debian-mirror-gitlab/app/controllers/projects/application_controller.rb

112 lines
3.2 KiB
Ruby
Raw Normal View History

2018-12-05 23:21:45 +05:30
# frozen_string_literal: true
2014-09-02 18:07:02 +05:30
class Projects::ApplicationController < ApplicationController
2018-11-20 20:47:30 +05:30
include CookiesHelper
2017-08-17 22:00:37 +05:30
include RoutableActions
2018-05-09 12:01:36 +05:30
include ChecksCollaboration
2017-08-17 22:00:37 +05:30
2016-06-02 11:05:42 +05:30
skip_before_action :authenticate_user!
2015-09-11 14:41:01 +05:30
before_action :project
before_action :repository
layout 'project'
2014-09-02 18:07:02 +05:30
2018-03-27 19:54:05 +05:30
helper_method :repository, :can_collaborate_with_project?, :user_access
2016-06-02 11:05:42 +05:30
2019-07-07 11:18:12 +05:30
rescue_from Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError do |exception|
log_exception(exception)
render_404
end
2016-06-02 11:05:42 +05:30
private
def project
2017-08-17 22:00:37 +05:30
return @project if @project
2019-07-07 11:18:12 +05:30
return unless params[:project_id] || params[:id]
2017-08-17 22:00:37 +05:30
path = File.join(params[:namespace_id], params[:project_id] || params[:id])
2016-06-02 11:05:42 +05:30
2021-11-11 11:23:49 +05:30
@project = find_routable!(Project, path, request.fullpath, extra_authorization_proc: auth_proc)
2017-08-17 22:00:37 +05:30
end
2022-05-03 16:02:30 +05:30
def auth_proc
->(project) { !project.pending_delete? }
end
def authorize_read_build_trace!
return if can?(current_user, :read_build_trace, build)
if build.debug_mode?
access_denied!(
_('You must have developer or higher permissions in the associated project to view job logs when debug trace ' \
"is enabled. To disable debug trace, set the 'CI_DEBUG_TRACE' variable to 'false' in your pipeline " \
'configuration or CI/CD settings. If you need to view this job log, a project maintainer must add you to ' \
'the project with developer permissions or higher.')
)
else
access_denied!(_('The current user is not authorized to access the job log.'))
end
end
2017-08-17 22:00:37 +05:30
def build_canonical_path(project)
params[:namespace_id] = project.namespace.to_param
params[:project_id] = project.to_param
2018-06-27 16:04:02 +05:30
url_for(safe_params)
2016-06-02 11:05:42 +05:30
end
def repository
@repository ||= project.repository
end
2017-08-17 22:00:37 +05:30
def authorize_action!(action)
unless can?(current_user, action, project)
2020-07-28 23:09:34 +05:30
access_denied!
2017-08-17 22:00:37 +05:30
end
2016-06-02 11:05:42 +05:30
end
2017-09-10 17:25:29 +05:30
def check_project_feature_available!(feature)
render_404 unless project.feature_available?(feature, current_user)
end
def check_issuables_available!
render_404 unless project.feature_available?(:issues, current_user) ||
project.feature_available?(:merge_requests, current_user)
end
2016-06-02 11:05:42 +05:30
def method_missing(method_sym, *arguments, &block)
2017-09-10 17:25:29 +05:30
case method_sym.to_s
when /\Aauthorize_(.*)!\z/
2020-11-24 15:15:51 +05:30
authorize_action!(Regexp.last_match(1).to_sym)
2017-09-10 17:25:29 +05:30
when /\Acheck_(.*)_available!\z/
2020-11-24 15:15:51 +05:30
check_project_feature_available!(Regexp.last_match(1).to_sym)
2016-06-02 11:05:42 +05:30
else
super
2014-09-02 18:07:02 +05:30
end
2016-06-02 11:05:42 +05:30
end
2014-09-02 18:07:02 +05:30
2016-06-02 11:05:42 +05:30
def require_non_empty_project
# Be sure to return status code 303 to avoid a double DELETE:
# http://api.rubyonrails.org/classes/ActionController/Redirecting.html
2018-11-18 11:00:15 +05:30
redirect_to project_path(@project), status: :see_other if @project.empty_repo?
2014-09-02 18:07:02 +05:30
end
def require_branch_head
2016-06-22 15:30:34 +05:30
unless @repository.branch_exists?(@ref)
2015-04-26 12:48:37 +05:30
redirect_to(
2017-09-10 17:25:29 +05:30
project_tree_path(@project, @ref),
2015-12-23 02:04:40 +05:30
notice: "This action is not allowed unless you are on a branch"
2015-04-26 12:48:37 +05:30
)
2014-09-02 18:07:02 +05:30
end
end
2015-10-24 18:46:33 +05:30
2017-08-17 22:00:37 +05:30
def require_pages_enabled!
2018-03-17 18:26:18 +05:30
not_found unless @project.pages_available?
end
def check_issues_available!
return render_404 unless @project.feature_available?(:issues, current_user)
2017-08-17 22:00:37 +05:30
end
2014-09-02 18:07:02 +05:30
end
2022-05-07 20:08:51 +05:30
Projects::ApplicationController.prepend_mod_with('Projects::ApplicationController')