debian-mirror-gitlab/app/controllers/projects/repositories_controller.rb

139 lines
3.9 KiB
Ruby
Raw Normal View History

2018-12-05 23:21:45 +05:30
# frozen_string_literal: true
2014-09-02 18:07:02 +05:30
class Projects::RepositoriesController < Projects::ApplicationController
2018-05-09 12:01:36 +05:30
include ExtractsPath
2019-12-04 20:38:33 +05:30
include StaticObjectExternalStorage
2020-03-28 13:19:24 +05:30
include HotlinkInterceptor
2022-01-26 12:08:38 +05:30
include Gitlab::RepositoryArchiveRateLimiter
2019-12-04 20:38:33 +05:30
prepend_before_action(only: [:archive]) { authenticate_sessionless_user!(:archive) }
2018-05-09 12:01:36 +05:30
2014-09-02 18:07:02 +05:30
# Authorize
2022-01-26 12:08:38 +05:30
before_action :check_archive_rate_limiting!, only: :archive
2015-09-11 14:41:01 +05:30
before_action :require_non_empty_project, except: :create
2020-03-28 13:19:24 +05:30
before_action :intercept_hotlinking!, only: :archive
2018-05-09 12:01:36 +05:30
before_action :assign_archive_vars, only: :archive
2019-10-12 21:52:04 +05:30
before_action :assign_append_sha, only: :archive
2015-09-11 14:41:01 +05:30
before_action :authorize_download_code!
before_action :authorize_admin_project!, only: :create
2019-12-04 20:38:33 +05:30
before_action :redirect_to_external_storage, only: :archive, if: :static_objects_external_storage_enabled?
2014-09-02 18:07:02 +05:30
2021-01-03 14:25:43 +05:30
feature_category :source_code_management
2015-04-26 12:48:37 +05:30
def create
2022-04-04 11:22:00 +05:30
@project.create_repository unless @project.repository_exists?
2015-04-26 12:48:37 +05:30
redirect_to project_path(@project)
2014-09-02 18:07:02 +05:30
end
def archive
2020-03-13 15:44:24 +05:30
return render_404 if html_request?
2019-10-12 21:52:04 +05:30
set_cache_headers
return if archive_not_modified?
2018-05-09 12:01:36 +05:30
2019-10-12 21:52:04 +05:30
send_git_archive @repository, **repo_params
2022-08-27 11:52:29 +05:30
rescue StandardError => e
logger.error("#{self.class.name}: #{e}")
2018-11-18 11:00:15 +05:30
git_not_found!
2014-09-02 18:07:02 +05:30
end
2018-05-09 12:01:36 +05:30
2019-10-12 21:52:04 +05:30
private
def repo_params
@repo_params ||= { ref: @ref, path: params[:path], format: params[:format], append_sha: @append_sha }
end
def set_cache_headers
2023-04-23 21:23:45 +05:30
commit_id = archive_metadata['CommitId']
2023-05-27 22:25:52 +05:30
expires_in(
cache_max_age(commit_id),
public: Guest.can?(:download_code, project),
must_revalidate: true,
stale_if_error: 5.minutes,
stale_while_revalidate: 1.minute,
's-maxage': 1.minute
)
2023-04-23 21:23:45 +05:30
fresh_when(strong_etag: [commit_id, archive_metadata['ArchivePath']])
2019-10-12 21:52:04 +05:30
end
def archive_not_modified?
# Check response freshness (Last-Modified and ETag)
# against request If-Modified-Since and If-None-Match conditions.
request.fresh?(response)
end
def archive_metadata
@archive_metadata ||= @repository.archive_metadata(
@ref,
'', # Where archives are stored isn't really important for ETag purposes
repo_params[:format],
path: repo_params[:path],
append_sha: @append_sha
)
end
def cache_max_age(commit_id)
if @ref == commit_id
# This is a link to an archive by a commit SHA. That means that the archive
# is immutable. The only reason to invalidate the cache is if the commit
# was deleted or if the user lost access to the repository.
Repository::ARCHIVE_CACHE_TIME_IMMUTABLE
else
# A branch or tag points at this archive. That means that the expected archive
# content may change over time.
Repository::ARCHIVE_CACHE_TIME
end
end
def assign_append_sha
@append_sha = params[:append_sha]
if @ref
shortname = "#{@project.path}-#{@ref.tr('/', '-')}"
@append_sha = false if @filename == shortname
end
end
2018-05-09 12:01:36 +05:30
def assign_archive_vars
if params[:id]
2020-03-13 15:44:24 +05:30
@ref, @filename = extract_ref_and_filename(params[:id])
2018-05-09 12:01:36 +05:30
else
@ref = params[:ref]
@filename = nil
end
rescue InvalidPathError
render_404
end
2020-03-13 15:44:24 +05:30
# path can be of the form:
# master
# master/first.zip
# master/first/second.tar.gz
# master/first/second/third.zip
#
# In the archive case, we know that the last value is always the filename, so we
# do a greedy match to extract the ref. This avoid having to pull all ref names
# from Redis.
def extract_ref_and_filename(id)
path = id.strip
2021-09-30 23:02:18 +05:30
data = path.match(%r{(.*)/(.*)})
2020-03-13 15:44:24 +05:30
if data
[data[1], data[2]]
else
[path, nil]
end
end
2022-01-26 12:08:38 +05:30
def check_archive_rate_limiting!
check_archive_rate_limit!(current_user, @project) do
render(plain: _('This archive has been requested too many times. Try again later.'), status: :too_many_requests)
end
end
2014-09-02 18:07:02 +05:30
end
2019-12-04 20:38:33 +05:30
2021-06-08 01:23:25 +05:30
Projects::RepositoriesController.prepend_mod_with('Projects::RepositoriesController')