debian-mirror-gitlab/app/controllers/projects/lfs_api_controller.rb

141 lines
3.3 KiB
Ruby
Raw Normal View History

2018-12-05 23:21:45 +05:30
# frozen_string_literal: true
2016-09-13 17:45:13 +05:30
class Projects::LfsApiController < Projects::GitHttpClientController
2017-08-17 22:00:37 +05:30
include LfsRequest
2019-12-21 20:55:43 +05:30
include Gitlab::Utils::StrongMemoize
2016-09-13 17:45:13 +05:30
2019-12-04 20:38:33 +05:30
LFS_TRANSFER_CONTENT_TYPE = 'application/octet-stream'
2018-11-18 11:00:15 +05:30
2017-08-17 22:00:37 +05:30
skip_before_action :lfs_check_access!, only: [:deprecated]
2018-03-17 18:26:18 +05:30
before_action :lfs_check_batch_operation!, only: [:batch]
2016-09-13 17:45:13 +05:30
def batch
unless objects.present?
render_lfs_not_found
return
end
if download_request?
render json: { objects: download_objects! }
elsif upload_request?
render json: { objects: upload_objects! }
else
raise "Never reached"
end
end
def deprecated
render(
json: {
2019-07-07 11:18:12 +05:30
message: _('Server supports batch API only, please update your Git LFS client to version 1.0.1 and up.'),
2017-09-10 17:25:29 +05:30
documentation_url: "#{Gitlab.config.gitlab.url}/help"
2016-09-13 17:45:13 +05:30
},
2018-11-18 11:00:15 +05:30
status: :not_implemented
2016-09-13 17:45:13 +05:30
)
end
private
2017-08-17 22:00:37 +05:30
def download_request?
params[:operation] == 'download'
end
def upload_request?
params[:operation] == 'upload'
end
2018-12-05 23:21:45 +05:30
# rubocop: disable CodeReuse/ActiveRecord
2016-09-13 17:45:13 +05:30
def existing_oids
@existing_oids ||= begin
2018-05-09 12:01:36 +05:30
project.all_lfs_objects.where(oid: objects.map { |o| o['oid'].to_s }).pluck(:oid)
2016-09-13 17:45:13 +05:30
end
end
2018-12-05 23:21:45 +05:30
# rubocop: enable CodeReuse/ActiveRecord
2016-09-13 17:45:13 +05:30
def download_objects!
objects.each do |object|
if existing_oids.include?(object[:oid])
object[:actions] = download_actions(object)
2017-08-17 22:00:37 +05:30
if Guest.can?(:download_code, project)
object[:authenticated] = true
end
2016-09-13 17:45:13 +05:30
else
object[:error] = {
code: 404,
2019-07-07 11:18:12 +05:30
message: _("Object does not exist on the server or you don't have permissions to access it")
2016-09-13 17:45:13 +05:30
}
end
end
objects
end
def upload_objects!
objects.each do |object|
object[:actions] = upload_actions(object) unless existing_oids.include?(object[:oid])
end
objects
end
def download_actions(object)
{
download: {
href: "#{project.http_url_to_repo}/gitlab-lfs/objects/#{object[:oid]}",
header: {
2019-12-21 20:55:43 +05:30
Authorization: authorization_header
2016-09-13 17:45:13 +05:30
}.compact
}
}
end
def upload_actions(object)
{
upload: {
href: "#{project.http_url_to_repo}/gitlab-lfs/objects/#{object[:oid]}/#{object[:size]}",
header: {
2019-12-21 20:55:43 +05:30
Authorization: authorization_header,
2018-11-18 11:00:15 +05:30
# git-lfs v2.5.0 sets the Content-Type based on the uploaded file. This
# ensures that Workhorse can intercept the request.
'Content-Type': LFS_TRANSFER_CONTENT_TYPE
2016-09-13 17:45:13 +05:30
}.compact
}
}
end
2018-03-17 18:26:18 +05:30
def lfs_check_batch_operation!
2018-11-08 19:23:39 +05:30
if batch_operation_disallowed?
2018-03-17 18:26:18 +05:30
render(
json: {
message: lfs_read_only_message
},
content_type: LfsRequest::CONTENT_TYPE,
2019-12-26 22:10:19 +05:30
status: :forbidden
2018-03-17 18:26:18 +05:30
)
end
end
2018-11-08 19:23:39 +05:30
# Overridden in EE
def batch_operation_disallowed?
upload_request? && Gitlab::Database.read_only?
end
2018-03-17 18:26:18 +05:30
# Overridden in EE
def lfs_read_only_message
_('You cannot write to this read-only GitLab instance.')
end
2019-12-21 20:55:43 +05:30
def authorization_header
strong_memoize(:authorization_header) do
lfs_auth_header || request.headers['Authorization']
end
end
def lfs_auth_header
return unless user.is_a?(User)
Gitlab::LfsToken.new(user).basic_encoding
end
2016-09-13 17:45:13 +05:30
end
2019-12-04 20:38:33 +05:30
Projects::LfsApiController.prepend_if_ee('EE::Projects::LfsApiController')