Module: API::Helpers::InternalHelpers

Defined in:
lib/api/helpers/internal_helpers.rb

Constant Summary collapse

UNKNOWN_CHECK_RESULT_ERROR = 
'Unknown check result'

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#redirected_pathObject (readonly)

Returns the value of attribute redirected_path.



6
7
8
 
# File 'lib/api/helpers/internal_helpers.rb', line 6

def redirected_path
  @redirected_path
end

Instance Method Details

#access_check!(actor, params) ⇒ Object

rubocop:disable Gitlab/ModuleWithInstanceVariables



50
51
52
53
54
55
56
57
58
59
 
# File 'lib/api/helpers/internal_helpers.rb', line 50

def access_check!(actor, params)
  access_checker = access_checker_for(actor, params[:protocol])
  access_checker.check(params[:action], params[:changes]).tap do |result|
    break result if @project || !repo_type.project?

    # If we have created a project directly from a git push
    # we have to assign its value to both @project and @container
    @project = @container = access_checker.container
  end
end

#access_check_resultObject

rubocop:enable Gitlab/ModuleWithInstanceVariables



33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/api/helpers/internal_helpers.rb', line 33

def access_check_result
  with_admin_mode_bypass!(actor.user&.id) do
    access_check!(actor, params)
  end
rescue Gitlab::GitAccess::ForbiddenError => e
  # The return code needs to be 401. If we return 403
  # the custom message we return won't be shown to the user
  # and, instead, the default message 'GitLab: API is not accessible'
  # will be displayed
  response_with_status(code: 401, success: false, message: e.message)
rescue Gitlab::GitAccess::TimeoutError => e
  response_with_status(code: 503, success: false, message: e.message)
rescue Gitlab::GitAccess::NotFoundError => e
  response_with_status(code: 404, success: false, message: e.message)
end

#access_checker_for(actor, protocol) ⇒ Object

rubocop:enable Gitlab/ModuleWithInstanceVariables



62
63
64
65
66
67
 
# File 'lib/api/helpers/internal_helpers.rb', line 62

def access_checker_for(actor, protocol)
  access_checker_klass.new(actor.key_or_user, container, protocol,
    authentication_abilities: ssh_authentication_abilities,
    repository_path: repository_path,
    redirected_path: redirected_path)
end

#access_checker_klassObject 



69
70
71
 
# File 'lib/api/helpers/internal_helpers.rb', line 69

def access_checker_klass
  repo_type.access_checker_class
end

#actorObject 



12
13
14
 
# File 'lib/api/helpers/internal_helpers.rb', line 12

def actor
  @actor ||= Support::GitAccessActor.from_params(params)
end

#containerObject 



27
28
29
30
 
# File 'lib/api/helpers/internal_helpers.rb', line 27

def container
  parse_repo_path unless defined?(@container)
  @container
end

#log_user_activity(actor) ⇒ Object 



89
90
91
92
93
94
95
96
 
# File 'lib/api/helpers/internal_helpers.rb', line 89

def log_user_activity(actor)
  commands = Gitlab::GitAccess::DOWNLOAD_COMMANDS
  commands += Gitlab::GitAccess::PUSH_COMMANDS if Feature.enabled?(:log_user_git_push_activity)

  return unless commands.include?(params[:action])

  ::Users::ActivityService.new(author: actor, namespace: project&.namespace, project: project).execute
end

#parse_envObject 



81
82
83
84
85
86
87
 
# File 'lib/api/helpers/internal_helpers.rb', line 81

def parse_env
  return {} if params[:env].blank?

  Gitlab::Json.parse(params[:env])
rescue JSON::ParserError
  {}
end

#projectObject 



22
23
24
25
 
# File 'lib/api/helpers/internal_helpers.rb', line 22

def project
  parse_repo_path unless defined?(@project)
  @project
end

#redis_pingObject 



98
99
100
101
102
103
104
105
 
# File 'lib/api/helpers/internal_helpers.rb', line 98

def redis_ping
  result = Gitlab::Redis::SharedState.with { |redis| redis.ping }

  result == 'PONG'
rescue StandardError => e
  Gitlab::AppLogger.warn("GitLab: An unexpected error occurred in pinging to Redis: #{e}")
  false
end

#repo_typeObject

rubocop:disable Gitlab/ModuleWithInstanceVariables



17
18
19
20
 
# File 'lib/api/helpers/internal_helpers.rb', line 17

def repo_type
  parse_repo_path unless defined?(@repo_type)
  @repo_type
end

#response_with_status(code: 200, success: true, message: nil, **extra_options) ⇒ Object 



107
108
109
110
 
# File 'lib/api/helpers/internal_helpers.rb', line 107

def response_with_status(code: 200, success: true, message: nil, **extra_options)
  status code
  { status: success, message: message }.merge(extra_options).compact
end

#send_git_audit_streaming_event(msg) ⇒ Object 



122
123
124
 
# File 'lib/api/helpers/internal_helpers.rb', line 122

def send_git_audit_streaming_event(msg)
  # Defined in EE
end

#ssh_authentication_abilitiesObject 



73
74
75
76
77
78
79
 
# File 'lib/api/helpers/internal_helpers.rb', line 73

def ssh_authentication_abilities
  [
    :read_project,
    :download_code,
    :push_code
  ]
end

#unsuccessful_response?(response) ⇒ Boolean

Returns:

  • (Boolean) 


112
113
114
 
# File 'lib/api/helpers/internal_helpers.rb', line 112

def unsuccessful_response?(response)
  response.is_a?(Hash) && response[:status] == false
end

#with_admin_mode_bypass!(actor_id, &block) ⇒ Object 



116
117
118
119
120
 
# File 'lib/api/helpers/internal_helpers.rb', line 116

def with_admin_mode_bypass!(actor_id, &block)
  return yield unless Gitlab::CurrentSettings.admin_mode

  Gitlab::Auth::CurrentUserMode.bypass_session!(actor_id, &block)
end