debian-mirror-gitlab/lib/gitlab/spamcheck/client.rb

# frozen_string_literal: true
require 'spamcheck'

module Gitlab
  module Spamcheck
    class Client
      include ::Spam::SpamConstants

      DEFAULT_TIMEOUT_SECS = 2

      VERDICT_MAPPING = {
        ::Spamcheck::SpamVerdict::Verdict::ALLOW => ALLOW,
        ::Spamcheck::SpamVerdict::Verdict::CONDITIONAL_ALLOW => CONDITIONAL_ALLOW,
        ::Spamcheck::SpamVerdict::Verdict::DISALLOW => DISALLOW,
        ::Spamcheck::SpamVerdict::Verdict::BLOCK => BLOCK_USER,
        ::Spamcheck::SpamVerdict::Verdict::NOOP => NOOP
      }.freeze

      ACTION_MAPPING = {
        create: ::Spamcheck::Action::CREATE,
        update: ::Spamcheck::Action::UPDATE
      }.freeze

      URL_SCHEME_REGEX = %r{^grpc://|^tls://}.freeze

      def initialize
        @endpoint_url = Gitlab::CurrentSettings.current_application_settings.spam_check_endpoint_url

        @creds = client_creds(@endpoint_url)

        # remove the `grpc://` or 'tls://' as it's only useful to ensure we're expecting to
        # connect with Spamcheck
        @endpoint_url = @endpoint_url.sub(URL_SCHEME_REGEX, '')
      end

      def issue_spam?(spam_issue:, user:, context: {})
        issue = build_issue_protobuf(issue: spam_issue, user: user, context: context)

        response = grpc_client.check_for_spam_issue(issue,
                                              metadata: { 'authorization' =>
                                                           Gitlab::CurrentSettings.spam_check_api_key })
        verdict = convert_verdict_to_gitlab_constant(response.verdict)
        [verdict, response.extra_attributes.to_h, response.error]
      end

      private

      def convert_verdict_to_gitlab_constant(verdict)
        VERDICT_MAPPING.fetch(::Spamcheck::SpamVerdict::Verdict.resolve(verdict), verdict)
      end

      def build_issue_protobuf(issue:, user:, context:)
        issue_pb = ::Spamcheck::Issue.new
        issue_pb.title = issue.spam_title || ''
        issue_pb.description = issue.spam_description || ''
        issue_pb.created_at = convert_to_pb_timestamp(issue.created_at) if issue.created_at
        issue_pb.updated_at = convert_to_pb_timestamp(issue.updated_at) if issue.updated_at
        issue_pb.user_in_project = user.authorized_project?(issue.project)
        issue_pb.project = build_project_protobuf(issue)
        issue_pb.action = ACTION_MAPPING.fetch(context.fetch(:action)) if context.has_key?(:action)
        issue_pb.user = build_user_protobuf(user)
        issue_pb
      end

      def build_user_protobuf(user)
        user_pb = ::Spamcheck::User.new
        user_pb.username = user.username
        user_pb.org = user.organization || ''
        user_pb.created_at = convert_to_pb_timestamp(user.created_at)

        user_pb.emails << build_email(user.email, user.confirmed?)

        user.emails.each do |email|
          next if email.user_primary_email?

          user_pb.emails << build_email(email.email, email.confirmed?)
        end

        user_pb
      end

      def build_email(email, verified)
        email_pb = ::Spamcheck::User::Email.new
        email_pb.email = email
        email_pb.verified = verified
        email_pb
      end

      def build_project_protobuf(issue)
        project_pb = ::Spamcheck::Project.new
        project_pb.project_id = issue.project_id
        project_pb.project_path = issue.project.full_path
        project_pb
      end

      def convert_to_pb_timestamp(ar_timestamp)
        Google::Protobuf::Timestamp.new(seconds: ar_timestamp.to_time.to_i,
                                        nanos: ar_timestamp.to_time.nsec)
      end

      def client_creds(url)
        if URI(url).scheme == 'tls'
          GRPC::Core::ChannelCredentials.new(::Gitlab::X509::Certificate.ca_certs_bundle)
        else
          :this_channel_is_insecure
        end
      end

      def grpc_client
        @grpc_client ||= ::Spamcheck::SpamcheckService::Stub.new(@endpoint_url, @creds,
                                                        interceptors: interceptors,
                                                        timeout: DEFAULT_TIMEOUT_SECS)
      end

      def interceptors
        [Labkit::Correlation::GRPC::ClientInterceptor.instance]
      end
    end
  end
end
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`# frozen_string_literal: true`
			`require 'spamcheck'`

			`module Gitlab`
			`module Spamcheck`
			`class Client`
			`include ::Spam::SpamConstants`
New upstream version 14.5.2+ds1 2021-12-11 22:18:48 +05:30
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`DEFAULT_TIMEOUT_SECS = 2`

			`VERDICT_MAPPING = {`
			`::Spamcheck::SpamVerdict::Verdict::ALLOW => ALLOW,`
			`::Spamcheck::SpamVerdict::Verdict::CONDITIONAL_ALLOW => CONDITIONAL_ALLOW,`
			`::Spamcheck::SpamVerdict::Verdict::DISALLOW => DISALLOW,`
			`::Spamcheck::SpamVerdict::Verdict::BLOCK => BLOCK_USER,`
			`::Spamcheck::SpamVerdict::Verdict::NOOP => NOOP`
			`}.freeze`

			`ACTION_MAPPING = {`
			`create: ::Spamcheck::Action::CREATE,`
			`update: ::Spamcheck::Action::UPDATE`
			`}.freeze`

New upstream version 14.6.3+ds1 2022-01-26 12:08:38 +05:30			`URL_SCHEME_REGEX = %r{^grpc://\|^tls://}.freeze`

New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`def initialize`
			`@endpoint_url = Gitlab::CurrentSettings.current_application_settings.spam_check_endpoint_url`

New upstream version 14.6.3+ds1 2022-01-26 12:08:38 +05:30			`@creds = client_creds(@endpoint_url)`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30
New upstream version 14.6.3+ds1 2022-01-26 12:08:38 +05:30			# remove the `grpc://` or 'tls://' as it's only useful to ensure we're expecting to
			`# connect with Spamcheck`
			`@endpoint_url = @endpoint_url.sub(URL_SCHEME_REGEX, '')`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`end`

			`def issue_spam?(spam_issue:, user:, context: {})`
			`issue = build_issue_protobuf(issue: spam_issue, user: user, context: context)`

New upstream version 14.1.7+ds1 2021-09-30 23:02:18 +05:30			`response = grpc_client.check_for_spam_issue(issue,`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`metadata: { 'authorization' =>`
			`Gitlab::CurrentSettings.spam_check_api_key })`
			`verdict = convert_verdict_to_gitlab_constant(response.verdict)`
			`[verdict, response.extra_attributes.to_h, response.error]`
			`end`

			`private`

			`def convert_verdict_to_gitlab_constant(verdict)`
			`VERDICT_MAPPING.fetch(::Spamcheck::SpamVerdict::Verdict.resolve(verdict), verdict)`
			`end`

			`def build_issue_protobuf(issue:, user:, context:)`
			`issue_pb = ::Spamcheck::Issue.new`
			`issue_pb.title = issue.spam_title \|\| ''`
			`issue_pb.description = issue.spam_description \|\| ''`
			`issue_pb.created_at = convert_to_pb_timestamp(issue.created_at) if issue.created_at`
			`issue_pb.updated_at = convert_to_pb_timestamp(issue.updated_at) if issue.updated_at`
			`issue_pb.user_in_project = user.authorized_project?(issue.project)`
			`issue_pb.project = build_project_protobuf(issue)`
			`issue_pb.action = ACTION_MAPPING.fetch(context.fetch(:action)) if context.has_key?(:action)`
			`issue_pb.user = build_user_protobuf(user)`
			`issue_pb`
			`end`

			`def build_user_protobuf(user)`
			`user_pb = ::Spamcheck::User.new`
			`user_pb.username = user.username`
			`user_pb.org = user.organization \|\| ''`
			`user_pb.created_at = convert_to_pb_timestamp(user.created_at)`

			`user_pb.emails << build_email(user.email, user.confirmed?)`

			`user.emails.each do \|email\|`
New upstream version 14.5.2+ds1 2021-12-11 22:18:48 +05:30			`next if email.user_primary_email?`

New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`user_pb.emails << build_email(email.email, email.confirmed?)`
			`end`

			`user_pb`
			`end`

			`def build_email(email, verified)`
			`email_pb = ::Spamcheck::User::Email.new`
			`email_pb.email = email`
			`email_pb.verified = verified`
			`email_pb`
			`end`

			`def build_project_protobuf(issue)`
			`project_pb = ::Spamcheck::Project.new`
			`project_pb.project_id = issue.project_id`
			`project_pb.project_path = issue.project.full_path`
			`project_pb`
			`end`

			`def convert_to_pb_timestamp(ar_timestamp)`
			`Google::Protobuf::Timestamp.new(seconds: ar_timestamp.to_time.to_i,`
			`nanos: ar_timestamp.to_time.nsec)`
			`end`
New upstream version 14.1.7+ds1 2021-09-30 23:02:18 +05:30
New upstream version 14.6.3+ds1 2022-01-26 12:08:38 +05:30			`def client_creds(url)`
			`if URI(url).scheme == 'tls'`
			`GRPC::Core::ChannelCredentials.new(::Gitlab::X509::Certificate.ca_certs_bundle)`
New upstream version 14.5.2+ds1 2021-12-11 22:18:48 +05:30			`else`
New upstream version 14.6.3+ds1 2022-01-26 12:08:38 +05:30			`:this_channel_is_insecure`
New upstream version 14.5.2+ds1 2021-12-11 22:18:48 +05:30			`end`
			`end`

New upstream version 14.1.7+ds1 2021-09-30 23:02:18 +05:30			`def grpc_client`
			`@grpc_client \|\|= ::Spamcheck::SpamcheckService::Stub.new(@endpoint_url, @creds,`
			`interceptors: interceptors,`
			`timeout: DEFAULT_TIMEOUT_SECS)`
			`end`

			`def interceptors`
			`[Labkit::Correlation::GRPC::ClientInterceptor.instance]`
			`end`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`end`
			`end`
			`end`