE_PATH.join(path).to_s
+ Gitlab::Utils.check_allowed_absolute_path!(path, [TEMPLATE_PATH.to_s])
+
+ path
+ end
+ end
+end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-14 21:28:17 +0300