debian-mirror-gitlab/app/controllers/projects/application_controller.rb

# frozen_string_literal: true

class Projects::ApplicationController < ApplicationController
  include CookiesHelper
  include RoutableActions
  include ChecksCollaboration

  skip_before_action :authenticate_user!
  before_action :project
  before_action :repository
  layout 'project'

  helper_method :repository, :can_collaborate_with_project?, :user_access

  rescue_from Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError do |exception|
    log_exception(exception)
    render_404
  end

  private

  def project
    return @project if @project
    return unless params[:project_id] || params[:id]

    path = File.join(params[:namespace_id], params[:project_id] || params[:id])
    auth_proc = ->(project) { !project.pending_delete? }

    @project = find_routable!(Project, path, extra_authorization_proc: auth_proc)
  end

  def build_canonical_path(project)
    params[:namespace_id] = project.namespace.to_param
    params[:project_id] = project.to_param

    url_for(safe_params)
  end

  def repository
    @repository ||= project.repository
  end

  def authorize_action!(action)
    unless can?(current_user, action, project)
      return access_denied!
    end
  end

  def check_project_feature_available!(feature)
    render_404 unless project.feature_available?(feature, current_user)
  end

  def check_issuables_available!
    render_404 unless project.feature_available?(:issues, current_user) ||
        project.feature_available?(:merge_requests, current_user)
  end

  def method_missing(method_sym, *arguments, &block)
    case method_sym.to_s
    when /\Aauthorize_(.*)!\z/
      authorize_action!($1.to_sym)
    when /\Acheck_(.*)_available!\z/
      check_project_feature_available!($1.to_sym)
    else
      super
    end
  end

  def require_non_empty_project
    # Be sure to return status code 303 to avoid a double DELETE:
    # http://api.rubyonrails.org/classes/ActionController/Redirecting.html
    redirect_to project_path(@project), status: :see_other if @project.empty_repo?
  end

  def require_branch_head
    unless @repository.branch_exists?(@ref)
      redirect_to(
        project_tree_path(@project, @ref),
        notice: "This action is not allowed unless you are on a branch"
      )
    end
  end

  def apply_diff_view_cookie!
    set_secure_cookie(:diff_view, params.delete(:view), permanent: true) if params[:view].present?
  end

  def require_pages_enabled!
    not_found unless @project.pages_available?
  end

  def check_issues_available!
    return render_404 unless @project.feature_available?(:issues, current_user)
  end
end
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# frozen_string_literal: true`

Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`class Projects::ApplicationController < ApplicationController`
New upstream version 11.3.10+dfsg 2018-11-20 20:47:30 +05:30			`include CookiesHelper`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`include RoutableActions`
New upstream version 10.7.3+dfsg 2018-05-09 12:01:36 +05:30			`include ChecksCollaboration`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`skip_before_action :authenticate_user!`
Imported Upstream version 7.14.3 2015-09-11 14:41:01 +05:30			`before_action :project`
			`before_action :repository`
			`layout 'project'`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30
New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`helper_method :repository, :can_collaborate_with_project?, :user_access`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`rescue_from Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError do \|exception\|`
			`log_exception(exception)`
			`render_404`
			`end`

Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`private`

			`def project`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`return @project if @project`
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`return unless params[:project_id] \|\| params[:id]`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
			`path = File.join(params[:namespace_id], params[:project_id] \|\| params[:id])`
			`auth_proc = ->(project) { !project.pending_delete? }`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30
New upstream version 12.0.8 2019-09-04 21:01:54 +05:30			`@project = find_routable!(Project, path, extra_authorization_proc: auth_proc)`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`

			`def build_canonical_path(project)`
			`params[:namespace_id] = project.namespace.to_param`
			`params[:project_id] = project.to_param`

New upstream version 10.7.6+dfsg 2018-06-27 16:04:02 +05:30			`url_for(safe_params)`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`end`

			`def repository`
			`@repository \|\|= project.repository`
			`end`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`def authorize_action!(action)`
			`unless can?(current_user, action, project)`
			`return access_denied!`
			`end`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`end`

New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`def check_project_feature_available!(feature)`
			`render_404 unless project.feature_available?(feature, current_user)`
			`end`

			`def check_issuables_available!`
			`render_404 unless project.feature_available?(:issues, current_user) \|\|`
			`project.feature_available?(:merge_requests, current_user)`
			`end`

Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`def method_missing(method_sym, *arguments, &block)`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`case method_sym.to_s`
			`when /\Aauthorize_(.*)!\z/`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`authorize_action!($1.to_sym)`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`when /\Acheck_(.*)_available!\z/`
			`check_project_feature_available!($1.to_sym)`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`else`
			`super`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`end`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`def require_non_empty_project`
			`# Be sure to return status code 303 to avoid a double DELETE:`
			`# http://api.rubyonrails.org/classes/ActionController/Redirecting.html`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`redirect_to project_path(@project), status: :see_other if @project.empty_repo?`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`

			`def require_branch_head`
Imported Upstream version 8.9.0+dfsg 2016-06-22 15:30:34 +05:30			`unless @repository.branch_exists?(@ref)`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`redirect_to(`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`project_tree_path(@project, @ref),`
Imported Upstream version 8.3.0+dfsg 2015-12-23 02:04:40 +05:30			`notice: "This action is not allowed unless you are on a branch"`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`)`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`
			`end`
Imported Upstream version 8.1.0 2015-10-24 18:46:33 +05:30
Imported Upstream version 8.5.8+dfsg 2016-04-02 18:10:28 +05:30			`def apply_diff_view_cookie!`
New upstream version 11.3.10+dfsg 2018-11-20 20:47:30 +05:30			`set_secure_cookie(:diff_view, params.delete(:view), permanent: true) if params[:view].present?`
Imported Upstream version 8.5.8+dfsg 2016-04-02 18:10:28 +05:30			`end`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`def require_pages_enabled!`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`not_found unless @project.pages_available?`
			`end`

			`def check_issues_available!`
			`return render_404 unless @project.feature_available?(:issues, current_user)`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`end`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`