2021-02-22 17:27:13 +05:30
|
|
|
package upload
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
2022-07-23 23:45:48 +05:30
|
|
|
"io"
|
2021-02-22 17:27:13 +05:30
|
|
|
"net/http"
|
|
|
|
"net/url"
|
|
|
|
"strings"
|
|
|
|
|
2021-10-27 15:23:28 +05:30
|
|
|
"gitlab.com/gitlab-org/gitlab/workhorse/internal/api"
|
|
|
|
"gitlab.com/gitlab-org/gitlab/workhorse/internal/helper"
|
2022-05-07 20:08:51 +05:30
|
|
|
"gitlab.com/gitlab-org/gitlab/workhorse/internal/upload/destination"
|
2021-02-22 17:27:13 +05:30
|
|
|
)
|
|
|
|
|
2022-04-04 11:22:00 +05:30
|
|
|
// RequestBody is a request middleware. It will store the request body to
|
|
|
|
// a location by determined an api.Response value. It then forwards the
|
|
|
|
// request to gitlab-rails without the original request body.
|
|
|
|
func RequestBody(rails PreAuthorizer, h http.Handler, p Preparer) http.Handler {
|
2021-02-22 17:27:13 +05:30
|
|
|
return rails.PreAuthorizeHandler(func(w http.ResponseWriter, r *http.Request, a *api.Response) {
|
2022-07-16 23:28:13 +05:30
|
|
|
opts, err := p.Prepare(a)
|
2021-02-22 17:27:13 +05:30
|
|
|
if err != nil {
|
2022-04-04 11:22:00 +05:30
|
|
|
helper.Fail500(w, r, fmt.Errorf("RequestBody: preparation failed: %v", err))
|
2021-02-22 17:27:13 +05:30
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2022-07-23 23:45:48 +05:30
|
|
|
fh, err := destination.Upload(r.Context(), r.Body, r.ContentLength, "upload", opts)
|
2021-02-22 17:27:13 +05:30
|
|
|
if err != nil {
|
2022-04-04 11:22:00 +05:30
|
|
|
helper.Fail500(w, r, fmt.Errorf("RequestBody: upload failed: %v", err))
|
2021-02-22 17:27:13 +05:30
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
data := url.Values{}
|
|
|
|
fields, err := fh.GitLabFinalizeFields("file")
|
|
|
|
if err != nil {
|
2022-04-04 11:22:00 +05:30
|
|
|
helper.Fail500(w, r, fmt.Errorf("RequestBody: finalize fields failed: %v", err))
|
2021-02-22 17:27:13 +05:30
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
for k, v := range fields {
|
|
|
|
data.Set(k, v)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Hijack body
|
|
|
|
body := data.Encode()
|
2022-07-23 23:45:48 +05:30
|
|
|
r.Body = io.NopCloser(strings.NewReader(body))
|
2021-02-22 17:27:13 +05:30
|
|
|
r.ContentLength = int64(len(body))
|
|
|
|
r.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
|
|
|
|
sft := SavedFileTracker{Request: r}
|
|
|
|
sft.Track("file", fh.LocalPath)
|
|
|
|
if err := sft.Finalize(r.Context()); err != nil {
|
2022-04-04 11:22:00 +05:30
|
|
|
helper.Fail500(w, r, fmt.Errorf("RequestBody: finalize failed: %v", err))
|
2021-02-22 17:27:13 +05:30
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// And proxy the request
|
|
|
|
h.ServeHTTP(w, r)
|
|
|
|
}, "/authorize")
|
|
|
|
}
|