Module: API::Helpers::InternalHelpers
- Defined in:
- lib/api/helpers/internal_helpers.rb
Constant Summary collapse
- UNKNOWN_CHECK_RESULT_ERROR =
'Unknown check result'
Instance Attribute Summary collapse
-
#redirected_path ⇒ Object
readonly
Returns the value of attribute redirected_path.
Instance Method Summary collapse
-
#access_check!(actor, params) ⇒ Object
rubocop:disable Gitlab/ModuleWithInstanceVariables.
-
#access_check_result ⇒ Object
rubocop:enable Gitlab/ModuleWithInstanceVariables.
-
#access_checker_for(actor, protocol) ⇒ Object
rubocop:enable Gitlab/ModuleWithInstanceVariables.
- #access_checker_klass ⇒ Object
- #actor ⇒ Object
- #container ⇒ Object
- #log_user_activity(actor) ⇒ Object
- #parse_env ⇒ Object
- #project ⇒ Object
- #redis_ping ⇒ Object
-
#repo_type ⇒ Object
rubocop:disable Gitlab/ModuleWithInstanceVariables.
- #response_with_status(code: 200, success: true, message: nil, **extra_options) ⇒ Object
- #send_git_audit_streaming_event(msg) ⇒ Object
- #ssh_authentication_abilities ⇒ Object
- #unsuccessful_response?(response) ⇒ Boolean
- #with_admin_mode_bypass!(actor_id, &block) ⇒ Object
Instance Attribute Details
#redirected_path ⇒ Object (readonly)
Returns the value of attribute redirected_path.
6 7 8 |
# File 'lib/api/helpers/internal_helpers.rb', line 6 def redirected_path @redirected_path end |
Instance Method Details
#access_check!(actor, params) ⇒ Object
rubocop:disable Gitlab/ModuleWithInstanceVariables
50 51 52 53 54 55 56 57 58 59 |
# File 'lib/api/helpers/internal_helpers.rb', line 50 def access_check!(actor, params) access_checker = access_checker_for(actor, params[:protocol]) access_checker.check(params[:action], params[:changes]).tap do |result| break result if @project || !repo_type.project? # If we have created a project directly from a git push # we have to assign its value to both @project and @container @project = @container = access_checker.container end end |
#access_check_result ⇒ Object
rubocop:enable Gitlab/ModuleWithInstanceVariables
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'lib/api/helpers/internal_helpers.rb', line 33 def access_check_result with_admin_mode_bypass!(actor.user&.id) do access_check!(actor, params) end rescue Gitlab::GitAccess::ForbiddenError => e # The return code needs to be 401. If we return 403 # the custom message we return won't be shown to the user # and, instead, the default message 'GitLab: API is not accessible' # will be displayed response_with_status(code: 401, success: false, message: e.) rescue Gitlab::GitAccess::TimeoutError => e response_with_status(code: 503, success: false, message: e.) rescue Gitlab::GitAccess::NotFoundError => e response_with_status(code: 404, success: false, message: e.) end |
#access_checker_for(actor, protocol) ⇒ Object
rubocop:enable Gitlab/ModuleWithInstanceVariables
62 63 64 65 66 67 |
# File 'lib/api/helpers/internal_helpers.rb', line 62 def access_checker_for(actor, protocol) access_checker_klass.new(actor.key_or_user, container, protocol, authentication_abilities: ssh_authentication_abilities, repository_path: repository_path, redirected_path: redirected_path) end |
#access_checker_klass ⇒ Object
69 70 71 |
# File 'lib/api/helpers/internal_helpers.rb', line 69 def access_checker_klass repo_type.access_checker_class end |
#actor ⇒ Object
12 13 14 |
# File 'lib/api/helpers/internal_helpers.rb', line 12 def actor @actor ||= Support::GitAccessActor.from_params(params) end |
#container ⇒ Object
27 28 29 30 |
# File 'lib/api/helpers/internal_helpers.rb', line 27 def container parse_repo_path unless defined?(@container) @container end |
#log_user_activity(actor) ⇒ Object
89 90 91 92 93 94 95 96 |
# File 'lib/api/helpers/internal_helpers.rb', line 89 def log_user_activity(actor) commands = Gitlab::GitAccess::DOWNLOAD_COMMANDS commands += Gitlab::GitAccess::PUSH_COMMANDS if Feature.enabled?(:log_user_git_push_activity) return unless commands.include?(params[:action]) ::Users::ActivityService.new(author: actor, namespace: project&.namespace, project: project).execute end |
#parse_env ⇒ Object
81 82 83 84 85 86 87 |
# File 'lib/api/helpers/internal_helpers.rb', line 81 def parse_env return {} if params[:env].blank? Gitlab::Json.parse(params[:env]) rescue JSON::ParserError {} end |
#project ⇒ Object
22 23 24 25 |
# File 'lib/api/helpers/internal_helpers.rb', line 22 def project parse_repo_path unless defined?(@project) @project end |
#redis_ping ⇒ Object
98 99 100 101 102 103 104 105 |
# File 'lib/api/helpers/internal_helpers.rb', line 98 def redis_ping result = Gitlab::Redis::SharedState.with { |redis| redis.ping } result == 'PONG' rescue StandardError => e Gitlab::AppLogger.warn("GitLab: An unexpected error occurred in pinging to Redis: #{e}") false end |
#repo_type ⇒ Object
rubocop:disable Gitlab/ModuleWithInstanceVariables
17 18 19 20 |
# File 'lib/api/helpers/internal_helpers.rb', line 17 def repo_type parse_repo_path unless defined?(@repo_type) @repo_type end |
#response_with_status(code: 200, success: true, message: nil, **extra_options) ⇒ Object
107 108 109 110 |
# File 'lib/api/helpers/internal_helpers.rb', line 107 def response_with_status(code: 200, success: true, message: nil, **) status code { status: success, message: }.merge().compact end |
#send_git_audit_streaming_event(msg) ⇒ Object
122 123 124 |
# File 'lib/api/helpers/internal_helpers.rb', line 122 def send_git_audit_streaming_event(msg) # Defined in EE end |
#ssh_authentication_abilities ⇒ Object
73 74 75 76 77 78 79 |
# File 'lib/api/helpers/internal_helpers.rb', line 73 def ssh_authentication_abilities [ :read_project, :download_code, :push_code ] end |
#unsuccessful_response?(response) ⇒ Boolean
112 113 114 |
# File 'lib/api/helpers/internal_helpers.rb', line 112 def unsuccessful_response?(response) response.is_a?(Hash) && response[:status] == false end |
#with_admin_mode_bypass!(actor_id, &block) ⇒ Object
116 117 118 119 120 |
# File 'lib/api/helpers/internal_helpers.rb', line 116 def with_admin_mode_bypass!(actor_id, &block) return yield unless Gitlab::CurrentSettings.admin_mode Gitlab::Auth::CurrentUserMode.bypass_session!(actor_id, &block) end |