2018-11-18 11:00:15 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2014-09-02 18:07:02 +05:30
|
|
|
module Projects
|
|
|
|
class CreateService < BaseService
|
2019-07-07 11:18:12 +05:30
|
|
|
include ValidatesClassificationLabel
|
|
|
|
|
2022-07-16 23:28:13 +05:30
|
|
|
ImportSourceDisabledError = Class.new(StandardError)
|
|
|
|
INTERNAL_IMPORT_SOURCES = %w[bare_repository gitlab_custom_project_template gitlab_project_migration].freeze
|
|
|
|
|
2014-09-02 18:07:02 +05:30
|
|
|
def initialize(user, params)
|
2021-04-29 21:17:54 +05:30
|
|
|
@current_user = user
|
|
|
|
@params = params.dup
|
|
|
|
@skip_wiki = @params.delete(:skip_wiki)
|
2021-11-18 22:05:49 +05:30
|
|
|
@initialize_with_sast = Gitlab::Utils.to_boolean(@params.delete(:initialize_with_sast))
|
2018-11-08 19:23:39 +05:30
|
|
|
@initialize_with_readme = Gitlab::Utils.to_boolean(@params.delete(:initialize_with_readme))
|
2021-04-29 21:17:54 +05:30
|
|
|
@import_data = @params.delete(:import_data)
|
|
|
|
@relations_block = @params.delete(:relations_block)
|
2021-09-04 01:27:46 +05:30
|
|
|
@default_branch = @params.delete(:default_branch)
|
2021-11-11 11:23:49 +05:30
|
|
|
@readme_template = @params.delete(:readme_template)
|
2021-09-04 01:27:46 +05:30
|
|
|
|
|
|
|
build_topics
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
def execute
|
2019-12-21 20:55:43 +05:30
|
|
|
if create_from_template?
|
2017-09-10 17:25:29 +05:30
|
|
|
return ::Projects::CreateFromTemplateService.new(current_user, params).execute
|
|
|
|
end
|
|
|
|
|
2014-09-02 18:07:02 +05:30
|
|
|
@project = Project.new(params)
|
|
|
|
|
2022-07-16 23:28:13 +05:30
|
|
|
validate_import_source_enabled!
|
|
|
|
|
2021-04-17 20:07:23 +05:30
|
|
|
@project.visibility_level = @project.group.visibility_level unless @project.visibility_level_allowed_by_group?
|
|
|
|
|
2021-01-03 14:25:43 +05:30
|
|
|
# If a project is newly created it should have shared runners settings
|
|
|
|
# based on its group having it enabled. This is like the "default value"
|
|
|
|
@project.shared_runners_enabled = false if !params.key?(:shared_runners_enabled) && @project.group && @project.group.shared_runners_setting != 'enabled'
|
|
|
|
|
2016-06-02 11:05:42 +05:30
|
|
|
# Make sure that the user is allowed to use the specified visibility level
|
2019-09-04 21:01:54 +05:30
|
|
|
if project_visibility.restricted?
|
|
|
|
deny_visibility_level(@project, project_visibility.visibility_level)
|
2015-04-26 12:48:37 +05:30
|
|
|
return @project
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
set_project_name_from_path
|
2014-09-02 18:07:02 +05:30
|
|
|
|
|
|
|
# get namespace id
|
|
|
|
namespace_id = params[:namespace_id]
|
|
|
|
|
|
|
|
if namespace_id
|
|
|
|
# Find matching namespace and check if it allowed
|
|
|
|
# for current user if namespace_id passed.
|
2021-12-11 22:18:48 +05:30
|
|
|
unless current_user.can?(:create_projects, parent_namespace)
|
2014-09-02 18:07:02 +05:30
|
|
|
@project.namespace_id = nil
|
|
|
|
deny_namespace
|
|
|
|
return @project
|
|
|
|
end
|
|
|
|
else
|
|
|
|
# Set current user namespace if namespace_id is nil
|
|
|
|
@project.namespace_id = current_user.namespace_id
|
|
|
|
end
|
|
|
|
|
2019-09-04 21:01:54 +05:30
|
|
|
@relations_block&.call(@project)
|
2018-03-17 18:26:18 +05:30
|
|
|
yield(@project) if block_given?
|
|
|
|
|
2019-07-07 11:18:12 +05:30
|
|
|
validate_classification_label(@project, :external_authorization_classification_label)
|
|
|
|
|
2018-10-15 14:42:47 +05:30
|
|
|
# If the block added errors, don't try to save the project
|
|
|
|
return @project if @project.errors.any?
|
|
|
|
|
2014-09-02 18:07:02 +05:30
|
|
|
@project.creator = current_user
|
|
|
|
|
2019-09-04 21:01:54 +05:30
|
|
|
save_project_and_import_data
|
2014-09-02 18:07:02 +05:30
|
|
|
|
2021-10-27 15:23:28 +05:30
|
|
|
Gitlab::ApplicationContext.with_context(project: @project) do
|
2020-10-24 23:57:45 +05:30
|
|
|
after_create_actions if @project.persisted?
|
2015-04-26 12:48:37 +05:30
|
|
|
|
2020-10-24 23:57:45 +05:30
|
|
|
import_schedule
|
|
|
|
end
|
2017-09-10 17:25:29 +05:30
|
|
|
|
2014-09-02 18:07:02 +05:30
|
|
|
@project
|
2017-08-17 22:00:37 +05:30
|
|
|
rescue ActiveRecord::RecordInvalid => e
|
2021-01-29 00:20:46 +05:30
|
|
|
message = "Unable to save #{e.inspect}: #{e.record.errors.full_messages.join(", ")}"
|
2017-08-17 22:00:37 +05:30
|
|
|
fail(error: message)
|
2022-07-16 23:28:13 +05:30
|
|
|
rescue ImportSourceDisabledError => e
|
|
|
|
@project.errors.add(:import_source_disabled, e.message) if @project
|
|
|
|
fail(error: e.message)
|
2021-06-08 01:23:25 +05:30
|
|
|
rescue StandardError => e
|
2018-11-08 19:23:39 +05:30
|
|
|
@project.errors.add(:base, e.message) if @project
|
2016-06-16 23:09:34 +05:30
|
|
|
fail(error: e.message)
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
protected
|
|
|
|
|
|
|
|
def deny_namespace
|
|
|
|
@project.errors.add(:namespace, "is not valid")
|
|
|
|
end
|
|
|
|
|
2015-04-26 12:48:37 +05:30
|
|
|
def after_create_actions
|
2022-04-04 11:22:00 +05:30
|
|
|
log_info("#{current_user.name} created a new project \"#{@project.full_name}\"")
|
2015-04-26 12:48:37 +05:30
|
|
|
|
2021-11-11 11:23:49 +05:30
|
|
|
if @project.import?
|
|
|
|
experiment(:combined_registration, user: current_user).track(:import_project)
|
|
|
|
else
|
|
|
|
# Skip writing the config for project imports/forks because it
|
|
|
|
# will always fail since the Git directory doesn't exist until
|
|
|
|
# a background job creates it (see Project#add_import_job).
|
|
|
|
@project.set_full_path
|
|
|
|
end
|
2020-07-28 23:09:34 +05:30
|
|
|
|
2016-06-22 15:30:34 +05:30
|
|
|
unless @project.gitlab_project_import?
|
2016-11-03 12:29:30 +05:30
|
|
|
@project.create_wiki unless skip_wiki?
|
2016-06-22 15:30:34 +05:30
|
|
|
end
|
2015-09-25 12:07:36 +05:30
|
|
|
|
2019-02-15 15:39:39 +05:30
|
|
|
@project.track_project_repository
|
2022-06-21 17:19:12 +05:30
|
|
|
|
|
|
|
create_project_settings
|
2019-02-15 15:39:39 +05:30
|
|
|
|
2021-10-27 15:23:28 +05:30
|
|
|
yield if block_given?
|
|
|
|
|
2015-04-26 12:48:37 +05:30
|
|
|
event_service.create_project(@project, current_user)
|
|
|
|
system_hook_service.execute_hooks_for(@project, :create)
|
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
setup_authorizations
|
2018-05-09 12:01:36 +05:30
|
|
|
|
|
|
|
current_user.invalidate_personal_projects_count
|
2021-04-29 21:17:54 +05:30
|
|
|
|
2021-09-30 23:02:18 +05:30
|
|
|
Projects::PostCreationWorker.perform_async(@project.id)
|
2018-11-08 19:23:39 +05:30
|
|
|
|
|
|
|
create_readme if @initialize_with_readme
|
2021-11-18 22:05:49 +05:30
|
|
|
create_sast_commit if @initialize_with_sast
|
2018-03-17 18:26:18 +05:30
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
|
2022-06-21 17:19:12 +05:30
|
|
|
def create_project_settings
|
2022-07-16 23:28:13 +05:30
|
|
|
@project.project_setting.save if @project.project_setting.changed?
|
2022-06-21 17:19:12 +05:30
|
|
|
end
|
|
|
|
|
2020-07-28 23:09:34 +05:30
|
|
|
# Add an authorization for the current user authorizations inline
|
|
|
|
# (so they can access the project immediately after this request
|
|
|
|
# completes), and any other affected users in the background
|
2018-03-17 18:26:18 +05:30
|
|
|
def setup_authorizations
|
|
|
|
if @project.group
|
2020-11-24 15:15:51 +05:30
|
|
|
group_access_level = @project.group.max_member_access_for_user(current_user,
|
|
|
|
only_concrete_membership: true)
|
|
|
|
|
|
|
|
if group_access_level > GroupMember::NO_ACCESS
|
2021-01-29 00:20:46 +05:30
|
|
|
current_user.project_authorizations.safe_find_or_create_by!(
|
|
|
|
project: @project,
|
|
|
|
access_level: group_access_level)
|
2020-11-24 15:15:51 +05:30
|
|
|
end
|
2020-05-24 23:13:21 +05:30
|
|
|
|
2021-12-11 22:18:48 +05:30
|
|
|
AuthorizedProjectUpdate::ProjectRecalculateWorker.perform_async(@project.id)
|
2021-09-04 01:27:46 +05:30
|
|
|
# AuthorizedProjectsWorker uses an exclusive lease per user but
|
|
|
|
# specialized workers might have synchronization issues. Until we
|
|
|
|
# compare the inconsistency rates of both approaches, we still run
|
|
|
|
# AuthorizedProjectsWorker but with some delay and lower urgency as a
|
|
|
|
# safety net.
|
|
|
|
@project.group.refresh_members_authorized_projects(
|
|
|
|
blocking: false,
|
|
|
|
priority: UserProjectAccessChangedService::LOW_PRIORITY
|
|
|
|
)
|
2018-03-17 18:26:18 +05:30
|
|
|
else
|
2022-05-07 20:08:51 +05:30
|
|
|
@project.add_owner(@project.namespace.owner, current_user: current_user)
|
2022-07-16 23:28:13 +05:30
|
|
|
# During the process of adding a project owner, a check on permissions is made on the user which caches
|
|
|
|
# the max member access for that user on this project.
|
|
|
|
# Since that is `0` before the member is created - and we are still inside the request
|
|
|
|
# cycle when we need to do other operations that might check those permissions (e.g. write a commit)
|
|
|
|
# we need to purge that cache so that the updated permissions is fetched instead of using the outdated cached value of 0
|
|
|
|
# from before member creation
|
|
|
|
@project.team.purge_member_access_cache_for_user_id(@project.namespace.owner.id)
|
2018-03-17 18:26:18 +05:30
|
|
|
end
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|
2015-04-26 12:48:37 +05:30
|
|
|
|
2018-11-08 19:23:39 +05:30
|
|
|
def create_readme
|
|
|
|
commit_attrs = {
|
2021-09-04 01:27:46 +05:30
|
|
|
branch_name: @default_branch.presence || @project.default_branch_or_main,
|
2018-11-08 19:23:39 +05:30
|
|
|
commit_message: 'Initial commit',
|
|
|
|
file_path: 'README.md',
|
2021-11-11 11:23:49 +05:30
|
|
|
file_content: readme_content
|
2018-11-08 19:23:39 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
Files::CreateService.new(@project, current_user, commit_attrs).execute
|
|
|
|
end
|
|
|
|
|
2021-11-18 22:05:49 +05:30
|
|
|
def create_sast_commit
|
|
|
|
::Security::CiConfiguration::SastCreateService.new(@project, current_user, {}, commit_on_default: true).execute
|
|
|
|
end
|
|
|
|
|
2021-11-11 11:23:49 +05:30
|
|
|
def readme_content
|
2022-04-04 11:22:00 +05:30
|
|
|
@readme_template.presence || ReadmeRendererService.new(@project, current_user).execute
|
2021-11-11 11:23:49 +05:30
|
|
|
end
|
|
|
|
|
2016-11-03 12:29:30 +05:30
|
|
|
def skip_wiki?
|
|
|
|
!@project.feature_available?(:wiki, current_user) || @skip_wiki
|
|
|
|
end
|
|
|
|
|
2019-09-04 21:01:54 +05:30
|
|
|
def save_project_and_import_data
|
2016-06-02 11:05:42 +05:30
|
|
|
Project.transaction do
|
2019-09-04 21:01:54 +05:30
|
|
|
@project.create_or_update_import_data(data: @import_data[:data], credentials: @import_data[:credentials]) if @import_data
|
2016-06-02 11:05:42 +05:30
|
|
|
|
2018-05-09 12:01:36 +05:30
|
|
|
if @project.save
|
2021-10-27 15:23:28 +05:30
|
|
|
Integration.create_from_active_default_integrations(@project, :project_id)
|
2021-01-03 14:25:43 +05:30
|
|
|
|
|
|
|
@project.create_labels unless @project.gitlab_project_import?
|
2018-05-09 12:01:36 +05:30
|
|
|
|
|
|
|
unless @project.import?
|
|
|
|
raise 'Failed to create repository' unless @project.create_repository
|
|
|
|
end
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|
|
|
|
end
|
2015-04-26 12:48:37 +05:30
|
|
|
end
|
2016-06-16 23:09:34 +05:30
|
|
|
|
|
|
|
def fail(error:)
|
|
|
|
message = "Unable to save project. Error: #{error}"
|
2018-05-09 12:01:36 +05:30
|
|
|
log_message = message.dup
|
2016-06-16 23:09:34 +05:30
|
|
|
|
2018-05-09 12:01:36 +05:30
|
|
|
log_message << " Project ID: #{@project.id}" if @project&.id
|
2020-06-23 00:09:42 +05:30
|
|
|
Gitlab::AppLogger.error(log_message)
|
2016-06-16 23:09:34 +05:30
|
|
|
|
2019-07-31 22:56:46 +05:30
|
|
|
if @project && @project.persisted? && @project.import_state
|
|
|
|
@project.import_state.mark_as_failed(message)
|
2016-06-16 23:09:34 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
@project
|
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
|
|
|
|
def set_project_name_from_path
|
2021-03-11 19:13:27 +05:30
|
|
|
# if both name and path set - everything is ok
|
|
|
|
return if @project.name.present? && @project.path.present?
|
|
|
|
|
|
|
|
if @project.path.present?
|
2017-08-17 22:00:37 +05:30
|
|
|
# Set project name from path
|
|
|
|
@project.name = @project.path.dup
|
|
|
|
elsif @project.name.present?
|
|
|
|
# For compatibility - set path from name
|
2021-03-11 19:13:27 +05:30
|
|
|
@project.path = @project.name.dup
|
|
|
|
|
|
|
|
# TODO: Retained for backwards compatibility. Remove in API v5.
|
|
|
|
# When removed, validation errors will get bubbled up automatically.
|
|
|
|
# See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/52725
|
|
|
|
unless @project.path.match?(Gitlab::PathRegex.project_path_format_regex)
|
|
|
|
@project.path = @project.path.parameterize
|
|
|
|
end
|
2017-08-17 22:00:37 +05:30
|
|
|
end
|
|
|
|
end
|
2018-03-17 18:26:18 +05:30
|
|
|
|
2020-05-24 23:13:21 +05:30
|
|
|
def extra_attributes_for_measurement
|
|
|
|
{
|
|
|
|
current_user: current_user&.name,
|
2021-12-11 22:18:48 +05:30
|
|
|
project_full_path: "#{parent_namespace&.full_path}/#{@params[:path]}"
|
2020-05-24 23:13:21 +05:30
|
|
|
}
|
|
|
|
end
|
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
private
|
|
|
|
|
2022-07-16 23:28:13 +05:30
|
|
|
def validate_import_source_enabled!
|
|
|
|
return unless @params[:import_type]
|
|
|
|
|
|
|
|
import_type = @params[:import_type].to_s
|
|
|
|
|
|
|
|
return if INTERNAL_IMPORT_SOURCES.include?(import_type)
|
|
|
|
|
|
|
|
unless ::Gitlab::CurrentSettings.import_sources&.include?(import_type)
|
|
|
|
raise ImportSourceDisabledError, "#{import_type} import source is disabled"
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-12-11 22:18:48 +05:30
|
|
|
def parent_namespace
|
|
|
|
@parent_namespace ||= Namespace.find_by_id(@params[:namespace_id]) || current_user.namespace
|
2020-05-24 23:13:21 +05:30
|
|
|
end
|
|
|
|
|
2019-12-21 20:55:43 +05:30
|
|
|
def create_from_template?
|
|
|
|
@params[:template_name].present? || @params[:template_project_id].present?
|
|
|
|
end
|
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
def import_schedule
|
|
|
|
if @project.errors.empty?
|
2022-06-21 17:19:12 +05:30
|
|
|
@project.import_state.schedule if @project.import? && !@project.bare_repository_import? && !@project.gitlab_project_migration?
|
2018-03-17 18:26:18 +05:30
|
|
|
else
|
|
|
|
fail(error: @project.errors.full_messages.join(', '))
|
|
|
|
end
|
|
|
|
end
|
2019-09-04 21:01:54 +05:30
|
|
|
|
|
|
|
def project_visibility
|
|
|
|
@project_visibility ||= Gitlab::VisibilityLevelChecker
|
|
|
|
.new(current_user, @project, project_params: { import_data: @import_data })
|
|
|
|
.level_restricted?
|
|
|
|
end
|
2021-09-04 01:27:46 +05:30
|
|
|
|
|
|
|
def build_topics
|
|
|
|
topics = params.delete(:topics)
|
|
|
|
tag_list = params.delete(:tag_list)
|
|
|
|
topic_list = topics || tag_list
|
|
|
|
|
|
|
|
params[:topic_list] ||= topic_list if topic_list
|
|
|
|
end
|
2014-09-02 18:07:02 +05:30
|
|
|
end
|
|
|
|
end
|
2019-12-04 20:38:33 +05:30
|
|
|
|
2021-06-08 01:23:25 +05:30
|
|
|
Projects::CreateService.prepend_mod_with('Projects::CreateService')
|
2020-05-24 23:13:21 +05:30
|
|
|
|
|
|
|
# Measurable should be at the bottom of the ancestor chain, so it will measure execution of EE::Projects::CreateService as well
|
|
|
|
Projects::CreateService.prepend(Measurable)
|