blob: a46ecc3eee6471f53336771528e4e93e0e8b5b7b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
|
# frozen_string_literal: true
module ApplicationSettings
class UpdateService < ApplicationSettings::BaseService
include ValidatesClassificationLabel
attr_reader :params, :application_setting
MARKDOWN_CACHE_INVALIDATING_PARAMS = %w[asset_proxy_enabled asset_proxy_url asset_proxy_secret_key asset_proxy_whitelist].freeze
def execute
result = update_settings
auto_approve_blocked_users if result
result
end
private
def update_settings
validate_classification_label(application_setting, :external_authorization_service_default_label) unless bypass_external_auth?
if application_setting.errors.any?
return false
end
update_terms(@params.delete(:terms))
update_default_branch_protection_defaults(@params[:default_branch_protection])
add_to_outbound_local_requests_whitelist(@params.delete(:add_to_outbound_local_requests_whitelist))
if params.key?(:performance_bar_allowed_group_path)
group_id = process_performance_bar_allowed_group_id
return false if application_setting.errors.any?
params[:performance_bar_allowed_group_id] = group_id
end
if usage_stats_updated? && !params.delete(:skip_usage_stats_user)
params[:usage_stats_set_by_user_id] = current_user.id
end
@application_setting.assign_attributes(params)
if invalidate_markdown_cache?
@application_setting[:local_markdown_version] = @application_setting.local_markdown_version + 1
end
@application_setting.save
end
def usage_stats_updated?
params.key?(:usage_ping_enabled) || params.key?(:version_check_enabled)
end
def add_to_outbound_local_requests_whitelist(values)
values_array = Array(values).reject(&:empty?)
return if values_array.empty?
@application_setting.add_to_outbound_local_requests_whitelist(values_array)
end
def invalidate_markdown_cache?
!params.key?(:local_markdown_version) &&
(@application_setting.changes.keys & MARKDOWN_CACHE_INVALIDATING_PARAMS).any?
end
def update_terms(terms)
return unless terms.present?
# Avoid creating a new terms record if the text is exactly the same.
terms = terms.strip
return if terms == @application_setting.terms
ApplicationSetting::Term.create(terms: terms)
@application_setting.reset_memoized_terms
end
def update_default_branch_protection_defaults(default_branch_protection)
return unless default_branch_protection.present?
# We are migrating default_branch_protection from an integer
# column to a jsonb column. While completing the rest of the
# work, we want to start translating the updates sent to the
# existing column into the json. Eventually, we will be updating
# the jsonb column directly and deprecating the original update
# path. Until then, we want to sync up both columns.
protection = Gitlab::Access::BranchProtection.new(default_branch_protection.to_i)
@application_setting.default_branch_protection_defaults = protection.to_hash
end
def process_performance_bar_allowed_group_id
group_full_path = params.delete(:performance_bar_allowed_group_path)
enable_param_on = Gitlab::Utils.to_boolean(params.delete(:performance_bar_enabled))
performance_bar_enabled = enable_param_on.nil? || enable_param_on # Default to true
return if group_full_path.blank?
return if enable_param_on == false # Explicitly disabling
unless performance_bar_enabled
application_setting.errors.add(:performance_bar_allowed_group_id, 'not allowed when performance bar is disabled')
return
end
group = Group.find_by_full_path(group_full_path.chomp('/'))
unless group
application_setting.errors.add(:performance_bar_allowed_group_id, 'not found')
return
end
group.id
end
def bypass_external_auth?
params.key?(:external_authorization_service_enabled) && !Gitlab::Utils.to_boolean(params[:external_authorization_service_enabled])
end
def auto_approve_blocked_users
return unless should_auto_approve_blocked_users?
ApproveBlockedPendingApprovalUsersWorker.perform_async(current_user.id)
end
def should_auto_approve_blocked_users?
return false unless application_setting.previous_changes.key?(:require_admin_approval_after_user_signup)
enabled_previous, enabled_current = application_setting.previous_changes[:require_admin_approval_after_user_signup]
enabled_previous && !enabled_current
end
end
end
ApplicationSettings::UpdateService.prepend_mod_with('ApplicationSettings::UpdateService')
|