Class: ApplicationController

Constant Summary collapse

DEFAULT_GITLAB_CACHE_CONTROL =

Adds `no-store` to the DEFAULT_CACHE_CONTROL, to prevent security concerns due to caching private data.

"#{ActionDispatch::Http::Cache::Response::DEFAULT_CACHE_CONTROL}, no-store"

Constants included from Gitlab::Logging::CloudflareHelper

Gitlab::Logging::CloudflareHelper::CLOUDFLARE_CUSTOM_HEADERS

Constants included from Gitlab::NoCacheHeaders

Gitlab::NoCacheHeaders::DEFAULT_GITLAB_NO_CACHE_HEADERS

Instance Method Summary collapse

Methods included from Gitlab::Utils::StrongMemoize

#clear_memoization, #strong_memoize, #strong_memoized?

Methods included from Gitlab::Logging::CloudflareHelper

#store_cloudflare_headers!, #valid_cloudflare_header?

Methods included from Impersonation

#current_user

Methods included from InitializesCurrentUserMode

#current_user_mode

Methods included from Gitlab::Experimentation::ControllerConcern

#experiment_enabled?, #experiment_tracking_category_and_group, #frontend_experimentation_tracking_data, #record_experiment_user, #set_experimentation_subject_id_cookie, #track_experiment_event

Methods included from SessionsHelper

#limit_session_time, #unconfirmed_email?

Methods included from SessionlessAuthentication

#authenticate_sessionless_user!, #sessionless_bypass_admin_mode!, #sessionless_sign_in, #sessionless_user?

Methods included from Gitlab::SearchContext::ControllerConcern

#search_context

Methods included from EnforcesTwoFactorAuthentication

#check_two_factor_requirement, #current_user_requires_two_factor?, #skip_two_factor?, #two_factor_authentication_reason, #two_factor_authentication_required?, #two_factor_grace_period, #two_factor_grace_period_expired?, #two_factor_skippable?, #two_factor_verifier

Methods included from WorkhorseHelper

#send_artifacts_entry, #send_git_archive, #send_git_blob, #send_git_diff, #send_git_patch, #set_workhorse_internal_api_content_type, #workhorse_set_content_type!

Methods included from SafeParamsHelper

#safe_params

Methods included from PageLayoutHelper

#blank_container, #container_class, #favicon, #fluid_layout, #header_title, #nav, #page_card_attributes, #page_card_meta_tags, #page_description, #page_image, #page_title, #search_context, #sidebar

Methods included from GitlabRoutingHelper

#approve_access_request_group_member_path, #approve_access_request_project_member_path, #artifacts_action_path, #commit_url, #commits_url, #edit_milestone_path, #edit_pipeline_schedule_path, #environment_delete_path, #environment_metrics_path, #environment_path, #expose_fast_artifacts_path, #fast_browse_project_job_artifacts_path, #fast_download_project_job_artifacts_path, #fast_keep_project_job_artifacts_path, #gitlab_dashboard_snippets_path, #gitlab_raw_snippet_blob_path, #gitlab_raw_snippet_blob_url, #gitlab_raw_snippet_path, #gitlab_raw_snippet_url, #gitlab_snippet_note_path, #gitlab_snippet_note_url, #gitlab_snippet_notes_path, #gitlab_snippet_notes_url, #gitlab_snippet_path, #gitlab_snippet_url, #gitlab_toggle_award_emoji_snippet_note_path, #gitlab_toggle_award_emoji_snippet_note_url, #gitlab_toggle_award_emoji_snippet_path, #gitlab_toggle_award_emoji_snippet_url, #group_member_path, #group_members_url, #issue_path, #issue_url, #leave_group_members_path, #leave_project_members_path, #merge_request_path, #merge_request_url, #pipeline_job_url, #pipeline_path, #pipeline_schedule_path, #pipeline_schedules_path, #pipeline_url, #play_pipeline_schedule_path, #preview_markdown_path, #project_commits_path, #project_member_path, #project_members_url, #project_ref_path, #project_tree_path, #request_access_group_members_path, #request_access_project_members_path, #resend_invite_group_member_path, #resend_invite_project_member_path, #take_ownership_pipeline_schedule_path, #toggle_award_emoji_personal_snippet_path, #toggle_award_emoji_project_project_snippet_path, #toggle_award_emoji_project_project_snippet_url, #toggle_subscription_path, #wiki_page_path, #wiki_path

Methods included from API::Helpers::RelatedResourcesHelpers

#expose_path, #expose_url, #issues_available?, #mrs_available?

Methods included from Gitlab::GonHelper

#add_gon_variables, #default_avatar_url, #push_frontend_feature_flag

Methods included from WebpackHelper

#webpack_bundle_tag, #webpack_controller_bundle_tags, #webpack_entrypoint_paths, #webpack_public_host, #webpack_public_path

Methods included from StartupCssHelper

#use_startup_css?

Instance Method Details

#not_foundObject


119
120
121
# File 'app/controllers/application_controller.rb', line 119

def not_found
  render_404
end

#redirect_back_or_default(default: root_path, options: {}) ⇒ Object


115
116
117
# File 'app/controllers/application_controller.rb', line 115

def redirect_back_or_default(default: root_path, options: {})
  redirect_back(fallback_location: default, **options)
end

#render(*args) ⇒ Object


133
134
135
136
137
138
139
140
# File 'app/controllers/application_controller.rb', line 133

def render(*args)
  super.tap do
    # Set a header for custom error pages to prevent them from being intercepted by gitlab-workhorse
    if (400..599).cover?(response.status) && workhorse_excluded_content_types.include?(response.media_type)
      response.headers['X-GitLab-Custom-Error'] = '1'
    end
  end
end

#route_not_foundObject


123
124
125
126
127
128
129
130
131
# File 'app/controllers/application_controller.rb', line 123

def route_not_found
  if current_user
    not_found
  else
    store_location_for(:user, request.fullpath) unless request.xhr?

    redirect_to new_user_session_path, alert: I18n.t('devise.failure.unauthenticated')
  end
end