debian-mirror-gitlab/app/models/application_setting_implementation.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

655 lines
23 KiB
Ruby
Raw Normal View History

2019-06-05 12:25:43 +05:30
# frozen_string_literal: true
module ApplicationSettingImplementation
extend ActiveSupport::Concern
2019-10-12 21:52:04 +05:30
include Gitlab::Utils::StrongMemoize
2019-06-05 12:25:43 +05:30
2019-12-21 20:55:43 +05:30
STRING_LIST_SEPARATOR = %r{\s*[,;]\s* # comma or semicolon, optionally surrounded by whitespace
2019-06-05 12:25:43 +05:30
| # or
\s # any whitespace character
| # or
[\r\n] # any number of newline characters
2019-07-31 22:56:46 +05:30
}x.freeze
2019-06-05 12:25:43 +05:30
# Setting a key restriction to `-1` means that all keys of this type are
# forbidden.
FORBIDDEN_KEY_VALUE = KeyRestrictionValidator::FORBIDDEN
2021-09-30 23:02:18 +05:30
VALID_RUNNER_REGISTRAR_TYPES = %w(project group).freeze
2019-06-05 12:25:43 +05:30
2019-12-21 20:55:43 +05:30
DEFAULT_PROTECTED_PATHS = [
'/users/password',
'/users/sign_in',
'/api/v3/session.json',
'/api/v3/session',
'/api/v4/session.json',
'/api/v4/session',
'/users',
'/users/confirmation',
'/unsubscribes/',
2020-01-01 13:55:28 +05:30
'/import/github/personal_access_token',
'/admin/session'
2019-12-21 20:55:43 +05:30
].freeze
2020-01-01 13:55:28 +05:30
DEFAULT_MINIMUM_PASSWORD_LENGTH = 8
2019-06-05 12:25:43 +05:30
class_methods do
2023-04-23 21:23:45 +05:30
def defaults # rubocop:disable Metrics/AbcSize
2019-06-05 12:25:43 +05:30
{
2021-04-29 21:17:54 +05:30
admin_mode: false,
2019-06-05 12:25:43 +05:30
after_sign_up_text: nil,
akismet_enabled: false,
2021-06-08 01:23:25 +05:30
akismet_api_key: nil,
2019-10-12 21:52:04 +05:30
allow_local_requests_from_system_hooks: true,
2020-10-24 23:57:45 +05:30
allow_local_requests_from_web_hooks_and_services: false,
2023-04-23 21:23:45 +05:30
allow_possible_spam: false,
2019-09-04 21:01:54 +05:30
asset_proxy_enabled: false,
2019-06-05 12:25:43 +05:30
authorized_keys_enabled: true, # TODO default to false if the instance is configured to use AuthorizedKeysCommand
2019-09-04 21:01:54 +05:30
commit_email_hostname: default_commit_email_hostname,
2020-04-22 19:07:51 +05:30
container_expiration_policies_enable_historic_entries: false,
2020-05-24 23:13:21 +05:30
container_registry_features: [],
2019-06-05 12:25:43 +05:30
container_registry_token_expire_delay: 5,
2020-05-24 23:13:21 +05:30
container_registry_vendor: '',
container_registry_version: '',
2020-10-24 23:57:45 +05:30
custom_http_clone_url_root: nil,
2019-06-05 12:25:43 +05:30
default_artifacts_expire_in: '30 days',
2020-10-24 23:57:45 +05:30
default_branch_name: nil,
2019-06-05 12:25:43 +05:30
default_branch_protection: Settings.gitlab['default_branch_protection'],
2019-12-26 22:10:19 +05:30
default_ci_config_path: nil,
2019-06-05 12:25:43 +05:30
default_group_visibility: Settings.gitlab.default_projects_features['visibility_level'],
default_project_creation: Settings.gitlab['default_project_creation'],
default_project_visibility: Settings.gitlab.default_projects_features['visibility_level'],
default_projects_limit: Settings.gitlab['default_projects_limit'],
default_snippet_visibility: Settings.gitlab.default_projects_features['visibility_level'],
2023-05-27 22:25:52 +05:30
deny_all_requests_except_allowed: false,
2019-09-04 21:01:54 +05:30
diff_max_patch_bytes: Gitlab::Git::Diff::DEFAULT_MAX_PATCH_BYTES,
2021-09-04 01:27:46 +05:30
diff_max_files: Commit::DEFAULT_MAX_DIFF_FILES_SETTING,
diff_max_lines: Commit::DEFAULT_MAX_DIFF_LINES_SETTING,
2023-01-13 00:05:48 +05:30
disable_admin_oauth_scopes: false,
2021-02-22 17:27:13 +05:30
disable_feed_token: false,
2019-06-05 12:25:43 +05:30
disabled_oauth_sign_in_sources: [],
2019-09-04 21:01:54 +05:30
dns_rebinding_protection_enabled: true,
2021-01-29 00:20:46 +05:30
domain_allowlist: Settings.gitlab['domain_allowlist'],
2022-06-21 17:19:12 +05:30
dsa_key_restriction: default_min_key_size(:dsa),
ecdsa_key_restriction: default_min_key_size(:ecdsa),
ecdsa_sk_key_restriction: default_min_key_size(:ecdsa_sk),
ed25519_key_restriction: default_min_key_size(:ed25519),
ed25519_sk_key_restriction: default_min_key_size(:ed25519_sk),
2019-12-26 22:10:19 +05:30
eks_access_key_id: nil,
2020-10-24 23:57:45 +05:30
eks_account_id: nil,
eks_integration_enabled: false,
2019-12-26 22:10:19 +05:30
eks_secret_access_key: nil,
2023-03-04 22:38:38 +05:30
email_confirmation_setting: 'off',
2020-04-08 14:13:33 +05:30
email_restrictions_enabled: false,
email_restrictions: nil,
2021-04-29 21:17:54 +05:30
external_pipeline_validation_service_timeout: nil,
external_pipeline_validation_service_token: nil,
external_pipeline_validation_service_url: nil,
2019-06-05 12:25:43 +05:30
first_day_of_week: 0,
2021-06-08 01:23:25 +05:30
floc_enabled: false,
2019-06-05 12:25:43 +05:30
gitaly_timeout_default: 55,
gitaly_timeout_fast: 10,
gitaly_timeout_medium: 30,
2020-11-24 15:15:51 +05:30
gitpod_enabled: false,
gitpod_url: 'https://gitpod.io/',
2019-06-05 12:25:43 +05:30
gravatar_enabled: Settings.gravatar['enabled'],
2020-10-24 23:57:45 +05:30
group_download_export_limit: 1,
group_export_limit: 6,
group_import_limit: 6,
2019-06-05 12:25:43 +05:30
help_page_hide_commercial_content: false,
help_page_text: nil,
2023-06-20 00:43:36 +05:30
help_page_documentation_base_url: 'https://docs.gitlab.com',
2019-06-05 12:25:43 +05:30
hide_third_party_offers: false,
housekeeping_enabled: true,
housekeeping_full_repack_period: 50,
housekeeping_gc_period: 200,
housekeeping_incremental_repack_period: 10,
import_sources: Settings.gitlab['import_sources'],
2021-03-08 18:12:59 +05:30
invisible_captcha_enabled: false,
2020-04-22 19:07:51 +05:30
issues_create_limit: 300,
2022-07-23 23:45:48 +05:30
jira_connect_application_key: nil,
2023-04-23 21:23:45 +05:30
jira_connect_public_key_storage_enabled: false,
2023-01-13 00:05:48 +05:30
jira_connect_proxy_url: nil,
2019-09-04 21:01:54 +05:30
local_markdown_version: 0,
2020-10-24 23:57:45 +05:30
login_recaptcha_protection_enabled: false,
2021-09-30 23:02:18 +05:30
mailgun_signing_key: nil,
mailgun_events_enabled: false,
2019-06-05 12:25:43 +05:30
max_artifacts_size: Settings.artifacts['max_size'],
max_attachment_size: Settings.gitlab['max_attachment_size'],
2022-07-16 23:28:13 +05:30
max_export_size: 0,
2021-03-08 18:12:59 +05:30
max_import_size: 0,
2023-03-04 22:38:38 +05:30
max_terraform_state_size_bytes: 0,
2021-11-11 11:23:49 +05:30
max_yaml_size_bytes: 1.megabyte,
max_yaml_depth: 100,
2020-10-24 23:57:45 +05:30
minimum_password_length: DEFAULT_MINIMUM_PASSWORD_LENGTH,
2019-06-05 12:25:43 +05:30
mirror_available: true,
2021-03-11 19:13:27 +05:30
notes_create_limit: 300,
notes_create_limit_allowlist: [],
2020-07-28 23:09:34 +05:30
notify_on_unknown_sign_in: true,
2019-10-12 21:52:04 +05:30
outbound_local_requests_whitelist: [],
2019-06-05 12:25:43 +05:30
password_authentication_enabled_for_git: true,
password_authentication_enabled_for_web: Settings.gitlab['signin_enabled'],
performance_bar_allowed_group_id: nil,
2022-08-27 11:52:29 +05:30
personal_access_token_prefix: 'glpat-',
2019-06-05 12:25:43 +05:30
plantuml_enabled: false,
plantuml_url: nil,
polling_interval_multiplier: 1,
2020-10-24 23:57:45 +05:30
productivity_analytics_start_date: Time.current,
project_download_export_limit: 1,
2019-06-05 12:25:43 +05:30
project_export_enabled: true,
2020-10-24 23:57:45 +05:30
project_export_limit: 6,
project_import_limit: 6,
2020-05-24 23:13:21 +05:30
protected_ci_variables: true,
2020-10-24 23:57:45 +05:30
protected_paths: DEFAULT_PROTECTED_PATHS,
2019-12-21 20:55:43 +05:30
push_event_activities_limit: 3,
2020-10-24 23:57:45 +05:30
push_event_hooks_limit: 3,
2019-10-12 21:52:04 +05:30
raw_blob_request_limit: 300,
2019-06-05 12:25:43 +05:30
recaptcha_enabled: false,
repository_checks_enabled: true,
2021-04-17 20:07:23 +05:30
repository_storages_weighted: { 'default' => 100 },
2020-10-24 23:57:45 +05:30
repository_storages: ['default'],
2021-01-29 00:20:46 +05:30
require_admin_approval_after_user_signup: true,
2019-06-05 12:25:43 +05:30
require_two_factor_authentication: false,
restricted_visibility_levels: Settings.gitlab['restricted_visibility_levels'],
2022-06-21 17:19:12 +05:30
rsa_key_restriction: default_min_key_size(:rsa),
2020-10-24 23:57:45 +05:30
session_expire_delay: Settings.gitlab['session_expire_delay'],
2019-06-05 12:25:43 +05:30
shared_runners_enabled: Settings.gitlab_ci['shared_runners_enabled'],
shared_runners_text: nil,
2021-12-11 22:18:48 +05:30
sidekiq_job_limiter_mode: Gitlab::SidekiqMiddleware::SizeLimiter::Validator::COMPRESS_MODE,
sidekiq_job_limiter_compression_threshold_bytes: Gitlab::SidekiqMiddleware::SizeLimiter::Validator::DEFAULT_COMPRESSION_THRESHOLD_BYTES,
sidekiq_job_limiter_limit_bytes: Gitlab::SidekiqMiddleware::SizeLimiter::Validator::DEFAULT_SIZE_LIMIT,
2019-06-05 12:25:43 +05:30
sign_in_text: nil,
signup_enabled: Settings.gitlab['signup_enabled'],
2020-10-24 23:57:45 +05:30
snippet_size_limit: 50.megabytes,
snowplow_app_id: nil,
snowplow_collector_hostname: nil,
snowplow_cookie_domain: nil,
snowplow_enabled: false,
2019-12-26 22:10:19 +05:30
sourcegraph_enabled: false,
sourcegraph_public_only: true,
2020-10-24 23:57:45 +05:30
sourcegraph_url: nil,
2020-06-23 00:09:42 +05:30
spam_check_endpoint_enabled: false,
spam_check_endpoint_url: nil,
2021-06-08 01:23:25 +05:30
spam_check_api_key: nil,
2021-11-18 22:05:49 +05:30
suggest_pipeline_enabled: true,
2019-06-05 12:25:43 +05:30
terminal_max_session_time: 0,
throttle_authenticated_api_enabled: false,
throttle_authenticated_api_period_in_seconds: 3600,
throttle_authenticated_api_requests_per_period: 7200,
2021-11-11 11:23:49 +05:30
throttle_authenticated_git_lfs_enabled: false,
throttle_authenticated_git_lfs_period_in_seconds: 60,
throttle_authenticated_git_lfs_requests_per_period: 1000,
2019-06-05 12:25:43 +05:30
throttle_authenticated_web_enabled: false,
throttle_authenticated_web_period_in_seconds: 3600,
throttle_authenticated_web_requests_per_period: 7200,
2021-06-08 01:23:25 +05:30
throttle_authenticated_packages_api_enabled: false,
throttle_authenticated_packages_api_period_in_seconds: 15,
throttle_authenticated_packages_api_requests_per_period: 1000,
2021-11-11 11:23:49 +05:30
throttle_authenticated_files_api_enabled: false,
throttle_authenticated_files_api_period_in_seconds: 15,
throttle_authenticated_files_api_requests_per_period: 500,
2021-11-18 22:05:49 +05:30
throttle_authenticated_deprecated_api_enabled: false,
throttle_authenticated_deprecated_api_period_in_seconds: 3600,
throttle_authenticated_deprecated_api_requests_per_period: 3600,
2020-10-24 23:57:45 +05:30
throttle_incident_management_notification_enabled: false,
throttle_incident_management_notification_per_period: 3600,
throttle_incident_management_notification_period_in_seconds: 3600,
2019-12-21 20:55:43 +05:30
throttle_protected_paths_enabled: false,
throttle_protected_paths_in_seconds: 10,
throttle_protected_paths_per_period: 60,
2021-11-11 11:23:49 +05:30
throttle_unauthenticated_api_enabled: false,
throttle_unauthenticated_api_period_in_seconds: 3600,
throttle_unauthenticated_api_requests_per_period: 3600,
2020-10-24 23:57:45 +05:30
throttle_unauthenticated_enabled: false,
throttle_unauthenticated_period_in_seconds: 3600,
throttle_unauthenticated_requests_per_period: 3600,
2021-06-08 01:23:25 +05:30
throttle_unauthenticated_packages_api_enabled: false,
throttle_unauthenticated_packages_api_period_in_seconds: 15,
throttle_unauthenticated_packages_api_requests_per_period: 800,
2021-11-11 11:23:49 +05:30
throttle_unauthenticated_files_api_enabled: false,
throttle_unauthenticated_files_api_period_in_seconds: 15,
throttle_unauthenticated_files_api_requests_per_period: 125,
2021-11-18 22:05:49 +05:30
throttle_unauthenticated_deprecated_api_enabled: false,
throttle_unauthenticated_deprecated_api_period_in_seconds: 3600,
throttle_unauthenticated_deprecated_api_requests_per_period: 1800,
2019-09-30 21:07:59 +05:30
time_tracking_limit_to_hours: false,
2019-06-05 12:25:43 +05:30
two_factor_grace_period: 48,
unique_ips_limit_enabled: false,
unique_ips_limit_per_user: 10,
unique_ips_limit_time_window: 3600,
usage_ping_enabled: Settings.gitlab['usage_ping_enabled'],
2020-10-24 23:57:45 +05:30
usage_stats_set_by_user_id: nil,
2019-06-05 12:25:43 +05:30
user_default_external: false,
user_default_internal_regex: nil,
user_show_add_ssh_key_message: true,
2021-09-30 23:02:18 +05:30
valid_runner_registrars: VALID_RUNNER_REGISTRAR_TYPES,
2020-11-24 15:15:51 +05:30
wiki_page_max_content_bytes: 50.megabytes,
2022-08-13 15:12:31 +05:30
package_registry_cleanup_policies_worker_capacity: 2,
2021-01-29 00:20:46 +05:30
container_registry_delete_tags_service_timeout: 250,
2022-05-07 20:08:51 +05:30
container_registry_expiration_policies_worker_capacity: 4,
container_registry_cleanup_tags_service_max_list_size: 200,
container_registry_expiration_policies_caching: true,
2022-03-02 08:16:31 +05:30
container_registry_import_max_tags_count: 100,
container_registry_import_max_retries: 3,
container_registry_import_start_max_retries: 50,
container_registry_import_max_step_duration: 5.minutes,
2022-07-23 23:45:48 +05:30
container_registry_pre_import_tags_rate: 0.5,
2022-07-16 23:28:13 +05:30
container_registry_pre_import_timeout: 30.minutes,
container_registry_import_timeout: 10.minutes,
2022-03-02 08:16:31 +05:30
container_registry_import_target_plan: 'free',
container_registry_import_created_before: '2022-01-23 00:00:00',
2021-02-22 17:27:13 +05:30
kroki_enabled: false,
2021-03-08 18:12:59 +05:30
kroki_url: nil,
2021-03-11 19:13:27 +05:30
kroki_formats: { blockdiag: false, bpmn: false, excalidraw: false },
2021-06-08 01:23:25 +05:30
rate_limiting_response_text: nil,
2021-11-11 11:23:49 +05:30
whats_new_variant: 0,
2022-03-02 08:16:31 +05:30
user_deactivation_emails_enabled: true,
2022-05-07 20:08:51 +05:30
search_rate_limit: 30,
search_rate_limit_unauthenticated: 10,
2022-04-04 11:22:00 +05:30
users_get_by_id_limit: 300,
2022-11-25 23:54:43 +05:30
users_get_by_id_limit_allowlist: [],
2023-03-04 22:38:38 +05:30
can_create_group: true,
2023-03-17 16:20:25 +05:30
bulk_import_enabled: false,
allow_runner_registration_token: true,
2023-05-27 22:25:52 +05:30
user_defaults_to_private_profile: false,
projects_api_rate_limit_unauthenticated: 400,
gitlab_dedicated_instance: false
2023-04-23 21:23:45 +05:30
}.tap do |hsh|
hsh.merge!(non_production_defaults) unless Rails.env.production?
end
end
def non_production_defaults
{}
2019-06-05 12:25:43 +05:30
end
def default_commit_email_hostname
"users.noreply.#{Gitlab.config.gitlab.host}"
end
2022-06-21 17:19:12 +05:30
# Return the default allowed minimum key size for a type.
# By default this is 0 (unrestricted), but in FIPS mode
# this will return the smallest allowed key size. If no
# size is available, this type is denied.
#
# @return [Integer]
def default_min_key_size(name)
if Gitlab::FIPS.enabled?
Gitlab::SSHPublicKey.supported_sizes(name).select(&:positive?).min || -1
else
0
end
end
2019-06-05 12:25:43 +05:30
def create_from_defaults
build_from_defaults.tap(&:save)
end
def human_attribute_name(attr, _options = {})
if attr == :default_artifacts_expire_in
'Default artifacts expiration'
else
super
end
end
end
def home_page_url_column_exists?
2021-12-11 22:18:48 +05:30
ApplicationSetting.database.cached_column_exists?(:home_page_url)
2019-06-05 12:25:43 +05:30
end
def help_page_support_url_column_exists?
2021-12-11 22:18:48 +05:30
ApplicationSetting.database.cached_column_exists?(:help_page_support_url)
2019-06-05 12:25:43 +05:30
end
def disabled_oauth_sign_in_sources=(sources)
sources = (sources || []).map(&:to_s) & Devise.omniauth_providers.map(&:to_s)
super(sources)
end
2021-01-29 00:20:46 +05:30
def domain_allowlist_raw
2023-04-23 21:23:45 +05:30
array_to_string(domain_allowlist)
2019-06-05 12:25:43 +05:30
end
2021-01-29 00:20:46 +05:30
def domain_denylist_raw
2023-04-23 21:23:45 +05:30
array_to_string(domain_denylist)
2019-06-05 12:25:43 +05:30
end
2021-01-29 00:20:46 +05:30
def domain_allowlist_raw=(values)
self.domain_allowlist = strings_to_array(values)
2019-06-05 12:25:43 +05:30
end
2021-01-29 00:20:46 +05:30
def domain_denylist_raw=(values)
self.domain_denylist = strings_to_array(values)
2019-10-12 21:52:04 +05:30
end
2021-01-29 00:20:46 +05:30
def domain_denylist_file=(file)
self.domain_denylist_raw = file.read
2019-10-12 21:52:04 +05:30
end
2021-01-29 00:20:46 +05:30
def outbound_local_requests_allowlist_raw
2023-04-23 21:23:45 +05:30
array_to_string(outbound_local_requests_whitelist)
2019-10-12 21:52:04 +05:30
end
2021-01-29 00:20:46 +05:30
def outbound_local_requests_allowlist_raw=(values)
clear_memoization(:outbound_local_requests_allowlist_arrays)
2019-10-12 21:52:04 +05:30
2019-12-21 20:55:43 +05:30
self.outbound_local_requests_whitelist = strings_to_array(values)
2019-10-12 21:52:04 +05:30
end
def add_to_outbound_local_requests_whitelist(values_array)
2021-01-29 00:20:46 +05:30
clear_memoization(:outbound_local_requests_allowlist_arrays)
2019-10-12 21:52:04 +05:30
self.outbound_local_requests_whitelist ||= []
self.outbound_local_requests_whitelist += values_array
self.outbound_local_requests_whitelist.uniq!
end
2020-04-08 14:13:33 +05:30
# This method separates out the strings stored in the
# application_setting.outbound_local_requests_whitelist array into 2 arrays;
# an array of IPAddr objects (`[IPAddr.new('127.0.0.1')]`), and an array of
# domain strings (`['www.example.com']`).
2021-01-29 00:20:46 +05:30
def outbound_local_requests_allowlist_arrays
strong_memoize(:outbound_local_requests_allowlist_arrays) do
2019-10-12 21:52:04 +05:30
next [[], []] unless self.outbound_local_requests_whitelist
2021-01-29 00:20:46 +05:30
ip_allowlist, domain_allowlist = separate_allowlists(self.outbound_local_requests_whitelist)
2019-10-12 21:52:04 +05:30
2021-01-29 00:20:46 +05:30
[ip_allowlist, domain_allowlist]
2019-10-12 21:52:04 +05:30
end
2019-09-04 21:01:54 +05:30
end
2019-12-21 20:55:43 +05:30
def protected_paths_raw
2023-04-23 21:23:45 +05:30
array_to_string(protected_paths)
2019-12-21 20:55:43 +05:30
end
def protected_paths_raw=(values)
self.protected_paths = strings_to_array(values)
end
2021-03-11 19:13:27 +05:30
def notes_create_limit_allowlist_raw
2023-04-23 21:23:45 +05:30
array_to_string(notes_create_limit_allowlist)
2021-03-11 19:13:27 +05:30
end
def notes_create_limit_allowlist_raw=(values)
self.notes_create_limit_allowlist = strings_to_array(values).map(&:downcase)
2022-04-04 11:22:00 +05:30
end
def users_get_by_id_limit_allowlist_raw
2023-04-23 21:23:45 +05:30
array_to_string(users_get_by_id_limit_allowlist)
2022-04-04 11:22:00 +05:30
end
def users_get_by_id_limit_allowlist_raw=(values)
self.users_get_by_id_limit_allowlist = strings_to_array(values).map(&:downcase)
2021-03-11 19:13:27 +05:30
end
2019-09-04 21:01:54 +05:30
def asset_proxy_whitelist=(values)
2019-12-21 20:55:43 +05:30
values = strings_to_array(values) if values.is_a?(String)
2019-09-04 21:01:54 +05:30
2021-03-11 19:13:27 +05:30
# make sure we always allow the running host
2019-09-04 21:01:54 +05:30
values << Gitlab.config.gitlab.host unless values.include?(Gitlab.config.gitlab.host)
self[:asset_proxy_whitelist] = values
2019-06-05 12:25:43 +05:30
end
2021-03-11 19:13:27 +05:30
alias_method :asset_proxy_allowlist=, :asset_proxy_whitelist=
def asset_proxy_allowlist
read_attribute(:asset_proxy_whitelist)
end
2019-06-05 12:25:43 +05:30
def repository_storages
Array(read_attribute(:repository_storages))
end
def commit_email_hostname
super.presence || self.class.default_commit_email_hostname
end
def default_project_visibility=(level)
super(Gitlab::VisibilityLevel.level_value(level))
end
def default_snippet_visibility=(level)
super(Gitlab::VisibilityLevel.level_value(level))
end
def default_group_visibility=(level)
super(Gitlab::VisibilityLevel.level_value(level))
end
def restricted_visibility_levels=(levels)
super(levels&.map { |level| Gitlab::VisibilityLevel.level_value(level) })
end
2022-01-26 12:08:38 +05:30
def static_objects_external_storage_auth_token=(token)
if token.present?
set_static_objects_external_storage_auth_token(token)
else
self.static_objects_external_storage_auth_token_encrypted = nil
end
end
2019-06-05 12:25:43 +05:30
def performance_bar_allowed_group
Group.find_by_id(performance_bar_allowed_group_id)
end
# Return true if the Performance Bar is enabled for a given group
def performance_bar_enabled
performance_bar_allowed_group_id.present?
end
2020-06-23 00:09:42 +05:30
def normalized_repository_storage_weights
strong_memoize(:normalized_repository_storage_weights) do
2021-04-17 20:07:23 +05:30
repository_storages_weights = repository_storages_weighted.slice(*Gitlab.config.repositories.storages.keys)
2022-05-07 20:08:51 +05:30
weights_total = repository_storages_weights.values.sum
2020-06-23 00:09:42 +05:30
2021-04-17 20:07:23 +05:30
repository_storages_weights.transform_values do |w|
2020-06-23 00:09:42 +05:30
next w if weights_total == 0
w.to_f / weights_total
end
end
end
# Choose one of the available repository storage options based on a normalized weighted probability.
2019-06-05 12:25:43 +05:30
def pick_repository_storage
2020-06-23 00:09:42 +05:30
normalized_repository_storage_weights.max_by { |_, weight| rand**(1.0 / weight) }.first
2019-06-05 12:25:43 +05:30
end
def runners_registration_token
ensure_runners_registration_token!
end
def health_check_access_token
ensure_health_check_access_token!
end
2022-08-13 15:12:31 +05:30
def error_tracking_access_token
ensure_error_tracking_access_token!
end
2019-06-05 12:25:43 +05:30
def usage_ping_can_be_configured?
Settings.gitlab.usage_ping_enabled
end
2021-09-30 23:02:18 +05:30
def usage_ping_features_enabled?
usage_ping_enabled? && usage_ping_features_enabled
end
2019-06-05 12:25:43 +05:30
def usage_ping_enabled
usage_ping_can_be_configured? && super
end
2021-06-21 23:55:49 +05:30
alias_method :usage_ping_enabled?, :usage_ping_enabled
2019-06-05 12:25:43 +05:30
def allowed_key_types
2022-06-21 17:19:12 +05:30
Gitlab::SSHPublicKey.supported_types.select do |type|
2019-06-05 12:25:43 +05:30
key_restriction_for(type) != FORBIDDEN_KEY_VALUE
end
end
def key_restriction_for(type)
attr_name = "#{type}_key_restriction"
has_attribute?(attr_name) ? public_send(attr_name) : FORBIDDEN_KEY_VALUE # rubocop:disable GitlabSecurity/PublicSend
end
def allow_signup?
signup_enabled? && password_authentication_enabled_for_web?
end
def password_authentication_enabled?
password_authentication_enabled_for_web? || password_authentication_enabled_for_git?
end
def user_default_internal_regex_enabled?
user_default_external? && user_default_internal_regex.present?
end
def user_default_internal_regex_instance
Regexp.new(user_default_internal_regex, Regexp::IGNORECASE)
end
delegate :terms, to: :latest_terms, allow_nil: true
def latest_terms
@latest_terms ||= ApplicationSetting::Term.latest
end
def reset_memoized_terms
@latest_terms = nil # rubocop:disable Gitlab/ModuleWithInstanceVariables
latest_terms
end
def archive_builds_older_than
archive_builds_in_seconds.seconds.ago if archive_builds_in_seconds
end
2019-12-04 20:38:33 +05:30
def static_objects_external_storage_enabled?
static_objects_external_storage_url.present?
end
2022-07-23 23:45:48 +05:30
def ensure_key_restrictions!
return if Gitlab::Database.read_only?
return unless Gitlab::FIPS.enabled?
Gitlab::SSHPublicKey.supported_types.each do |key_type|
set_max_key_restriction!(key_type)
end
end
2019-06-05 12:25:43 +05:30
private
2022-07-23 23:45:48 +05:30
def set_max_key_restriction!(key_type)
attr_name = "#{key_type}_key_restriction"
2023-04-23 21:23:45 +05:30
current = attributes[attr_name].to_i
2022-07-23 23:45:48 +05:30
return if current == KeyRestrictionValidator::FORBIDDEN
min_size = self.class.default_min_key_size(key_type)
new_value =
if min_size == KeyRestrictionValidator::FORBIDDEN
min_size
else
[min_size, current].max
end
2023-04-23 21:23:45 +05:30
assign_attributes({ attr_name => new_value })
2022-07-23 23:45:48 +05:30
end
2021-01-29 00:20:46 +05:30
def separate_allowlists(string_array)
string_array.reduce([[], []]) do |(ip_allowlist, domain_allowlist), string|
2020-04-08 14:13:33 +05:30
address, port = parse_addr_and_port(string)
ip_obj = Gitlab::Utils.string_to_ip_object(address)
if ip_obj
2021-01-29 00:20:46 +05:30
ip_allowlist << Gitlab::UrlBlockers::IpAllowlistEntry.new(ip_obj, port: port)
2020-04-08 14:13:33 +05:30
else
2021-01-29 00:20:46 +05:30
domain_allowlist << Gitlab::UrlBlockers::DomainAllowlistEntry.new(address, port: port)
2020-04-08 14:13:33 +05:30
end
2021-01-29 00:20:46 +05:30
[ip_allowlist, domain_allowlist]
2020-04-08 14:13:33 +05:30
end
end
def parse_addr_and_port(str)
case str
when /\A\[(?<address> .* )\]:(?<port> \d+ )\z/x # string like "[::1]:80"
2021-04-29 21:17:54 +05:30
address = $~[:address]
port = $~[:port]
2020-04-08 14:13:33 +05:30
when /\A(?<address> [^:]+ ):(?<port> \d+ )\z/x # string like "127.0.0.1:80"
2021-04-29 21:17:54 +05:30
address = $~[:address]
port = $~[:port]
2020-04-08 14:13:33 +05:30
else # string with no port number
2021-04-29 21:17:54 +05:30
address = str
port = nil
2020-04-08 14:13:33 +05:30
end
[address, port&.to_i]
end
2019-10-12 21:52:04 +05:30
def array_to_string(arr)
arr&.join("\n")
end
2019-12-21 20:55:43 +05:30
def strings_to_array(values)
2019-10-12 21:52:04 +05:30
return [] unless values
values
2019-12-21 20:55:43 +05:30
.split(STRING_LIST_SEPARATOR)
2019-10-12 21:52:04 +05:30
.map(&:strip)
.reject(&:empty?)
.uniq
end
2019-06-05 12:25:43 +05:30
def ensure_uuid!
return if uuid?
self.uuid = SecureRandom.uuid
end
def check_repository_storages
invalid = repository_storages - Gitlab.config.repositories.storages.keys
errors.add(:repository_storages, "can't include: #{invalid.join(", ")}") unless
invalid.empty?
end
2021-04-17 20:07:23 +05:30
def coerce_repository_storages_weighted
repository_storages_weighted.transform_values!(&:to_i)
end
2020-06-23 00:09:42 +05:30
def check_repository_storages_weighted
invalid = repository_storages_weighted.keys - Gitlab.config.repositories.storages.keys
2021-04-17 20:07:23 +05:30
errors.add(:repository_storages_weighted, _("can't include: %{invalid_storages}") % { invalid_storages: invalid.join(", ") }) unless
2020-06-23 00:09:42 +05:30
invalid.empty?
2020-08-09 18:53:13 +05:30
repository_storages_weighted.each do |key, val|
next unless val.present?
2021-04-17 20:07:23 +05:30
errors.add(:repository_storages_weighted, _("value for '%{storage}' must be an integer") % { storage: key }) unless val.is_a?(Integer)
errors.add(:repository_storages_weighted, _("value for '%{storage}' must be between 0 and 100") % { storage: key }) unless val.between?(0, 100)
2020-08-09 18:53:13 +05:30
end
2020-06-23 00:09:42 +05:30
end
2021-09-30 23:02:18 +05:30
def check_valid_runner_registrars
valid = valid_runner_registrar_combinations.include?(valid_runner_registrars)
errors.add(:valid_runner_registrars, _("%{value} is not included in the list") % { value: valid_runner_registrars }) unless valid
end
def valid_runner_registrar_combinations
0.upto(VALID_RUNNER_REGISTRAR_TYPES.size).flat_map do |n|
VALID_RUNNER_REGISTRAR_TYPES.permutation(n).to_a
end
end
2019-06-05 12:25:43 +05:30
def terms_exist
return unless enforce_terms?
2020-04-08 14:13:33 +05:30
errors.add(:base, _('You need to set terms to be enforced')) unless terms.present?
2019-06-05 12:25:43 +05:30
end
def expire_performance_bar_allowed_user_ids_cache
Gitlab::PerformanceBar.expire_allowed_user_ids_cache
end
end