debian-mirror-gitlab/app/models/snippet.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

378 lines
10 KiB
Ruby
Raw Normal View History

2018-11-18 11:00:15 +05:30
# frozen_string_literal: true
2019-07-07 11:18:12 +05:30
class Snippet < ApplicationRecord
2015-04-26 12:48:37 +05:30
include Gitlab::VisibilityLevel
2018-11-18 11:00:15 +05:30
include Redactable
2016-11-03 12:29:30 +05:30
include CacheMarkdownField
2017-08-17 22:00:37 +05:30
include Noteable
2015-09-11 14:41:01 +05:30
include Participable
include Sortable
2016-09-29 09:46:39 +05:30
include Awardable
2017-08-17 22:00:37 +05:30
include Mentionable
include Spammable
include Editable
2018-03-17 18:26:18 +05:30
include Gitlab::SQL::Pattern
2018-12-05 23:21:45 +05:30
include FromUnion
2020-03-13 15:44:24 +05:30
include IgnorableColumns
include HasRepository
2021-02-22 17:27:13 +05:30
include CanMoveRepositoryStorage
2020-05-24 23:13:21 +05:30
include AfterCommitQueue
2019-12-21 20:55:43 +05:30
extend ::Gitlab::Utils::Override
2022-08-13 15:12:31 +05:30
include CreatedAtFilterable
2014-09-02 18:07:02 +05:30
2020-05-24 23:13:21 +05:30
MAX_FILE_COUNT = 10
2020-04-08 14:13:33 +05:30
2022-09-01 20:07:04 +05:30
DESCRIPTION_LENGTH_MAX = 1.megabyte
2016-11-03 12:29:30 +05:30
cache_markdown_field :title, pipeline: :single_line
2017-09-10 17:25:29 +05:30
cache_markdown_field :description
2016-11-03 12:29:30 +05:30
cache_markdown_field :content
2018-11-18 11:00:15 +05:30
redact_field :description
2017-08-17 22:00:37 +05:30
# Aliases to make application_helper#edited_time_ago_with_tooltip helper work properly with snippets.
2019-12-04 20:38:33 +05:30
# See https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/10392/diffs#note_28719102
2017-08-17 22:00:37 +05:30
alias_attribute :last_edited_at, :updated_at
alias_attribute :last_edited_by, :updated_by
2016-11-03 12:29:30 +05:30
# If file_name changes, it invalidates content
alias_method :default_content_html_invalidator, :content_html_invalidated?
def content_html_invalidated?
default_content_html_invalidator || file_name_changed?
end
2015-09-11 14:41:01 +05:30
belongs_to :author, class_name: 'User'
belongs_to :project
2022-06-21 17:19:12 +05:30
alias_method :resource_parent, :project
2014-09-02 18:07:02 +05:30
2017-09-10 17:25:29 +05:30
has_many :notes, as: :noteable, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
2020-03-13 15:44:24 +05:30
has_many :user_mentions, class_name: "SnippetUserMention", dependent: :delete_all # rubocop:disable Cop/ActiveRecordDependent
has_one :snippet_repository, inverse_of: :snippet
2021-04-17 20:07:23 +05:30
has_many :repository_storage_moves, class_name: 'Snippets::RepositoryStorageMove', inverse_of: :container
2014-09-02 18:07:02 +05:30
2020-07-28 23:09:34 +05:30
# We need to add the `dependent` in order to call the after_destroy callback
has_one :statistics, class_name: 'SnippetStatistics', dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
2014-09-02 18:07:02 +05:30
delegate :name, :email, to: :author, prefix: true, allow_nil: true
validates :author, presence: true
2017-08-17 22:00:37 +05:30
validates :title, presence: true, length: { maximum: 255 }
2015-04-26 12:48:37 +05:30
validates :file_name,
2017-09-10 17:25:29 +05:30
length: { maximum: 255 }
2022-09-01 20:07:04 +05:30
validates :description, bytesize: { maximum: -> { DESCRIPTION_LENGTH_MAX } }, if: :description_changed?
2016-08-24 12:49:21 +05:30
2014-09-02 18:07:02 +05:30
validates :content, presence: true
2022-09-01 20:07:04 +05:30
validates :content, bytesize: { maximum: -> { Gitlab::CurrentSettings.snippet_size_limit } }, if: :content_changed?
2020-01-01 13:55:28 +05:30
2020-07-28 23:09:34 +05:30
after_create :create_statistics
2020-03-13 15:44:24 +05:30
2014-09-02 18:07:02 +05:30
# Scopes
2019-03-02 22:35:43 +05:30
scope :are_internal, -> { where(visibility_level: Snippet::INTERNAL) }
2015-04-26 12:48:37 +05:30
scope :are_private, -> { where(visibility_level: Snippet::PRIVATE) }
2020-01-01 13:55:28 +05:30
scope :are_public, -> { public_only }
scope :are_secret, -> { public_only.where(secret: true) }
2019-03-02 22:35:43 +05:30
scope :fresh, -> { order("created_at DESC") }
2019-12-04 20:38:33 +05:30
scope :inc_author, -> { includes(:author) }
2018-11-18 11:00:15 +05:30
scope :inc_relations_for_view, -> { includes(author: :status) }
2021-04-17 20:07:23 +05:30
scope :inc_statistics, -> { includes(:statistics) }
2020-07-28 23:09:34 +05:30
scope :with_statistics, -> { joins(:statistics) }
2021-03-08 18:12:59 +05:30
scope :inc_projects_namespace_route, -> { includes(project: [:route, :namespace]) }
2014-09-02 18:07:02 +05:30
2020-01-01 13:55:28 +05:30
attr_mentionable :description
participant :author
participant :notes_with_associations
2015-09-11 14:41:01 +05:30
2017-08-17 22:00:37 +05:30
attr_spammable :title, spam_title: true
2022-10-11 01:57:18 +05:30
attr_spammable :description, spam_description: true
2017-08-17 22:00:37 +05:30
2020-01-01 13:55:28 +05:30
attr_encrypted :secret_token,
2022-08-27 11:52:29 +05:30
key: Settings.attr_encrypted_db_key_base_truncated,
mode: :per_attribute_iv,
2020-01-01 13:55:28 +05:30
algorithm: 'aes-256-cbc'
2022-01-26 12:08:38 +05:30
class << self
# Searches for snippets with a matching title, description or file name.
#
# This method uses ILIKE on PostgreSQL.
#
# query - The search query as a String.
#
# Returns an ActiveRecord::Relation.
def search(query)
fuzzy_search(query, [:title, :description, :file_name])
2018-12-13 13:39:08 +05:30
end
2022-01-26 12:08:38 +05:30
def parent_class
::Project
end
2018-12-13 13:39:08 +05:30
2022-01-26 12:08:38 +05:30
def sanitized_file_name(file_name)
file_name.gsub(/[^a-zA-Z0-9_\-\.]+/, '')
end
2020-05-24 23:13:21 +05:30
2022-01-26 12:08:38 +05:30
def with_optional_visibility(value = nil)
if value
where(visibility_level: value)
else
all
end
end
2018-12-13 13:39:08 +05:30
2022-01-26 12:08:38 +05:30
def only_personal_snippets
where(project_id: nil)
end
2018-12-13 13:39:08 +05:30
2022-01-26 12:08:38 +05:30
def only_project_snippets
where.not(project_id: nil)
end
2018-12-13 13:39:08 +05:30
2022-01-26 12:08:38 +05:30
def only_include_projects_visible_to(current_user = nil)
levels = Gitlab::VisibilityLevel.levels_for_user(current_user)
2018-12-13 13:39:08 +05:30
2022-01-26 12:08:38 +05:30
joins(:project).where(projects: { visibility_level: levels })
end
2018-12-13 13:39:08 +05:30
2022-01-26 12:08:38 +05:30
def only_include_projects_with_snippets_enabled(include_private: false)
column = ProjectFeature.access_level_attribute(:snippets)
levels = [ProjectFeature::ENABLED, ProjectFeature::PUBLIC]
2018-12-13 13:39:08 +05:30
2022-01-26 12:08:38 +05:30
levels << ProjectFeature::PRIVATE if include_private
2018-12-13 13:39:08 +05:30
2022-01-26 12:08:38 +05:30
joins(project: :project_feature)
.where(project_features: { column => levels })
2018-12-13 13:39:08 +05:30
end
2022-01-26 12:08:38 +05:30
def only_include_authorized_projects(current_user)
where(
'EXISTS (?)',
ProjectAuthorization
.select(1)
.where('project_id = snippets.project_id')
.where(user_id: current_user.id)
)
end
2018-12-13 13:39:08 +05:30
2022-01-26 12:08:38 +05:30
def for_project_with_user(project, user = nil)
return none unless project.snippets_visible?(user)
if user && project.team.member?(user)
project.snippets
else
project.snippets.public_to_user(user)
end
end
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
def visible_to_or_authored_by(user)
query = where(visibility_level: Gitlab::VisibilityLevel.levels_for_user(user))
query.or(where(author_id: user.id))
end
def reference_prefix
'$'
end
# Pattern used to extract `$123` snippet references from text
#
# This pattern supports cross-project references.
def reference_pattern
@reference_pattern ||= %r{
2015-09-11 14:41:01 +05:30
(#{Project.reference_pattern})?
#{Regexp.escape(reference_prefix)}(?<snippet>\d+)
}x
2022-01-26 12:08:38 +05:30
end
2015-09-11 14:41:01 +05:30
2022-01-26 12:08:38 +05:30
def link_reference_pattern
@link_reference_pattern ||= super("snippets", /(?<snippet>\d+)/)
end
2015-12-23 02:04:40 +05:30
2022-01-26 12:08:38 +05:30
def find_by_id_and_project(id:, project:)
Snippet.find_by(id: id, project: project)
end
def find_by_project_title_trunc_created_at(project, title, created_at)
where(project: project, title: title)
.find_by(
"date_trunc('second', created_at at time zone :tz) at time zone :tz = :created_at",
tz: created_at.zone, created_at: created_at)
end
2020-04-08 14:13:33 +05:30
2022-01-26 12:08:38 +05:30
def max_file_limit
MAX_FILE_COUNT
end
2020-05-24 23:13:21 +05:30
end
2019-12-21 20:55:43 +05:30
def initialize(attributes = {})
# We can't use default_value_for because the database has a default
# value of 0 for visibility_level. If someone attempts to create a
# private snippet, default_value_for will assume that the
# visibility_level hasn't changed and will use the application
# setting default, which could be internal or public.
#
# To fix the problem, we assign the actual snippet default if no
# explicit visibility has been initialized.
attributes ||= {}
unless visibility_attribute_present?(attributes)
attributes[:visibility_level] = Gitlab::CurrentSettings.default_snippet_visibility
end
super
end
2018-03-17 18:26:18 +05:30
def to_reference(from = nil, full: false)
2015-09-11 14:41:01 +05:30
reference = "#{self.class.reference_prefix}#{id}"
2017-08-17 22:00:37 +05:30
if project.present?
2020-03-13 15:44:24 +05:30
"#{project.to_reference_base(from, full: full)}#{reference}"
2017-08-17 22:00:37 +05:30
else
reference
2015-09-11 14:41:01 +05:30
end
end
2022-02-27 12:50:16 +05:30
def all_files
list_files(default_branch)
end
2020-04-08 14:13:33 +05:30
def blob
@blob ||= Blob.decorate(SnippetBlob.new(self), self)
2014-09-02 18:07:02 +05:30
end
2022-02-27 12:50:16 +05:30
def blobs(paths = [])
2020-04-08 14:13:33 +05:30
return [] unless repository_exists?
2022-02-27 12:50:16 +05:30
paths = all_files if paths.empty?
items = paths.map { |path| [default_branch, path] }
2021-04-17 20:07:23 +05:30
repository.blobs_at(items).compact
2014-09-02 18:07:02 +05:30
end
2015-04-26 12:48:37 +05:30
def hook_attrs
attributes
end
2017-08-17 22:00:37 +05:30
def file_name
super.to_s
2014-09-02 18:07:02 +05:30
end
2017-08-17 22:00:37 +05:30
def visibility_level_field
:visibility_level
2014-09-02 18:07:02 +05:30
end
2019-01-03 12:48:30 +05:30
def embeddable?
2020-03-13 15:44:24 +05:30
Ability.allowed?(nil, :read_snippet, self)
2019-01-03 12:48:30 +05:30
end
2017-08-17 22:00:37 +05:30
def notes_with_associations
notes.includes(:author)
2015-04-26 12:48:37 +05:30
end
2021-10-27 15:23:28 +05:30
def check_for_spam?(user:)
2017-08-17 22:00:37 +05:30
visibility_level_changed?(to: Snippet::PUBLIC) ||
2022-10-11 01:57:18 +05:30
(public? && (title_changed? || description_changed?))
2019-12-21 20:55:43 +05:30
end
2017-08-17 22:00:37 +05:30
def spammable_entity_type
'snippet'
end
2019-09-30 21:07:59 +05:30
def to_ability_name
2020-03-13 15:44:24 +05:30
'snippet'
2019-09-30 21:07:59 +05:30
end
2020-01-01 13:55:28 +05:30
def valid_secret_token?(token)
return false unless token && secret_token
ActiveSupport::SecurityUtils.secure_compare(token.to_s, secret_token.to_s)
end
def as_json(options = {})
options[:except] = Array.wrap(options[:except])
options[:except] << :secret_token
super
end
2020-04-22 19:07:51 +05:30
override :repository
2020-03-13 15:44:24 +05:30
def repository
2020-11-24 15:15:51 +05:30
@repository ||= Gitlab::GlRepository::SNIPPET.repository_for(self)
2020-03-13 15:44:24 +05:30
end
2020-04-22 19:07:51 +05:30
override :repository_size_checker
def repository_size_checker
strong_memoize(:repository_size_checker) do
::Gitlab::RepositorySizeChecker.new(
current_size_proc: -> { repository.size.megabytes },
2021-01-03 14:25:43 +05:30
limit: Gitlab::CurrentSettings.snippet_size_limit,
namespace: nil
2020-04-22 19:07:51 +05:30
)
end
end
override :storage
2020-03-13 15:44:24 +05:30
def storage
@storage ||= Storage::Hashed.new(self, prefix: Storage::Hashed::SNIPPET_REPOSITORY_PATH_PREFIX)
end
2021-01-29 00:20:46 +05:30
# This is the full_path used to identify the the snippet repository.
2020-04-22 19:07:51 +05:30
override :full_path
2020-03-13 15:44:24 +05:30
def full_path
return unless persisted?
@full_path ||= begin
components = []
components << project.full_path if project_id?
2021-01-29 00:20:46 +05:30
components << 'snippets'
2020-03-13 15:44:24 +05:30
components << self.id
components.join('/')
end
end
2020-11-24 15:15:51 +05:30
override :default_branch
def default_branch
2021-06-08 01:23:25 +05:30
super || Gitlab::DefaultBranch.value(object: project)
2020-11-24 15:15:51 +05:30
end
2020-03-13 15:44:24 +05:30
def repository_storage
2021-03-11 19:13:27 +05:30
snippet_repository&.shard_name || Repository.pick_storage_shard
2020-03-13 15:44:24 +05:30
end
def create_repository
2020-04-08 14:13:33 +05:30
return if repository_exists? && snippet_repository
2020-03-13 15:44:24 +05:30
2022-05-07 20:08:51 +05:30
repository.create_if_not_exists(default_branch)
2020-04-22 19:07:51 +05:30
track_snippet_repository(repository.storage)
2020-03-13 15:44:24 +05:30
end
2020-04-22 19:07:51 +05:30
def track_snippet_repository(shard)
snippet_repo = snippet_repository || build_snippet_repository
snippet_repo.update!(shard_name: shard, disk_path: disk_path)
2020-03-13 15:44:24 +05:30
end
2020-04-08 14:13:33 +05:30
def can_cache_field?(field)
field != :content || MarkupHelper.gitlab_markdown?(file_name)
end
def hexdigest
Digest::SHA256.hexdigest("#{title}#{description}#{created_at}#{updated_at}")
end
2020-05-24 23:13:21 +05:30
def file_name_on_repo
return if repository.empty?
2020-11-24 15:15:51 +05:30
list_files(default_branch).first
2020-07-28 23:09:34 +05:30
end
def list_files(ref = nil)
return [] if repository.empty?
2020-11-24 15:15:51 +05:30
repository.ls_files(ref || default_branch)
end
def multiple_files?
list_files.size > 1
2020-04-22 19:07:51 +05:30
end
2014-09-02 18:07:02 +05:30
end
2019-12-04 20:38:33 +05:30
2021-06-08 01:23:25 +05:30
Snippet.prepend_mod_with('Snippet')