debian-mirror-gitlab/app/controllers/concerns/requires_whitelisted_monitoring_client.rb

# frozen_string_literal: true

module RequiresWhitelistedMonitoringClient
  extend ActiveSupport::Concern

  included do
    before_action :validate_ip_whitelisted_or_valid_token!
  end

  private

  def validate_ip_whitelisted_or_valid_token!
    render_404 unless client_ip_whitelisted? || valid_token?
  end

  def client_ip_whitelisted?
    # Always allow developers to access http://localhost:3000/-/metrics for
    # debugging purposes
    return true if Rails.env.development? && request.local?

    ip_whitelist.any? { |e| e.include?(Gitlab::RequestContext.instance.client_ip) }
  end

  def ip_whitelist
    @ip_whitelist ||= Settings.monitoring.ip_whitelist.map(&IPAddr.method(:new))
  end

  def valid_token?
    token = params[:token].presence || request.headers['TOKEN']
    token.present? &&
      ActiveSupport::SecurityUtils.secure_compare(
        token,
        Gitlab::CurrentSettings.health_check_access_token
      )
  end

  def render_404
    render file: Rails.root.join('public', '404'), layout: false, status: '404'
  end
end
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# frozen_string_literal: true`

New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`module RequiresWhitelistedMonitoringClient`
			`extend ActiveSupport::Concern`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`included do`
			`before_action :validate_ip_whitelisted_or_valid_token!`
			`end`

			`private`

			`def validate_ip_whitelisted_or_valid_token!`
			`render_404 unless client_ip_whitelisted? \|\| valid_token?`
			`end`

			`def client_ip_whitelisted?`
New upstream version 12.1.11 2019-09-30 21:07:59 +05:30			`# Always allow developers to access http://localhost:3000/-/metrics for`
			`# debugging purposes`
			`return true if Rails.env.development? && request.local?`

New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`ip_whitelist.any? { \|e\| e.include?(Gitlab::RequestContext.instance.client_ip) }`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`end`

			`def ip_whitelist`
			`@ip_whitelist \|\|= Settings.monitoring.ip_whitelist.map(&IPAddr.method(:new))`
			`end`

			`def valid_token?`
			`token = params[:token].presence \|\| request.headers['TOKEN']`
			`token.present? &&`
New upstream version 12.1.11 2019-09-30 21:07:59 +05:30			`ActiveSupport::SecurityUtils.secure_compare(`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`token,`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`Gitlab::CurrentSettings.health_check_access_token`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`)`
			`end`

			`def render_404`
			`render file: Rails.root.join('public', '404'), layout: false, status: '404'`
			`end`
			`end`