debian-mirror-gitlab/app/helpers/routing/pseudonymization_helper.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

93 lines
2.5 KiB
Ruby
Raw Normal View History

2021-11-11 11:23:49 +05:30
# frozen_string_literal: true
module Routing
module PseudonymizationHelper
2021-12-11 22:18:48 +05:30
class MaskHelper
2022-01-26 12:08:38 +05:30
QUERY_PARAMS_TO_NOT_MASK = %w[
scope
2022-06-21 17:19:12 +05:30
severity
sortBy
sortDesc
2022-01-26 12:08:38 +05:30
state
2022-06-21 17:19:12 +05:30
tab
2022-07-16 23:28:13 +05:30
glm_source
glm_content
2023-03-04 22:38:38 +05:30
_gl
2022-01-26 12:08:38 +05:30
].freeze
2021-11-11 11:23:49 +05:30
2021-12-11 22:18:48 +05:30
def initialize(request_object, group, project)
@request = request_object
@group = group
@project = project
end
def mask_params
2022-05-07 20:08:51 +05:30
return @request.original_url unless has_maskable_params?
2021-11-11 11:23:49 +05:30
2021-12-11 22:18:48 +05:30
masked_params = @request.path_parameters.to_h do |key, value|
case key
when :project_id
[key, "project#{@project&.id}"]
when :namespace_id, :group_id
namespace = @group || @project&.namespace
[key, "namespace#{namespace&.id}"]
when :id
[key, mask_id(value)]
else
[key, value]
end
end
2021-11-11 11:23:49 +05:30
2021-12-11 22:18:48 +05:30
Gitlab::Routing.url_helpers.url_for(masked_params.merge(params: masked_query_params))
end
2021-11-11 11:23:49 +05:30
2021-12-11 22:18:48 +05:30
private
2021-11-11 11:23:49 +05:30
2021-12-11 22:18:48 +05:30
def mask_id(value)
2023-01-13 00:05:48 +05:30
case @request.path_parameters[:controller]
when 'projects/blob'
2021-12-11 22:18:48 +05:30
':repository_path'
2023-01-13 00:05:48 +05:30
when 'projects'
2021-12-11 22:18:48 +05:30
"project#{@project&.id}"
2023-01-13 00:05:48 +05:30
when 'groups'
2021-12-11 22:18:48 +05:30
"namespace#{@group&.id}"
else
value
end
end
2021-11-11 11:23:49 +05:30
2021-12-11 22:18:48 +05:30
def has_maskable_params?
request_params = @request.path_parameters.to_h
request_params.key?(:namespace_id) || request_params.key?(:group_id) || request_params.key?(:project_id) || request_params.key?(:id) || @request.query_string.present?
end
2021-11-11 11:23:49 +05:30
2021-12-11 22:18:48 +05:30
def masked_query_params
return {} unless @request.query_string.present?
2021-11-11 11:23:49 +05:30
2021-12-11 22:18:48 +05:30
query_string_hash = Rack::Utils.parse_nested_query(@request.query_string)
2021-11-11 11:23:49 +05:30
2021-12-11 22:18:48 +05:30
query_string_hash.keys.each do |key|
next if QUERY_PARAMS_TO_NOT_MASK.include?(key)
2021-11-11 11:23:49 +05:30
2021-12-11 22:18:48 +05:30
query_string_hash[key] = "masked_#{key}"
end
2021-11-11 11:23:49 +05:30
2021-12-11 22:18:48 +05:30
query_string_hash
2021-11-11 11:23:49 +05:30
end
2021-12-11 22:18:48 +05:30
end
2021-11-11 11:23:49 +05:30
2022-01-26 12:08:38 +05:30
def masked_page_url(group:, project:)
2021-12-11 22:18:48 +05:30
return unless Feature.enabled?(:mask_page_urls, type: :ops)
2022-01-26 12:08:38 +05:30
mask_helper = MaskHelper.new(request, group, project)
2021-12-11 22:18:48 +05:30
mask_helper.mask_params
2021-11-11 11:23:49 +05:30
2021-12-11 22:18:48 +05:30
# We rescue all exception for time being till we test this helper extensively.
# Check https://gitlab.com/gitlab-org/gitlab/-/merge_requests/72864#note_711515501
rescue => e # rubocop:disable Style/RescueStandardError
Gitlab::ErrorTracking.track_exception(e, url: request.original_fullpath)
nil
2021-11-11 11:23:49 +05:30
end
end
end