Module: ApplicationSettingImplementation

Extended by:
ActiveSupport::Concern
Includes:
Gitlab::Utils::StrongMemoize
Included in:
ApplicationSetting, Gitlab::FakeApplicationSettings
Defined in:
app/models/application_setting_implementation.rb

Constant Summary collapse

STRING_LIST_SEPARATOR =
%r{\s*[,;]\s*     # comma or semicolon, optionally surrounded by whitespace
  |               # or
  \s              # any whitespace character
  |               # or
  [\r\n]          # any number of newline characters
}x.freeze
FORBIDDEN_KEY_VALUE =

Setting a key restriction to `-1` means that all keys of this type are forbidden.

KeyRestrictionValidator::FORBIDDEN
VALID_RUNNER_REGISTRAR_TYPES =
%w(project group).freeze
DEFAULT_PROTECTED_PATHS =
[
  '/users/password',
  '/users/sign_in',
  '/api/v3/session.json',
  '/api/v3/session',
  '/api/v4/session.json',
  '/api/v4/session',
  '/users',
  '/users/confirmation',
  '/unsubscribes/',
  '/import/github/personal_access_token',
  '/admin/session'
].freeze
DEFAULT_MINIMUM_PASSWORD_LENGTH =
8

Instance Method Summary collapse

Methods included from Gitlab::Utils::StrongMemoize

#clear_memoization, #strong_memoize, #strong_memoized?

Instance Method Details

#add_to_outbound_local_requests_whitelist(values_array) ⇒ Object


315
316
317
318
319
320
321
322
# File 'app/models/application_setting_implementation.rb', line 315

def add_to_outbound_local_requests_whitelist(values_array)
  clear_memoization(:outbound_local_requests_allowlist_arrays)

  self.outbound_local_requests_whitelist ||= []
  self.outbound_local_requests_whitelist += values_array

  self.outbound_local_requests_whitelist.uniq!
end

#allow_signup?Boolean

Returns:

  • (Boolean)

468
469
470
# File 'app/models/application_setting_implementation.rb', line 468

def allow_signup?
   && password_authentication_enabled_for_web?
end

#allowed_key_typesObject


456
457
458
459
460
# File 'app/models/application_setting_implementation.rb', line 456

def allowed_key_types
  Gitlab::SSHPublicKey.supported_types.select do |type|
    key_restriction_for(type) != FORBIDDEN_KEY_VALUE
  end
end

#archive_builds_older_thanObject


494
495
496
# File 'app/models/application_setting_implementation.rb', line 494

def archive_builds_older_than
  archive_builds_in_seconds.seconds.ago if archive_builds_in_seconds
end

#asset_proxy_allowlistObject


372
373
374
# File 'app/models/application_setting_implementation.rb', line 372

def asset_proxy_allowlist
  read_attribute(:asset_proxy_whitelist)
end

#asset_proxy_whitelist=(values) ⇒ Object Also known as: asset_proxy_allowlist=


362
363
364
365
366
367
368
369
# File 'app/models/application_setting_implementation.rb', line 362

def asset_proxy_whitelist=(values)
  values = strings_to_array(values) if values.is_a?(String)

  # make sure we always allow the running host
  values << Gitlab.config.gitlab.host unless values.include?(Gitlab.config.gitlab.host)

  self[:asset_proxy_whitelist] = values
end

#commit_email_hostnameObject


380
381
382
# File 'app/models/application_setting_implementation.rb', line 380

def commit_email_hostname
  super.presence || self.class.default_commit_email_hostname
end

#default_group_visibility=(level) ⇒ Object


392
393
394
# File 'app/models/application_setting_implementation.rb', line 392

def default_group_visibility=(level)
  super(Gitlab::VisibilityLevel.level_value(level))
end

#default_project_visibility=(level) ⇒ Object


384
385
386
# File 'app/models/application_setting_implementation.rb', line 384

def default_project_visibility=(level)
  super(Gitlab::VisibilityLevel.level_value(level))
end

#default_snippet_visibility=(level) ⇒ Object


388
389
390
# File 'app/models/application_setting_implementation.rb', line 388

def default_snippet_visibility=(level)
  super(Gitlab::VisibilityLevel.level_value(level))
end

#disabled_oauth_sign_in_sources=(sources) ⇒ Object


280
281
282
283
# File 'app/models/application_setting_implementation.rb', line 280

def (sources)
  sources = (sources || []).map(&:to_s) & Devise.omniauth_providers.map(&:to_s)
  super(sources)
end

#domain_allowlist_rawObject


285
286
287
# File 'app/models/application_setting_implementation.rb', line 285

def domain_allowlist_raw
  array_to_string(self.domain_allowlist)
end

#domain_allowlist_raw=(values) ⇒ Object


293
294
295
# File 'app/models/application_setting_implementation.rb', line 293

def domain_allowlist_raw=(values)
  self.domain_allowlist = strings_to_array(values)
end

#domain_denylist_file=(file) ⇒ Object


301
302
303
# File 'app/models/application_setting_implementation.rb', line 301

def domain_denylist_file=(file)
  self.domain_denylist_raw = file.read
end

#domain_denylist_rawObject


289
290
291
# File 'app/models/application_setting_implementation.rb', line 289

def domain_denylist_raw
  array_to_string(self.domain_denylist)
end

#domain_denylist_raw=(values) ⇒ Object


297
298
299
# File 'app/models/application_setting_implementation.rb', line 297

def domain_denylist_raw=(values)
  self.domain_denylist = strings_to_array(values)
end

#health_check_access_tokenObject


439
440
441
# File 'app/models/application_setting_implementation.rb', line 439

def health_check_access_token
  ensure_health_check_access_token!
end

#help_page_support_url_column_exists?Boolean

Returns:

  • (Boolean)

276
277
278
# File 'app/models/application_setting_implementation.rb', line 276

def help_page_support_url_column_exists?
  ApplicationSetting.database.cached_column_exists?(:help_page_support_url)
end

#home_page_url_column_exists?Boolean

Returns:

  • (Boolean)

272
273
274
# File 'app/models/application_setting_implementation.rb', line 272

def home_page_url_column_exists?
  ApplicationSetting.database.cached_column_exists?(:home_page_url)
end

#key_restriction_for(type) ⇒ Object


462
463
464
465
466
# File 'app/models/application_setting_implementation.rb', line 462

def key_restriction_for(type)
  attr_name = "#{type}_key_restriction"

  has_attribute?(attr_name) ? public_send(attr_name) : FORBIDDEN_KEY_VALUE # rubocop:disable GitlabSecurity/PublicSend
end

#latest_termsObject


485
486
487
# File 'app/models/application_setting_implementation.rb', line 485

def latest_terms
  @latest_terms ||= ApplicationSetting::Term.latest
end

#normalized_repository_storage_weightsObject


417
418
419
420
421
422
423
424
425
426
427
428
# File 'app/models/application_setting_implementation.rb', line 417

def normalized_repository_storage_weights
  strong_memoize(:normalized_repository_storage_weights) do
    repository_storages_weights = repository_storages_weighted.slice(*Gitlab.config.repositories.storages.keys)
    weights_total = repository_storages_weights.values.sum

    repository_storages_weights.transform_values do |w|
      next w if weights_total == 0

      w.to_f / weights_total
    end
  end
end

#notes_create_limit_allowlist_rawObject


346
347
348
# File 'app/models/application_setting_implementation.rb', line 346

def notes_create_limit_allowlist_raw
  array_to_string(self.notes_create_limit_allowlist)
end

#notes_create_limit_allowlist_raw=(values) ⇒ Object


350
351
352
# File 'app/models/application_setting_implementation.rb', line 350

def notes_create_limit_allowlist_raw=(values)
  self.notes_create_limit_allowlist = strings_to_array(values).map(&:downcase)
end

#outbound_local_requests_allowlist_arraysObject

This method separates out the strings stored in the application_setting.outbound_local_requests_whitelist array into 2 arrays; an array of IPAddr objects (`[IPAddr.new('127.0.0.1')]`), and an array of domain strings (`['www.example.com']`).


328
329
330
331
332
333
334
335
336
# File 'app/models/application_setting_implementation.rb', line 328

def outbound_local_requests_allowlist_arrays
  strong_memoize(:outbound_local_requests_allowlist_arrays) do
    next [[], []] unless self.outbound_local_requests_whitelist

    ip_allowlist, domain_allowlist = separate_allowlists(self.outbound_local_requests_whitelist)

    [ip_allowlist, domain_allowlist]
  end
end

#outbound_local_requests_allowlist_rawObject


305
306
307
# File 'app/models/application_setting_implementation.rb', line 305

def outbound_local_requests_allowlist_raw
  array_to_string(self.outbound_local_requests_whitelist)
end

#outbound_local_requests_allowlist_raw=(values) ⇒ Object


309
310
311
312
313
# File 'app/models/application_setting_implementation.rb', line 309

def outbound_local_requests_allowlist_raw=(values)
  clear_memoization(:outbound_local_requests_allowlist_arrays)

  self.outbound_local_requests_whitelist = strings_to_array(values)
end

#password_authentication_enabled?Boolean

Returns:

  • (Boolean)

472
473
474
# File 'app/models/application_setting_implementation.rb', line 472

def password_authentication_enabled?
  password_authentication_enabled_for_web? || password_authentication_enabled_for_git?
end

#performance_bar_allowed_groupObject


408
409
410
# File 'app/models/application_setting_implementation.rb', line 408

def performance_bar_allowed_group
  Group.find_by_id(performance_bar_allowed_group_id)
end

#performance_bar_enabledObject

Return true if the Performance Bar is enabled for a given group


413
414
415
# File 'app/models/application_setting_implementation.rb', line 413

def performance_bar_enabled
  performance_bar_allowed_group_id.present?
end

#pick_repository_storageObject

Choose one of the available repository storage options based on a normalized weighted probability.


431
432
433
# File 'app/models/application_setting_implementation.rb', line 431

def pick_repository_storage
  normalized_repository_storage_weights.max_by { |_, weight| rand**(1.0 / weight) }.first
end

#protected_paths_rawObject


338
339
340
# File 'app/models/application_setting_implementation.rb', line 338

def protected_paths_raw
  array_to_string(self.protected_paths)
end

#protected_paths_raw=(values) ⇒ Object


342
343
344
# File 'app/models/application_setting_implementation.rb', line 342

def protected_paths_raw=(values)
  self.protected_paths = strings_to_array(values)
end

#repository_storagesObject


376
377
378
# File 'app/models/application_setting_implementation.rb', line 376

def repository_storages
  Array(read_attribute(:repository_storages))
end

#reset_memoized_termsObject


489
490
491
492
# File 'app/models/application_setting_implementation.rb', line 489

def reset_memoized_terms
  @latest_terms = nil # rubocop:disable Gitlab/ModuleWithInstanceVariables
  latest_terms
end

#restricted_visibility_levels=(levels) ⇒ Object


396
397
398
# File 'app/models/application_setting_implementation.rb', line 396

def restricted_visibility_levels=(levels)
  super(levels&.map { |level| Gitlab::VisibilityLevel.level_value(level) })
end

#runners_registration_tokenObject


435
436
437
# File 'app/models/application_setting_implementation.rb', line 435

def runners_registration_token
  ensure_runners_registration_token!
end

#static_objects_external_storage_auth_token=(token) ⇒ Object


400
401
402
403
404
405
406
# File 'app/models/application_setting_implementation.rb', line 400

def static_objects_external_storage_auth_token=(token)
  if token.present?
    set_static_objects_external_storage_auth_token(token)
  else
    self.static_objects_external_storage_auth_token_encrypted = nil
  end
end

#static_objects_external_storage_enabled?Boolean

Returns:

  • (Boolean)

498
499
500
# File 'app/models/application_setting_implementation.rb', line 498

def static_objects_external_storage_enabled?
  static_objects_external_storage_url.present?
end

#usage_ping_can_be_configured?Boolean

Returns:

  • (Boolean)

443
444
445
# File 'app/models/application_setting_implementation.rb', line 443

def usage_ping_can_be_configured?
  Settings.gitlab.usage_ping_enabled
end

#usage_ping_enabledObject Also known as: usage_ping_enabled?


451
452
453
# File 'app/models/application_setting_implementation.rb', line 451

def usage_ping_enabled
  usage_ping_can_be_configured? && super
end

#usage_ping_features_enabled?Boolean

Returns:

  • (Boolean)

447
448
449
# File 'app/models/application_setting_implementation.rb', line 447

def usage_ping_features_enabled?
  usage_ping_enabled? && usage_ping_features_enabled
end

#user_default_internal_regex_enabled?Boolean

Returns:

  • (Boolean)

476
477
478
# File 'app/models/application_setting_implementation.rb', line 476

def user_default_internal_regex_enabled?
  user_default_external? && user_default_internal_regex.present?
end

#user_default_internal_regex_instanceObject


480
481
482
# File 'app/models/application_setting_implementation.rb', line 480

def user_default_internal_regex_instance
  Regexp.new(user_default_internal_regex, Regexp::IGNORECASE)
end

#users_get_by_id_limit_allowlist_rawObject


354
355
356
# File 'app/models/application_setting_implementation.rb', line 354

def users_get_by_id_limit_allowlist_raw
  array_to_string(self.users_get_by_id_limit_allowlist)
end

#users_get_by_id_limit_allowlist_raw=(values) ⇒ Object


358
359
360
# File 'app/models/application_setting_implementation.rb', line 358

def users_get_by_id_limit_allowlist_raw=(values)
  self.users_get_by_id_limit_allowlist = strings_to_array(values).map(&:downcase)
end

#web_ide_clientside_preview_bundler_urlObject

This will eventually be configurable gitlab.com/gitlab-org/gitlab/issues/208161


504
505
506
# File 'app/models/application_setting_implementation.rb', line 504

def web_ide_clientside_preview_bundler_url
  'https://sandbox-prod.gitlab-static.net'
end