debian-mirror-gitlab/app/controllers/import/bulk_imports_controller.rb

# frozen_string_literal: true

class Import::BulkImportsController < ApplicationController
  include ActionView::Helpers::SanitizeHelper

  before_action :ensure_group_import_enabled
  before_action :verify_blocked_uri, only: :status

  feature_category :importers

  POLLING_INTERVAL = 3_000

  rescue_from BulkImports::Clients::Http::ConnectionError, with: :bulk_import_connection_error

  def configure
    session[access_token_key] = configure_params[access_token_key]&.strip
    session[url_key] = configure_params[url_key]

    redirect_to status_import_bulk_imports_url
  end

  def status
    respond_to do |format|
      format.json do
        data = importable_data

        pagination_headers.each do |header|
          response.set_header(header, data.headers[header])
        end

        render json: { importable_data: serialized_data(data.parsed_response) }
      end
      format.html do
        @source_url = session[url_key]
      end
    end
  end

  def create
    response = BulkImportService.new(current_user, create_params, credentials).execute

    if response.success?
      render json: response.payload.to_json(only: [:id])
    else
      render json: { error: response.message }, status: response.http_status
    end
  end

  def realtime_changes
    Gitlab::PollingInterval.set_header(response, interval: POLLING_INTERVAL)

    render json: current_user_bulk_imports.to_json(only: [:id], methods: [:status_name])
  end

  private

  def pagination_headers
    %w[x-next-page x-page x-per-page x-prev-page x-total x-total-pages]
  end

  def serialized_data(data)
    serializer.represent(data, {}, Import::BulkImportEntity)
  end

  def serializer
    @serializer ||= BaseSerializer.new(current_user: current_user)
  end

  def importable_data
    client.get('groups', query_params)
  end

  # Default query string params used to fetch groups from GitLab source instance
  #
  # top_level_only: fetch only top level groups (subgroups are fetched during import itself)
  # min_access_level: fetch only groups user has maintainer or above permissions
  # search: optional search param to search user's groups by a keyword
  def query_params
    query_params = {
      top_level_only: true,
      min_access_level: Gitlab::Access::MAINTAINER
    }

    query_params[:search] = sanitized_filter_param if sanitized_filter_param
    query_params
  end

  def client
    @client ||= BulkImports::Clients::Http.new(
      uri: session[url_key],
      token: session[access_token_key],
      per_page: params[:per_page],
      page: params[:page]
    )
  end

  def configure_params
    params.permit(access_token_key, url_key)
  end

  def create_params
    params.permit(bulk_import: bulk_import_params)[:bulk_import]
  end

  def bulk_import_params
    %i[
      source_type
      source_full_path
      destination_name
      destination_namespace
    ]
  end

  def ensure_group_import_enabled
    render_404 unless Feature.enabled?(:bulk_import)
  end

  def access_token_key
    :bulk_import_gitlab_access_token
  end

  def url_key
    :bulk_import_gitlab_url
  end

  def verify_blocked_uri
    Gitlab::UrlBlocker.validate!(
      session[url_key],
      allow_localhost: allow_local_requests?,
      allow_local_network: allow_local_requests?,
      schemes: %w(http https)
    )
  rescue Gitlab::UrlBlocker::BlockedUrlError => e
    clear_session_data

    redirect_to new_group_path(anchor: 'import-group-pane'), alert: _('Specified URL cannot be used: "%{reason}"') % { reason: e.message }
  end

  def allow_local_requests?
    Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services?
  end

  def bulk_import_connection_error(error)
    clear_session_data

    error_message = _("Unable to connect to server: %{error}") % { error: error }
    flash[:alert] = error_message

    respond_to do |format|
      format.json do
        render json: {
          error: {
            message: error_message,
            redirect: new_group_path
          }
        }, status: :unprocessable_entity
      end
      format.html do
        redirect_to new_group_path(anchor: 'import-group-pane')
      end
    end
  end

  def clear_session_data
    session[url_key] = nil
    session[access_token_key] = nil
  end

  def credentials
    {
      url: session[url_key],
      access_token: session[access_token_key]
    }
  end

  def sanitized_filter_param
    @filter ||= sanitize(params[:filter])&.downcase
  end

  def current_user_bulk_imports
    current_user.bulk_imports.gitlab
  end
end