From 60d9342b3b0dfb6b1fab71e8edff869529dd3794 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Mon, 28 Aug 2023 16:54:04 +0000 Subject: Add latest changes from gitlab-org/gitlab@16-3-stable-ee --- lib/gitlab/content_security_policy/config_loader.rb | 2 +- .../content_security_policy/config_loader_spec.rb | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/lib/gitlab/content_security_policy/config_loader.rb b/lib/gitlab/content_security_policy/config_loader.rb index 9fb3c7d362f..59a4e425b85 100644 --- a/lib/gitlab/content_security_policy/config_loader.rb +++ b/lib/gitlab/content_security_policy/config_loader.rb @@ -84,7 +84,7 @@ module Gitlab end def allow_lfs(directives) - return unless Gitlab.config.lfs.enabled && LfsObjectUploader.direct_download_enabled? + return unless Gitlab.config.lfs.enabled && LfsObjectUploader.object_store_enabled? && LfsObjectUploader.direct_download_enabled? lfs_url = build_lfs_url return unless lfs_url.present? diff --git a/spec/lib/gitlab/content_security_policy/config_loader_spec.rb b/spec/lib/gitlab/content_security_policy/config_loader_spec.rb index dd633820ad9..6d24ced138e 100644 --- a/spec/lib/gitlab/content_security_policy/config_loader_spec.rb +++ b/spec/lib/gitlab/content_security_policy/config_loader_spec.rb @@ -205,6 +205,24 @@ RSpec.describe Gitlab::ContentSecurityPolicy::ConfigLoader, feature_category: :s context 'when LFS is enabled' do let(:lfs_enabled) { true } + context 'and object storage is not in use' do + let(:lfs_config) do + { + enabled: false, + remote_directory: 'lfs-objects', + connection: {}, + direct_upload: false, + proxy_download: true, + storage_options: {} + } + end + + it 'is expected to be skipped' do + expect(described_class.send(:allow_lfs, directives)).to be_nil + expect(connect_src).not_to include('lfs-objects') + end + end + context 'and direct downloads are enabled' do let(:provider) { LfsObjectUploader.object_store_options.connection.provider } -- cgit v1.2.3