From b38cf7ccdf8b7ca90bce587a1bf4765631733017 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Tue, 1 Oct 2019 00:06:42 +0000
Subject: Add latest changes from gitlab-org/gitlab@master

---
 app/controllers/health_controller.rb            |  4 ++++
 app/controllers/projects/branches_controller.rb | 19 +++++++++++++++++++
 2 files changed, 23 insertions(+)

(limited to 'app')

diff --git a/app/controllers/health_controller.rb b/app/controllers/health_controller.rb
index c97057c08cb..84b4932ba7a 100644
--- a/app/controllers/health_controller.rb
+++ b/app/controllers/health_controller.rb
@@ -41,6 +41,10 @@ class HealthController < ActionController::Base
       info[:labels] = r.labels if r.labels
       [name, info]
     end
+
+    # disable static error pages at the gitlab-workhorse level, we want to see this error response even in production
+    headers["X-GitLab-Custom-Error"] = 1 unless success
+
     render json: response.to_h, status: success ? :ok : :service_unavailable
   end
 end
diff --git a/app/controllers/projects/branches_controller.rb b/app/controllers/projects/branches_controller.rb
index c125ed3605a..578a3d451a7 100644
--- a/app/controllers/projects/branches_controller.rb
+++ b/app/controllers/projects/branches_controller.rb
@@ -11,6 +11,7 @@ class Projects::BranchesController < Projects::ApplicationController
 
   # Support legacy URLs
   before_action :redirect_for_legacy_index_sort_or_search, only: [:index]
+  before_action :limit_diverging_commit_counts!, only: [:diverging_commit_counts]
 
   def index
     respond_to do |format|
@@ -125,6 +126,24 @@ class Projects::BranchesController < Projects::ApplicationController
 
   private
 
+  # It can be expensive to calculate the diverging counts for each
+  # branch. Normally the frontend should be specifying a set of branch
+  # names, but prior to
+  # https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/32496, the
+  # frontend could omit this set. To prevent excessive I/O, we require
+  # that a list of names be specified.
+  def limit_diverging_commit_counts!
+    return unless Feature.enabled?(:limit_diverging_commit_counts, default_enabled: true)
+
+    limit = Kaminari.config.default_per_page
+
+    # If we don't have many branches in the repository, then go ahead.
+    return if project.repository.branch_count <= limit
+    return if params[:names].present? && Array(params[:names]).length <= limit
+
+    render json: { error: "Specify at least one and at most #{limit} branch names" }, status: :unprocessable_entity
+  end
+
   def ref
     if params[:ref]
       ref_escaped = strip_tags(sanitize(params[:ref]))
-- 
cgit v1.2.3