debian-mirror-gitlab/app/helpers/blob_helper.rb

337 lines
11 KiB
Ruby
Raw Normal View History

2018-12-05 23:21:45 +05:30
# frozen_string_literal: true
2014-09-02 18:07:02 +05:30
module BlobHelper
2018-12-13 13:39:08 +05:30
def highlight(file_name, file_content, language: nil, plain: false)
highlighted = Gitlab::Highlight.highlight(file_name, file_content, plain: plain, language: language)
2018-03-17 18:26:18 +05:30
2016-08-24 12:49:21 +05:30
raw %(<pre class="code highlight"><code>#{highlighted}</code></pre>)
2014-09-02 18:07:02 +05:30
end
def no_highlight_files
2015-04-26 12:48:37 +05:30
%w(credits changelog news copying copyright license authors)
end
2018-03-17 18:26:18 +05:30
def edit_blob_path(project = @project, ref = @ref, path = @path, options = {})
2017-09-10 17:25:29 +05:30
project_edit_blob_path(project,
2018-03-27 19:54:05 +05:30
tree_join(ref, path),
options[:link_opts])
end
2018-03-17 18:26:18 +05:30
def ide_edit_path(project = @project, ref = @ref, path = @path, options = {})
2018-11-08 19:23:39 +05:30
segments = [ide_path, 'project', project.full_path, 'edit', ref]
segments.concat(['-', path]) if path.present?
File.join(segments)
2018-03-17 18:26:18 +05:30
end
2018-03-27 19:54:05 +05:30
def edit_blob_button(project = @project, ref = @ref, path = @path, options = {})
return unless blob = readable_blob(options, path, project, ref)
2018-03-17 18:26:18 +05:30
2018-03-27 19:54:05 +05:30
common_classes = "btn js-edit-blob #{options[:extra_class]}"
2018-03-17 18:26:18 +05:30
2018-03-27 19:54:05 +05:30
edit_button_tag(blob,
common_classes,
_('Edit'),
edit_blob_path(project, ref, path, options),
project,
ref)
2018-03-17 18:26:18 +05:30
end
2018-05-09 12:01:36 +05:30
def ide_edit_button(project = @project, ref = @ref, path = @path, options = {})
return unless blob = readable_blob(options, path, project, ref)
edit_button_tag(blob,
'btn btn-default',
_('Web IDE'),
ide_edit_path(project, ref, path, options),
project,
ref)
end
2018-03-27 19:54:05 +05:30
def modify_file_button(project = @project, ref = @ref, path = @path, label:, action:, btn_class:, modal_type:)
return unless current_user
blob = project.repository.blob_at(ref, path) rescue nil
return unless blob
2017-08-17 22:00:37 +05:30
common_classes = "btn btn-#{btn_class}"
2016-01-29 22:53:50 +05:30
if !on_top_of_branch?(project, ref)
2017-08-17 22:00:37 +05:30
button_tag label, class: "#{common_classes} disabled has-tooltip", title: "You can only #{action} files when you are on a branch", data: { container: 'body' }
elsif blob.stored_externally?
button_tag label, class: "#{common_classes} disabled has-tooltip", title: "It is not possible to #{action} files that are stored in LFS using the web interface", data: { container: 'body' }
elsif can_modify_blob?(blob, project, ref)
button_tag label, class: "#{common_classes}", 'data-target' => "#modal-#{modal_type}-blob", 'data-toggle' => 'modal'
2018-05-09 12:01:36 +05:30
elsif can?(current_user, :fork_project, project) && can?(current_user, :create_merge_request_in, project)
2018-03-27 19:54:05 +05:30
edit_fork_button_tag(common_classes, project, label, edit_modify_file_fork_params(action), action)
end
end
def replace_blob_link(project = @project, ref = @ref, path = @path)
2018-03-27 19:54:05 +05:30
modify_file_button(
project,
ref,
path,
label: "Replace",
action: "replace",
btn_class: "default",
modal_type: "upload"
)
end
def delete_blob_link(project = @project, ref = @ref, path = @path)
2018-03-27 19:54:05 +05:30
modify_file_button(
project,
ref,
path,
label: "Delete",
action: "delete",
btn_class: "remove",
modal_type: "remove"
)
2015-12-23 02:04:40 +05:30
end
2017-08-17 22:00:37 +05:30
def can_modify_blob?(blob, project = @project, ref = @ref)
!blob.stored_externally? && can_edit_tree?(project, ref)
2015-04-26 12:48:37 +05:30
end
def leave_edit_message
"Leave edit mode?\nAll unsaved changes will be lost."
end
def editing_preview_title(filename)
2015-09-11 14:41:01 +05:30
if Gitlab::MarkupHelper.previewable?(filename)
2015-04-26 12:48:37 +05:30
'Preview'
else
2017-08-17 22:00:37 +05:30
'Preview changes'
2015-04-26 12:48:37 +05:30
end
end
# Return an image icon depending on the file mode and extension
#
# mode - File unix mode
# mode - File name
def blob_icon(mode, name)
icon("#{file_type_icon_class('file', mode, name)} fw")
2014-09-02 18:07:02 +05:30
end
2015-12-23 02:04:40 +05:30
2018-11-18 11:00:15 +05:30
def blob_raw_url(**kwargs)
2017-08-17 22:00:37 +05:30
if @build && @entry
2018-11-18 11:00:15 +05:30
raw_project_job_artifacts_url(@project, @build, path: @entry.path, **kwargs)
2017-08-17 22:00:37 +05:30
elsif @snippet
if @snippet.project_id
2018-11-18 11:00:15 +05:30
raw_project_snippet_url(@project, @snippet, **kwargs)
2017-08-17 22:00:37 +05:30
else
2018-11-18 11:00:15 +05:30
raw_snippet_url(@snippet, **kwargs)
2017-08-17 22:00:37 +05:30
end
elsif @blob
2018-11-18 11:00:15 +05:30
project_raw_url(@project, @id, **kwargs)
2015-12-23 02:04:40 +05:30
end
end
2016-04-02 18:10:28 +05:30
2018-11-18 11:00:15 +05:30
def blob_raw_path(**kwargs)
blob_raw_url(**kwargs, only_path: true)
2018-03-17 18:26:18 +05:30
end
2016-04-02 18:10:28 +05:30
# SVGs can contain malicious JavaScript; only include whitelisted
# elements and attributes. Note that this whitelist is by no means complete
# and may omit some elements.
2017-08-17 22:00:37 +05:30
def sanitize_svg_data(data)
Gitlab::Sanitizers::SVG.clean(data)
2016-04-02 18:10:28 +05:30
end
2016-06-02 11:05:42 +05:30
# If we blindly set the 'real' content type when serving a Git blob we
# are enabling XSS attacks. An attacker could upload e.g. a Javascript
# file to a Git repository, trick the browser of a victim into
# downloading the blob, and then the 'application/javascript' content
# type would tell the browser to execute the attacker's Javascript. By
# overriding the content type and setting it to 'text/plain' (in the
# example of Javascript) we tell the browser of the victim not to
# execute untrusted data.
def safe_content_type(blob)
2018-12-13 13:39:08 +05:30
if blob.extension == 'svg'
blob.mime_type
elsif blob.text?
2016-06-02 11:05:42 +05:30
'text/plain; charset=utf-8'
elsif blob.image?
blob.content_type
else
'application/octet-stream'
end
end
2018-12-13 13:39:08 +05:30
def content_disposition(blob, inline)
return 'attachment' if blob.extension == 'svg'
inline ? 'inline' : 'attachment'
end
2016-09-13 17:45:13 +05:30
def ref_project
@ref_project ||= @target_project || @project
end
2018-11-20 20:47:30 +05:30
def template_dropdown_names(items)
grouped = items.group_by(&:category)
categories = grouped.keys
categories.each_with_object({}) do |category, hash|
hash[category] = grouped[category].map do |item|
2018-12-05 23:21:45 +05:30
{ name: item.name, id: item.key }
2018-11-20 20:47:30 +05:30
end
end
end
private :template_dropdown_names
2018-12-13 13:39:08 +05:30
def licenses_for_select(project)
2018-12-05 23:21:45 +05:30
@licenses_for_select ||= template_dropdown_names(TemplateFinder.build(:licenses, project).execute)
end
2018-12-13 13:39:08 +05:30
def gitignore_names(project)
2018-12-05 23:21:45 +05:30
@gitignore_names ||= template_dropdown_names(TemplateFinder.build(:gitignores, project).execute)
2016-06-22 15:30:34 +05:30
end
2016-06-02 11:05:42 +05:30
2018-12-13 13:39:08 +05:30
def gitlab_ci_ymls(project)
2018-12-05 23:21:45 +05:30
@gitlab_ci_ymls ||= template_dropdown_names(TemplateFinder.build(:gitlab_ci_ymls, project).execute)
2017-08-17 22:00:37 +05:30
end
2018-12-13 13:39:08 +05:30
def dockerfile_names(project)
2018-12-05 23:21:45 +05:30
@dockerfile_names ||= template_dropdown_names(TemplateFinder.build(:dockerfiles, project).execute)
2016-09-13 17:45:13 +05:30
end
2018-12-13 13:39:08 +05:30
def blob_editor_paths(project)
2016-09-13 17:45:13 +05:30
{
'relative-url-root' => Rails.application.config.relative_url_root,
'assets-prefix' => Gitlab::Application.config.assets.prefix,
2018-12-13 13:39:08 +05:30
'blob-filename' => @blob && @blob.path,
2018-12-05 23:21:45 +05:30
'project-id' => project.id
2016-09-13 17:45:13 +05:30
}
2016-06-02 11:05:42 +05:30
end
2017-08-17 22:00:37 +05:30
def copy_file_path_button(file_path)
clipboard_button(text: file_path, gfm: "`#{file_path}`", class: 'btn-clipboard btn-transparent prepend-left-5', title: 'Copy file path to clipboard')
end
def copy_blob_source_button(blob)
return unless blob.rendered_as_text?(ignore_errors: false)
clipboard_button(target: ".blob-content[data-blob-id='#{blob.id}']", class: "btn btn-sm js-copy-blob-source-btn", title: "Copy source to clipboard")
end
def open_raw_blob_button(blob)
return if blob.empty?
2018-11-18 11:00:15 +05:30
return if blob.raw_binary? || blob.stored_externally?
2017-09-10 17:25:29 +05:30
2018-11-18 11:00:15 +05:30
title = 'Open raw'
link_to icon('file-code-o'), blob_raw_path, class: 'btn btn-sm has-tooltip', target: '_blank', rel: 'noopener noreferrer', title: title, data: { container: 'body' }
end
def download_blob_button(blob)
return if blob.empty?
2017-08-17 22:00:37 +05:30
2018-11-18 11:00:15 +05:30
title = 'Download'
link_to sprite_icon('download'), blob_raw_path(inline: false), download: @path, class: 'btn btn-sm has-tooltip', target: '_blank', rel: 'noopener noreferrer', title: title, data: { container: 'body' }
2017-08-17 22:00:37 +05:30
end
def blob_render_error_reason(viewer)
case viewer.render_error
2017-09-10 17:25:29 +05:30
when :collapsed
"it is larger than #{number_to_human_size(viewer.collapse_limit)}"
2017-08-17 22:00:37 +05:30
when :too_large
2017-09-10 17:25:29 +05:30
"it is larger than #{number_to_human_size(viewer.size_limit)}"
2017-08-17 22:00:37 +05:30
when :server_side_but_stored_externally
case viewer.blob.external_storage
when :lfs
'it is stored in LFS'
when :build_artifact
'it is stored as a job artifact'
else
'it is stored externally'
end
end
end
def blob_render_error_options(viewer)
error = viewer.render_error
options = []
2017-09-10 17:25:29 +05:30
if error == :collapsed
2018-06-27 16:04:02 +05:30
options << link_to('load it anyway', url_for(safe_params.merge(viewer: viewer.type, expanded: true, format: nil)))
2017-08-17 22:00:37 +05:30
end
# If the error is `:server_side_but_stored_externally`, the simple viewer will show the same error,
# so don't bother switching.
if viewer.rich? && viewer.blob.rendered_as_text? && error != :server_side_but_stored_externally
options << link_to('view the source', '#', class: 'js-blob-viewer-switch-btn', data: { viewer: 'simple' })
end
2017-09-10 17:25:29 +05:30
options << link_to('download it', blob_raw_path, target: '_blank', rel: 'noopener noreferrer')
options
end
def contribution_options(project)
options = []
if can?(current_user, :create_issue, project)
options << link_to("submit an issue", new_project_issue_path(project))
end
2018-05-09 12:01:36 +05:30
merge_project = merge_request_source_project_for_project(@project)
2017-09-10 17:25:29 +05:30
if merge_project
options << link_to("create a merge request", project_new_merge_request_path(project))
end
2017-08-17 22:00:37 +05:30
options
end
2018-03-27 19:54:05 +05:30
def readable_blob(options, path, project, ref)
blob = options.delete(:blob)
blob ||= project.repository.blob_at(ref, path) rescue nil
blob if blob&.readable_text?
end
def edit_blob_fork_params(path)
{
to: path,
notice: edit_in_new_fork_notice,
notice_now: edit_in_new_fork_notice_now
}
end
def edit_modify_file_fork_params(action)
{
to: request.fullpath,
notice: edit_in_new_fork_notice_action(action),
notice_now: edit_in_new_fork_notice_now
}
end
def edit_fork_button_tag(common_classes, project, label, params, action = 'edit')
fork_path = project_forks_path(project, namespace_key: current_user.namespace.id, continue: params)
button_tag label,
class: "#{common_classes} js-edit-blob-link-fork-toggler",
data: { action: action, fork_path: fork_path }
end
def edit_disabled_button_tag(button_text, common_classes)
button_tag(button_text, class: "#{common_classes} disabled has-tooltip", title: _('You can only edit files when you are on a branch'), data: { container: 'body' })
end
def edit_link_tag(link_text, edit_path, common_classes)
link_to link_text, edit_path, class: "#{common_classes} btn-sm"
end
def edit_button_tag(blob, common_classes, text, edit_path, project, ref)
if !on_top_of_branch?(project, ref)
edit_disabled_button_tag(text, common_classes)
# This condition only applies to users who are logged in
elsif !current_user || (current_user && can_modify_blob?(blob, project, ref))
edit_link_tag(text, edit_path, common_classes)
2018-05-09 12:01:36 +05:30
elsif can?(current_user, :fork_project, project) && can?(current_user, :create_merge_request_in, project)
2018-03-27 19:54:05 +05:30
edit_fork_button_tag(common_classes, project, text, edit_blob_fork_params(edit_path))
end
end
2014-09-02 18:07:02 +05:30
end