Module: ApplicationSettingImplementation
- Extended by:
- ActiveSupport::Concern
- Includes:
- Gitlab::Utils::StrongMemoize
- Included in:
- ApplicationSetting, Gitlab::FakeApplicationSettings
- Defined in:
- app/models/application_setting_implementation.rb
Constant Summary collapse
- STRING_LIST_SEPARATOR =
%r{\s*[,;]\s* # comma or semicolon, optionally surrounded by whitespace | # or \s # any whitespace character | # or [\r\n] # any number of newline characters }x
- FORBIDDEN_KEY_VALUE =
Setting a key restriction to ‘-1` means that all keys of this type are forbidden.
KeyRestrictionValidator::FORBIDDEN
- VALID_RUNNER_REGISTRAR_TYPES =
%w[project group].freeze
- DEFAULT_PROTECTED_PATHS =
[ '/users/password', '/users/sign_in', '/api/v3/session.json', '/api/v3/session', '/api/v4/session.json', '/api/v4/session', '/users', '/users/confirmation', '/unsubscribes/', '/import/github/personal_access_token', '/admin/session' ].freeze
- DEFAULT_MINIMUM_PASSWORD_LENGTH =
8
Instance Method Summary collapse
- #add_to_outbound_local_requests_whitelist(values_array) ⇒ Object
- #allow_signup? ⇒ Boolean
- #allowed_key_types ⇒ Object
- #archive_builds_older_than ⇒ Object
- #asset_proxy_allowlist ⇒ Object
- #asset_proxy_whitelist=(values) ⇒ Object (also: #asset_proxy_allowlist=)
- #commit_email_hostname ⇒ Object
- #default_group_visibility=(level) ⇒ Object
- #default_project_visibility=(level) ⇒ Object
- #default_snippet_visibility=(level) ⇒ Object
- #disabled_oauth_sign_in_sources=(sources) ⇒ Object
- #domain_allowlist_raw ⇒ Object
- #domain_allowlist_raw=(values) ⇒ Object
- #domain_denylist_file=(file) ⇒ Object
- #domain_denylist_raw ⇒ Object
- #domain_denylist_raw=(values) ⇒ Object
- #ensure_key_restrictions! ⇒ Object
- #error_tracking_access_token ⇒ Object
- #health_check_access_token ⇒ Object
- #help_page_support_url_column_exists? ⇒ Boolean
- #home_page_url_column_exists? ⇒ Boolean
- #key_restriction_for(type) ⇒ Object
- #latest_terms ⇒ Object
- #normalized_repository_storage_weights ⇒ Object
- #notes_create_limit_allowlist_raw ⇒ Object
- #notes_create_limit_allowlist_raw=(values) ⇒ Object
-
#outbound_local_requests_allowlist_arrays ⇒ Object
This method separates out the strings stored in the application_setting.outbound_local_requests_whitelist array into 2 arrays; an array of IPAddr objects (‘[IPAddr.new(’127.0.0.1’)]‘), and an array of domain strings (`[’www.example.com’]‘).
- #outbound_local_requests_allowlist_raw ⇒ Object
- #outbound_local_requests_allowlist_raw=(values) ⇒ Object
- #password_authentication_enabled? ⇒ Boolean
- #performance_bar_allowed_group ⇒ Object
-
#performance_bar_enabled ⇒ Object
Return true if the Performance Bar is enabled for a given group.
-
#pick_repository_storage ⇒ Object
Choose one of the available repository storage options based on a normalized weighted probability.
- #protected_paths_for_get_request_raw ⇒ Object
- #protected_paths_for_get_request_raw=(values) ⇒ Object
- #protected_paths_raw ⇒ Object
- #protected_paths_raw=(values) ⇒ Object
- #repository_storages ⇒ Object
- #reset_memoized_terms ⇒ Object
- #restricted_visibility_levels=(levels) ⇒ Object
- #runners_registration_token ⇒ Object
- #search_rate_limit_allowlist_raw ⇒ Object
- #search_rate_limit_allowlist_raw=(values) ⇒ Object
- #static_objects_external_storage_auth_token=(token) ⇒ Object
- #static_objects_external_storage_enabled? ⇒ Boolean
- #usage_ping_can_be_configured? ⇒ Boolean
- #usage_ping_enabled ⇒ Object (also: #usage_ping_enabled?)
- #usage_ping_features_enabled? ⇒ Boolean
- #user_default_internal_regex_enabled? ⇒ Boolean
- #user_default_internal_regex_instance ⇒ Object
- #users_get_by_id_limit_allowlist_raw ⇒ Object
- #users_get_by_id_limit_allowlist_raw=(values) ⇒ Object
Instance Method Details
#add_to_outbound_local_requests_whitelist(values_array) ⇒ Object
355 356 357 358 359 360 361 362 |
# File 'app/models/application_setting_implementation.rb', line 355 def add_to_outbound_local_requests_whitelist(values_array) clear_memoization(:outbound_local_requests_allowlist_arrays) self.outbound_local_requests_whitelist ||= [] self.outbound_local_requests_whitelist += values_array self.outbound_local_requests_whitelist.uniq! end |
#allow_signup? ⇒ Boolean
528 529 530 |
# File 'app/models/application_setting_implementation.rb', line 528 def allow_signup? signup_enabled? && password_authentication_enabled_for_web? end |
#allowed_key_types ⇒ Object
516 517 518 519 520 |
# File 'app/models/application_setting_implementation.rb', line 516 def allowed_key_types Gitlab::SSHPublicKey.supported_types.select do |type| key_restriction_for(type) != FORBIDDEN_KEY_VALUE end end |
#archive_builds_older_than ⇒ Object
554 555 556 |
# File 'app/models/application_setting_implementation.rb', line 554 def archive_builds_older_than archive_builds_in_seconds.seconds.ago if archive_builds_in_seconds end |
#asset_proxy_allowlist ⇒ Object
428 429 430 |
# File 'app/models/application_setting_implementation.rb', line 428 def asset_proxy_allowlist read_attribute(:asset_proxy_whitelist) end |
#asset_proxy_whitelist=(values) ⇒ Object Also known as: asset_proxy_allowlist=
418 419 420 421 422 423 424 425 |
# File 'app/models/application_setting_implementation.rb', line 418 def asset_proxy_whitelist=(values) values = strings_to_array(values) if values.is_a?(String) # make sure we always allow the running host values << Gitlab.config.gitlab.host unless values.include?(Gitlab.config.gitlab.host) self[:asset_proxy_whitelist] = values end |
#commit_email_hostname ⇒ Object
436 437 438 |
# File 'app/models/application_setting_implementation.rb', line 436 def commit_email_hostname super.presence || self.class.default_commit_email_hostname end |
#default_group_visibility=(level) ⇒ Object
448 449 450 |
# File 'app/models/application_setting_implementation.rb', line 448 def default_group_visibility=(level) super(Gitlab::VisibilityLevel.level_value(level)) end |
#default_project_visibility=(level) ⇒ Object
440 441 442 |
# File 'app/models/application_setting_implementation.rb', line 440 def default_project_visibility=(level) super(Gitlab::VisibilityLevel.level_value(level)) end |
#default_snippet_visibility=(level) ⇒ Object
444 445 446 |
# File 'app/models/application_setting_implementation.rb', line 444 def default_snippet_visibility=(level) super(Gitlab::VisibilityLevel.level_value(level)) end |
#disabled_oauth_sign_in_sources=(sources) ⇒ Object
320 321 322 323 |
# File 'app/models/application_setting_implementation.rb', line 320 def disabled_oauth_sign_in_sources=(sources) sources = (sources || []).map(&:to_s) & Devise.omniauth_providers.map(&:to_s) super(sources) end |
#domain_allowlist_raw ⇒ Object
325 326 327 |
# File 'app/models/application_setting_implementation.rb', line 325 def domain_allowlist_raw array_to_string(domain_allowlist) end |
#domain_allowlist_raw=(values) ⇒ Object
333 334 335 |
# File 'app/models/application_setting_implementation.rb', line 333 def domain_allowlist_raw=(values) self.domain_allowlist = strings_to_array(values) end |
#domain_denylist_file=(file) ⇒ Object
341 342 343 |
# File 'app/models/application_setting_implementation.rb', line 341 def domain_denylist_file=(file) self.domain_denylist_raw = file.read end |
#domain_denylist_raw ⇒ Object
329 330 331 |
# File 'app/models/application_setting_implementation.rb', line 329 def domain_denylist_raw array_to_string(domain_denylist) end |
#domain_denylist_raw=(values) ⇒ Object
337 338 339 |
# File 'app/models/application_setting_implementation.rb', line 337 def domain_denylist_raw=(values) self.domain_denylist = strings_to_array(values) end |
#ensure_key_restrictions! ⇒ Object
562 563 564 565 566 567 568 569 |
# File 'app/models/application_setting_implementation.rb', line 562 def ensure_key_restrictions! return if Gitlab::Database.read_only? return unless Gitlab::FIPS.enabled? Gitlab::SSHPublicKey.supported_types.each do |key_type| set_max_key_restriction!(key_type) end end |
#error_tracking_access_token ⇒ Object
499 500 501 |
# File 'app/models/application_setting_implementation.rb', line 499 def error_tracking_access_token ensure_error_tracking_access_token! end |
#health_check_access_token ⇒ Object
495 496 497 |
# File 'app/models/application_setting_implementation.rb', line 495 def health_check_access_token ensure_health_check_access_token! end |
#help_page_support_url_column_exists? ⇒ Boolean
316 317 318 |
# File 'app/models/application_setting_implementation.rb', line 316 def help_page_support_url_column_exists? ApplicationSetting.database.cached_column_exists?(:help_page_support_url) end |
#home_page_url_column_exists? ⇒ Boolean
312 313 314 |
# File 'app/models/application_setting_implementation.rb', line 312 def home_page_url_column_exists? ApplicationSetting.database.cached_column_exists?(:home_page_url) end |
#key_restriction_for(type) ⇒ Object
522 523 524 525 526 |
# File 'app/models/application_setting_implementation.rb', line 522 def key_restriction_for(type) attr_name = "#{type}_key_restriction" has_attribute?(attr_name) ? public_send(attr_name) : FORBIDDEN_KEY_VALUE # rubocop:disable GitlabSecurity/PublicSend end |
#latest_terms ⇒ Object
545 546 547 |
# File 'app/models/application_setting_implementation.rb', line 545 def latest_terms @latest_terms ||= ApplicationSetting::Term.latest end |
#normalized_repository_storage_weights ⇒ Object
473 474 475 476 477 478 479 480 481 482 483 484 |
# File 'app/models/application_setting_implementation.rb', line 473 def normalized_repository_storage_weights strong_memoize(:normalized_repository_storage_weights) do repository_storages_weights = repository_storages_weighted.slice(*Gitlab.config.repositories.storages.keys) weights_total = repository_storages_weights.values.sum repository_storages_weights.transform_values do |w| next w if weights_total == 0 w.to_f / weights_total end end end |
#notes_create_limit_allowlist_raw ⇒ Object
394 395 396 |
# File 'app/models/application_setting_implementation.rb', line 394 def notes_create_limit_allowlist_raw array_to_string(notes_create_limit_allowlist) end |
#notes_create_limit_allowlist_raw=(values) ⇒ Object
398 399 400 |
# File 'app/models/application_setting_implementation.rb', line 398 def notes_create_limit_allowlist_raw=(values) self.notes_create_limit_allowlist = strings_to_array(values).map(&:downcase) end |
#outbound_local_requests_allowlist_arrays ⇒ Object
This method separates out the strings stored in the application_setting.outbound_local_requests_whitelist array into 2 arrays; an array of IPAddr objects (‘[IPAddr.new(’127.0.0.1’)]‘), and an array of domain strings (`[’www.example.com’]‘).
368 369 370 371 372 373 374 375 376 |
# File 'app/models/application_setting_implementation.rb', line 368 def outbound_local_requests_allowlist_arrays strong_memoize(:outbound_local_requests_allowlist_arrays) do next [[], []] unless self.outbound_local_requests_whitelist ip_allowlist, domain_allowlist = separate_allowlists(self.outbound_local_requests_whitelist) [ip_allowlist, domain_allowlist] end end |
#outbound_local_requests_allowlist_raw ⇒ Object
345 346 347 |
# File 'app/models/application_setting_implementation.rb', line 345 def outbound_local_requests_allowlist_raw array_to_string(outbound_local_requests_whitelist) end |
#outbound_local_requests_allowlist_raw=(values) ⇒ Object
349 350 351 352 353 |
# File 'app/models/application_setting_implementation.rb', line 349 def outbound_local_requests_allowlist_raw=(values) clear_memoization(:outbound_local_requests_allowlist_arrays) self.outbound_local_requests_whitelist = strings_to_array(values) end |
#password_authentication_enabled? ⇒ Boolean
532 533 534 |
# File 'app/models/application_setting_implementation.rb', line 532 def password_authentication_enabled? password_authentication_enabled_for_web? || password_authentication_enabled_for_git? end |
#performance_bar_allowed_group ⇒ Object
464 465 466 |
# File 'app/models/application_setting_implementation.rb', line 464 def Group.find_by_id() end |
#performance_bar_enabled ⇒ Object
Return true if the Performance Bar is enabled for a given group
469 470 471 |
# File 'app/models/application_setting_implementation.rb', line 469 def .present? end |
#pick_repository_storage ⇒ Object
Choose one of the available repository storage options based on a normalized weighted probability.
487 488 489 |
# File 'app/models/application_setting_implementation.rb', line 487 def pick_repository_storage normalized_repository_storage_weights.max_by { |_, weight| rand**(1.0 / weight) }.first end |
#protected_paths_for_get_request_raw ⇒ Object
386 387 388 |
# File 'app/models/application_setting_implementation.rb', line 386 def protected_paths_for_get_request_raw array_to_string(protected_paths_for_get_request) end |
#protected_paths_for_get_request_raw=(values) ⇒ Object
390 391 392 |
# File 'app/models/application_setting_implementation.rb', line 390 def protected_paths_for_get_request_raw=(values) self.protected_paths_for_get_request = strings_to_array(values) end |
#protected_paths_raw ⇒ Object
378 379 380 |
# File 'app/models/application_setting_implementation.rb', line 378 def protected_paths_raw array_to_string(protected_paths) end |
#protected_paths_raw=(values) ⇒ Object
382 383 384 |
# File 'app/models/application_setting_implementation.rb', line 382 def protected_paths_raw=(values) self.protected_paths = strings_to_array(values) end |
#repository_storages ⇒ Object
432 433 434 |
# File 'app/models/application_setting_implementation.rb', line 432 def repository_storages Array(read_attribute(:repository_storages)) end |
#reset_memoized_terms ⇒ Object
549 550 551 552 |
# File 'app/models/application_setting_implementation.rb', line 549 def reset_memoized_terms @latest_terms = nil # rubocop:disable Gitlab/ModuleWithInstanceVariables latest_terms end |
#restricted_visibility_levels=(levels) ⇒ Object
452 453 454 |
# File 'app/models/application_setting_implementation.rb', line 452 def restricted_visibility_levels=(levels) super(levels&.map { |level| Gitlab::VisibilityLevel.level_value(level) }) end |
#runners_registration_token ⇒ Object
491 492 493 |
# File 'app/models/application_setting_implementation.rb', line 491 def runners_registration_token ensure_runners_registration_token! end |
#search_rate_limit_allowlist_raw ⇒ Object
410 411 412 |
# File 'app/models/application_setting_implementation.rb', line 410 def search_rate_limit_allowlist_raw array_to_string(search_rate_limit_allowlist) end |
#search_rate_limit_allowlist_raw=(values) ⇒ Object
414 415 416 |
# File 'app/models/application_setting_implementation.rb', line 414 def search_rate_limit_allowlist_raw=(values) self.search_rate_limit_allowlist = strings_to_array(values).map(&:downcase) end |
#static_objects_external_storage_auth_token=(token) ⇒ Object
456 457 458 459 460 461 462 |
# File 'app/models/application_setting_implementation.rb', line 456 def static_objects_external_storage_auth_token=(token) if token.present? set_static_objects_external_storage_auth_token(token) else self.static_objects_external_storage_auth_token_encrypted = nil end end |
#static_objects_external_storage_enabled? ⇒ Boolean
558 559 560 |
# File 'app/models/application_setting_implementation.rb', line 558 def static_objects_external_storage_enabled? static_objects_external_storage_url.present? end |
#usage_ping_can_be_configured? ⇒ Boolean
503 504 505 |
# File 'app/models/application_setting_implementation.rb', line 503 def usage_ping_can_be_configured? Settings.gitlab.usage_ping_enabled end |
#usage_ping_enabled ⇒ Object Also known as: usage_ping_enabled?
511 512 513 |
# File 'app/models/application_setting_implementation.rb', line 511 def usage_ping_enabled usage_ping_can_be_configured? && super end |
#usage_ping_features_enabled? ⇒ Boolean
507 508 509 |
# File 'app/models/application_setting_implementation.rb', line 507 def usage_ping_features_enabled? usage_ping_enabled? && usage_ping_features_enabled end |
#user_default_internal_regex_enabled? ⇒ Boolean
536 537 538 |
# File 'app/models/application_setting_implementation.rb', line 536 def user_default_internal_regex_enabled? user_default_external? && user_default_internal_regex.present? end |
#user_default_internal_regex_instance ⇒ Object
540 541 542 |
# File 'app/models/application_setting_implementation.rb', line 540 def user_default_internal_regex_instance Regexp.new(user_default_internal_regex, Regexp::IGNORECASE) end |
#users_get_by_id_limit_allowlist_raw ⇒ Object
402 403 404 |
# File 'app/models/application_setting_implementation.rb', line 402 def users_get_by_id_limit_allowlist_raw array_to_string(users_get_by_id_limit_allowlist) end |
#users_get_by_id_limit_allowlist_raw=(values) ⇒ Object
406 407 408 |
# File 'app/models/application_setting_implementation.rb', line 406 def users_get_by_id_limit_allowlist_raw=(values) self.users_get_by_id_limit_allowlist = strings_to_array(values).map(&:downcase) end |