Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/services/web_hook_service.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/services/web_hook_service.rb')
-rw-r--r--app/services/web_hook_service.rb39
1 files changed, 26 insertions, 13 deletions
diff --git a/app/services/web_hook_service.rb b/app/services/web_hook_service.rb
index 33e34ec41e2..b1d8872aa5e 100644
--- a/app/services/web_hook_service.rb
+++ b/app/services/web_hook_service.rb
@@ -34,11 +34,12 @@ class WebHookService
hook_name.to_s.singularize.titleize
end
- def initialize(hook, data, hook_name, uniqueness_token = nil)
+ def initialize(hook, data, hook_name, uniqueness_token = nil, force: false)
@hook = hook
@data = data
@hook_name = hook_name.to_s
@uniqueness_token = uniqueness_token
+ @force = force
@request_options = {
timeout: Gitlab.config.gitlab.webhook_timeout,
use_read_total_timeout: true,
@@ -46,10 +47,17 @@ class WebHookService
}
end
+ def disabled?
+ !@force && !hook.executable?
+ end
+
def execute
- return { status: :error, message: 'Hook disabled' } unless hook.executable?
+ return { status: :error, message: 'Hook disabled' } if disabled?
- log_recursion_limit if recursion_blocked?
+ if recursion_blocked?
+ log_recursion_blocked
+ return { status: :error, message: 'Recursive webhook blocked' }
+ end
Gitlab::WebHooks::RecursionDetection.register!(hook)
@@ -96,13 +104,14 @@ class WebHookService
def async_execute
Gitlab::ApplicationContext.with_context(hook.application_context) do
- break log_rate_limit if rate_limited?
+ break log_rate_limited if rate_limited?
+ break log_recursion_blocked if recursion_blocked?
- log_recursion_limit if recursion_blocked?
+ params = {
+ recursion_detection_request_uuid: Gitlab::WebHooks::RecursionDetection::UUID.instance.request_uuid
+ }.compact
- data[:_gitlab_recursion_detection_request_uuid] = Gitlab::WebHooks::RecursionDetection::UUID.instance.request_uuid
-
- WebHookWorker.perform_async(hook.id, data, hook_name)
+ WebHookWorker.perform_async(hook.id, data, hook_name, params)
end
end
@@ -144,8 +153,12 @@ class WebHookService
internal_error_message: error_message
}
- ::WebHooks::LogExecutionWorker
- .perform_async(hook.id, log_data, category, uniqueness_token)
+ if @force # executed as part of test - run log-execution inline.
+ ::WebHooks::LogExecutionService.new(hook: hook, log_data: log_data, response_category: category).execute
+ else
+ ::WebHooks::LogExecutionWorker
+ .perform_async(hook.id, log_data, category, uniqueness_token)
+ end
end
def response_category(response)
@@ -202,7 +215,7 @@ class WebHookService
@rate_limit ||= hook.rate_limit
end
- def log_rate_limit
+ def log_rate_limited
Gitlab::AuthLogger.error(
message: 'Webhook rate limit exceeded',
hook_id: hook.id,
@@ -212,9 +225,9 @@ class WebHookService
)
end
- def log_recursion_limit
+ def log_recursion_blocked
Gitlab::AuthLogger.error(
- message: 'Webhook recursion detected and will be blocked in future',
+ message: 'Recursive webhook blocked from executing',
hook_id: hook.id,
hook_type: hook.type,
hook_name: hook_name,
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 21:25:35 +0300