diff options
| author | Douwe Maan <douwe@gitlab.com> | 2015-10-18 11:31:49 +0200 |
|---|---|---|
| committer | Douwe Maan <douwe@gitlab.com> | 2015-10-18 11:31:49 +0200 |
| commit | df9062d0b50d08a8a484b9780aeb92c53bead530 (patch) | |
| tree | 13985b14daf1b1614b35aade3f74a0c80f8eb10c /app/controllers | |
| parent | ae4fbae26cefbf10848719ee8c06d418c348420c (diff) | |
| parent | 38785046f7ec7d834e22add66e4be88f6e985355 (diff) | |
| download | gitlab-ce-df9062d0b50d08a8a484b9780aeb92c53bead530.tar.gz | |
Merge branch 'master' into jrochkind/gitlab-ce-fix_2839_send_abuse_report_notify
Diffstat (limited to 'app/controllers')
34 files changed, 284 insertions, 304 deletions
diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb index 18a258c139f..039f18f23e0 100644 --- a/app/controllers/admin/application_settings_controller.rb +++ b/app/controllers/admin/application_settings_controller.rb @@ -57,7 +57,6 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController :version_check_enabled, :admin_notification_email, :user_oauth_applications, - :ci_enabled, restricted_visibility_levels: [], import_sources: [] ) diff --git a/app/controllers/admin/services_controller.rb b/app/controllers/admin/services_controller.rb index a62170662e1..46133588332 100644 --- a/app/controllers/admin/services_controller.rb +++ b/app/controllers/admin/services_controller.rb @@ -39,7 +39,13 @@ class Admin::ServicesController < Admin::ApplicationController end def application_services_params - params.permit(:id, + application_services_params = params.permit(:id, service: Projects::ServicesController::ALLOWED_PARAMS) + if application_services_params[:service].is_a?(Hash) + Projects::ServicesController::FILTER_BLANK_PARAMS.each do |param| + application_services_params[:service].delete(param) if application_services_params[:service][param].blank? + end + end + application_services_params end end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 527c9da0faa..f0124c6bd60 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -30,7 +30,7 @@ class ApplicationController < ActionController::Base rescue_from ActiveRecord::RecordNotFound do |exception| log_exception(exception) - render "errors/not_found", layout: "errors", status: 404 + render_404 end protected @@ -149,12 +149,8 @@ class ApplicationController < ActionController::Base render "errors/access_denied", layout: "errors", status: 404 end - def not_found! - render "errors/not_found", layout: "errors", status: 404 - end - def git_not_found! - render "errors/git_not_found", layout: "errors", status: 404 + render html: "errors/git_not_found", layout: "errors", status: 404 end def method_missing(method_sym, *arguments, &block) diff --git a/app/controllers/ci/admin/runners_controller.rb b/app/controllers/ci/admin/runners_controller.rb index 9a68add9083..110954a612d 100644 --- a/app/controllers/ci/admin/runners_controller.rb +++ b/app/controllers/ci/admin/runners_controller.rb @@ -6,7 +6,7 @@ module Ci @runners = Ci::Runner.order('id DESC') @runners = @runners.search(params[:search]) if params[:search].present? @runners = @runners.page(params[:page]).per(30) - @active_runners_cnt = Ci::Runner.where("contacted_at > ?", 1.minutes.ago).count + @active_runners_cnt = Ci::Runner.online.count end def show @@ -66,7 +66,7 @@ module Ci end def runner_params - params.require(:runner).permit(:token, :description, :tag_list, :contacted_at, :active) + params.require(:runner).permit(:token, :description, :tag_list, :active) end end end diff --git a/app/controllers/ci/application_controller.rb b/app/controllers/ci/application_controller.rb index d8227e632e4..9be470660e6 100644 --- a/app/controllers/ci/application_controller.rb +++ b/app/controllers/ci/application_controller.rb @@ -1,7 +1,5 @@ module Ci class ApplicationController < ::ApplicationController - before_action :check_enable_flag! - def self.railtie_helpers_paths "app/helpers/ci" end @@ -10,13 +8,6 @@ module Ci private - def check_enable_flag! - unless current_application_settings.ci_enabled - redirect_to(disabled_ci_projects_path) - return - end - end - def authenticate_public_page! unless project.public authenticate_user! diff --git a/app/controllers/ci/builds_controller.rb b/app/controllers/ci/builds_controller.rb deleted file mode 100644 index 80ee8666792..00000000000 --- a/app/controllers/ci/builds_controller.rb +++ /dev/null @@ -1,78 +0,0 @@ -module Ci - class BuildsController < Ci::ApplicationController - before_action :authenticate_user!, except: [:status, :show] - before_action :authenticate_public_page!, only: :show - before_action :project - before_action :authorize_access_project!, except: [:status, :show] - before_action :authorize_manage_project!, except: [:status, :show, :retry, :cancel] - before_action :authorize_manage_builds!, only: [:retry, :cancel] - before_action :build, except: [:show] - layout 'ci/build' - - def show - if params[:id] =~ /\A\d+\Z/ - @build = build - else - # try to find commit by sha - commit = commit_by_sha - - if commit - # Redirect to commit page - redirect_to ci_project_ref_commit_path(@project, @build.commit.ref, @build.commit.sha) - return - end - end - - raise ActiveRecord::RecordNotFound unless @build - - @builds = @project.commits.find_by_sha(@build.sha).builds.order('id DESC') - @builds = @builds.where("id not in (?)", @build.id).page(params[:page]).per(20) - @commit = @build.commit - - respond_to do |format| - format.html - format.json do - render json: @build.to_json(methods: :trace_html) - end - end - end - - def retry - if @build.commands.blank? - return page_404 - end - - build = Ci::Build.retry(@build) - - if params[:return_to] - redirect_to URI.parse(params[:return_to]).path - else - redirect_to ci_project_build_path(project, build) - end - end - - def status - render json: @build.to_json(only: [:status, :id, :sha, :coverage], methods: :sha) - end - - def cancel - @build.cancel - - redirect_to ci_project_build_path(@project, @build) - end - - protected - - def project - @project = Ci::Project.find(params[:project_id]) - end - - def build - @build ||= project.builds.unscoped.find_by(id: params[:id]) - end - - def commit_by_sha - @project.commits.find_by(sha: params[:id]) - end - end -end diff --git a/app/controllers/ci/commits_controller.rb b/app/controllers/ci/commits_controller.rb deleted file mode 100644 index 7a0a500fbe6..00000000000 --- a/app/controllers/ci/commits_controller.rb +++ /dev/null @@ -1,38 +0,0 @@ -module Ci - class CommitsController < Ci::ApplicationController - before_action :authenticate_user!, except: [:status, :show] - before_action :authenticate_public_page!, only: :show - before_action :project - before_action :authorize_access_project!, except: [:status, :show, :cancel] - before_action :authorize_manage_builds!, only: [:cancel] - before_action :commit, only: :show - layout 'ci/commit' - - def show - @builds = @commit.builds - end - - def status - commit = Ci::Project.find(params[:project_id]).commits.find_by_sha_and_ref!(params[:id], params[:ref_id]) - render json: commit.to_json(only: [:id, :sha], methods: [:status, :coverage]) - rescue ActiveRecord::RecordNotFound - render json: { status: "not_found" } - end - - def cancel - commit.builds.running_or_pending.each(&:cancel) - - redirect_to ci_project_ref_commits_path(project, commit.ref, commit.sha) - end - - private - - def project - @project ||= Ci::Project.find(params[:project_id]) - end - - def commit - @commit ||= Ci::Project.find(params[:project_id]).commits.find_by_sha_and_ref!(params[:id], params[:ref_id]) - end - end -end diff --git a/app/controllers/ci/projects_controller.rb b/app/controllers/ci/projects_controller.rb index e8788955eba..809b44387ba 100644 --- a/app/controllers/ci/projects_controller.rb +++ b/app/controllers/ci/projects_controller.rb @@ -1,26 +1,15 @@ module Ci class ProjectsController < Ci::ApplicationController - before_action :authenticate_user!, except: [:build, :badge, :show] - before_action :authenticate_public_page!, only: :show - before_action :project, only: [:build, :show, :badge, :toggle_shared_runners, :dumped_yaml] - before_action :authorize_access_project!, except: [:build, :badge, :show, :new, :disabled] + before_action :project, except: [:index] + before_action :authenticate_user!, except: [:index, :build, :badge] + before_action :authorize_access_project!, except: [:index, :badge] before_action :authorize_manage_project!, only: [:toggle_shared_runners, :dumped_yaml] - before_action :authenticate_token!, only: [:build] before_action :no_cache, only: [:badge] - skip_before_action :check_enable_flag!, only: [:disabled] - protect_from_forgery except: :build - - layout 'ci/project', except: [:index, :disabled] - - def disabled - end + protect_from_forgery def show - @ref = params[:ref] - - @commits = @project.commits.reverse_order - @commits = @commits.where(ref: @ref) if @ref - @commits = @commits.page(params[:page]).per(20) + # Temporary compatibility with CI badges pointing to CI project page + redirect_to namespace_project_path(project.gl_project.namespace, project.gl_project) end # Project status badge diff --git a/app/controllers/ci/services_controller.rb b/app/controllers/ci/services_controller.rb deleted file mode 100644 index 52c96a34ce8..00000000000 --- a/app/controllers/ci/services_controller.rb +++ /dev/null @@ -1,59 +0,0 @@ -module Ci - class ServicesController < Ci::ApplicationController - before_action :authenticate_user! - before_action :project - before_action :authorize_access_project! - before_action :authorize_manage_project! - before_action :service, only: [:edit, :update, :test] - - respond_to :html - - layout 'ci/project' - - def index - @project.build_missing_services - @services = @project.services.reload - end - - def edit - end - - def update - if @service.update_attributes(service_params) - redirect_to edit_ci_project_service_path(@project, @service.to_param) - else - render 'edit' - end - end - - def test - last_build = @project.builds.last - - if @service.execute(last_build) - message = { notice: 'We successfully tested the service' } - else - message = { alert: 'We tried to test the service but error occurred' } - end - - redirect_to :back, message - end - - private - - def project - @project = Ci::Project.find(params[:project_id]) - end - - def service - @service ||= @project.services.find { |service| service.to_param == params[:id] } - end - - def service_params - params.require(:service).permit( - :type, :active, :webhook, :notify_only_broken_builds, - :email_recipients, :email_only_broken_builds, :email_add_pusher, - :hipchat_token, :hipchat_room, :hipchat_server - ) - end - end -end diff --git a/app/controllers/ci/web_hooks_controller.rb b/app/controllers/ci/web_hooks_controller.rb deleted file mode 100644 index 24074a6d9ac..00000000000 --- a/app/controllers/ci/web_hooks_controller.rb +++ /dev/null @@ -1,53 +0,0 @@ -module Ci - class WebHooksController < Ci::ApplicationController - before_action :authenticate_user! - before_action :project - before_action :authorize_access_project! - before_action :authorize_manage_project! - - layout 'ci/project' - - def index - @web_hooks = @project.web_hooks - @web_hook = Ci::WebHook.new - end - - def create - @web_hook = @project.web_hooks.new(web_hook_params) - @web_hook.save - - if @web_hook.valid? - redirect_to ci_project_web_hooks_path(@project) - else - @web_hooks = @project.web_hooks.select(&:persisted?) - render :index - end - end - - def test - Ci::TestHookService.new.execute(hook, current_user) - - redirect_to :back - end - - def destroy - hook.destroy - - redirect_to ci_project_web_hooks_path(@project) - end - - private - - def hook - @web_hook ||= @project.web_hooks.find(params[:id]) - end - - def project - @project = Ci::Project.find(params[:project_id]) - end - - def web_hook_params - params.require(:web_hook).permit(:url) - end - end -end diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb index 524218290c6..40fb15a5b36 100644 --- a/app/controllers/groups_controller.rb +++ b/app/controllers/groups_controller.rb @@ -88,7 +88,7 @@ class GroupsController < Groups::ApplicationController def destroy DestroyGroupService.new(@group, current_user).execute - redirect_to root_path, alert: "Group '#{@group.name} was deleted." + redirect_to root_path, alert: "Group '#{@group.name}' was successfully deleted." end protected diff --git a/app/controllers/import/bitbucket_controller.rb b/app/controllers/import/bitbucket_controller.rb index f84f85a7df8..25e58724860 100644 --- a/app/controllers/import/bitbucket_controller.rb +++ b/app/controllers/import/bitbucket_controller.rb @@ -62,7 +62,7 @@ class Import::BitbucketController < Import::BaseController end def verify_bitbucket_import_enabled - not_found! unless bitbucket_import_enabled? + render_404 unless bitbucket_import_enabled? end def bitbucket_auth diff --git a/app/controllers/import/fogbugz_controller.rb b/app/controllers/import/fogbugz_controller.rb index 849646cd665..18300390851 100644 --- a/app/controllers/import/fogbugz_controller.rb +++ b/app/controllers/import/fogbugz_controller.rb @@ -99,6 +99,6 @@ class Import::FogbugzController < Import::BaseController end def verify_fogbugz_import_enabled - not_found! unless fogbugz_import_enabled? + render_404 unless fogbugz_import_enabled? end end diff --git a/app/controllers/import/github_controller.rb b/app/controllers/import/github_controller.rb index f21fbd9ecca..aae77d384c6 100644 --- a/app/controllers/import/github_controller.rb +++ b/app/controllers/import/github_controller.rb @@ -47,7 +47,7 @@ class Import::GithubController < Import::BaseController end def verify_github_import_enabled - not_found! unless github_import_enabled? + render_404 unless github_import_enabled? end def github_auth diff --git a/app/controllers/import/gitlab_controller.rb b/app/controllers/import/gitlab_controller.rb index 27af19f5f61..23a396e8084 100644 --- a/app/controllers/import/gitlab_controller.rb +++ b/app/controllers/import/gitlab_controller.rb @@ -44,7 +44,7 @@ class Import::GitlabController < Import::BaseController end def verify_gitlab_import_enabled - not_found! unless gitlab_import_enabled? + render_404 unless gitlab_import_enabled? end def gitlab_auth diff --git a/app/controllers/import/gitorious_controller.rb b/app/controllers/import/gitorious_controller.rb index f24cdb3709a..eecbe380c9e 100644 --- a/app/controllers/import/gitorious_controller.rb +++ b/app/controllers/import/gitorious_controller.rb @@ -42,7 +42,7 @@ class Import::GitoriousController < Import::BaseController end def verify_gitorious_import_enabled - not_found! unless gitorious_import_enabled? + render_404 unless gitorious_import_enabled? end end diff --git a/app/controllers/import/google_code_controller.rb b/app/controllers/import/google_code_controller.rb index 82fadeb7e83..41472a6fe6c 100644 --- a/app/controllers/import/google_code_controller.rb +++ b/app/controllers/import/google_code_controller.rb @@ -106,7 +106,7 @@ class Import::GoogleCodeController < Import::BaseController end def verify_google_code_import_enabled - not_found! unless google_code_import_enabled? + render_404 unless google_code_import_enabled? end def user_map diff --git a/app/controllers/profiles/preferences_controller.rb b/app/controllers/profiles/preferences_controller.rb index f83b4abd1e2..a9a06ecc808 100644 --- a/app/controllers/profiles/preferences_controller.rb +++ b/app/controllers/profiles/preferences_controller.rb @@ -31,6 +31,7 @@ class Profiles::PreferencesController < Profiles::ApplicationController def preferences_params params.require(:user).permit( :color_scheme_id, + :layout, :dashboard, :project_view, :theme_id diff --git a/app/controllers/projects/avatars_controller.rb b/app/controllers/projects/avatars_controller.rb index 9c3763d5934..548f1b9ebfe 100644 --- a/app/controllers/projects/avatars_controller.rb +++ b/app/controllers/projects/avatars_controller.rb @@ -12,7 +12,7 @@ class Projects::AvatarsController < Projects::ApplicationController filename: @blob.name ) else - not_found! + render_404 end end diff --git a/app/controllers/projects/blob_controller.rb b/app/controllers/projects/blob_controller.rb index 8776721d243..8cc2f21d887 100644 --- a/app/controllers/projects/blob_controller.rb +++ b/app/controllers/projects/blob_controller.rb @@ -8,7 +8,7 @@ class Projects::BlobController < Projects::ApplicationController before_action :require_non_empty_project, except: [:new, :create] before_action :authorize_download_code! - before_action :authorize_push_code!, only: [:destroy] + before_action :authorize_push_code!, only: [:destroy, :create] before_action :assign_blob_vars before_action :commit, except: [:new, :create] before_action :blob, except: [:new, :create] @@ -25,7 +25,7 @@ class Projects::BlobController < Projects::ApplicationController result = Files::CreateService.new(@project, current_user, @commit_params).execute if result[:status] == :success - flash[:notice] = "Your changes have been successfully committed" + flash[:notice] = "The changes have been successfully committed" respond_to do |format| format.html { redirect_to namespace_project_blob_path(@project.namespace, @project, File.join(@target_branch, @file_path)) } format.json { render json: { message: "success", filePath: namespace_project_blob_path(@project.namespace, @project, File.join(@target_branch, @file_path)) } } @@ -34,7 +34,7 @@ class Projects::BlobController < Projects::ApplicationController flash[:alert] = result[:message] respond_to do |format| format.html { render :new } - format.json { render json: { message: "failed", filePath: namespace_project_new_blob_path(@project.namespace, @project, @id) } } + format.json { render json: { message: "failed", filePath: namespace_project_blob_path(@project.namespace, @project, @id) } } end end end @@ -113,14 +113,14 @@ class Projects::BlobController < Projects::ApplicationController end end - return not_found! + return render_404 end end def commit @commit = @repository.commit(@ref) - return not_found! unless @commit + return render_404 unless @commit end def assign_blob_vars @@ -128,7 +128,7 @@ class Projects::BlobController < Projects::ApplicationController @ref, @path = extract_ref(@id) rescue InvalidPathError - not_found! + render_404 end def after_edit_path @@ -154,7 +154,7 @@ class Projects::BlobController < Projects::ApplicationController def editor_variables @current_branch = @ref - @target_branch = (sanitized_new_branch_name || @ref) + @target_branch = params[:new_branch].present? ? sanitized_new_branch_name : @ref @file_path = if action_name.to_s == 'create' diff --git a/app/controllers/projects/builds_controller.rb b/app/controllers/projects/builds_controller.rb new file mode 100644 index 00000000000..816012762ce --- /dev/null +++ b/app/controllers/projects/builds_controller.rb @@ -0,0 +1,76 @@ +class Projects::BuildsController < Projects::ApplicationController + before_action :ci_project + before_action :build, except: [:index, :cancel_all] + + before_action :authorize_admin_project!, except: [:index, :show, :status] + + layout "project" + + def index + @scope = params[:scope] + @all_builds = project.ci_builds + @builds = + case @scope + when 'all' + @all_builds + when 'finished' + @all_builds.finished + else + @all_builds.running_or_pending + end + @builds = @builds.order('created_at DESC').page(params[:page]).per(30) + end + + def cancel_all + @project.ci_builds.running_or_pending.each(&:cancel) + + redirect_to namespace_project_builds_path(project.namespace, project) + end + + def show + @builds = @ci_project.commits.find_by_sha(@build.sha).builds.order('id DESC') + @builds = @builds.where("id not in (?)", @build.id).page(params[:page]).per(20) + @commit = @build.commit + + respond_to do |format| + format.html + format.json do + render json: @build.to_json(methods: :trace_html) + end + end + end + + def retry + if @build.commands.blank? + return page_404 + end + + build = Ci::Build.retry(@build) + + if params[:return_to] + redirect_to URI.parse(params[:return_to]).path + else + redirect_to build_path(build) + end + end + + def status + render json: @build.to_json(only: [:status, :id, :sha, :coverage], methods: :sha) + end + + def cancel + @build.cancel + + redirect_to build_path(@build) + end + + private + + def build + @build ||= ci_project.builds.unscoped.find_by!(id: params[:id]) + end + + def build_path(build) + namespace_project_build_path(build.gl_project.namespace, build.gl_project, build) + end +end diff --git a/app/controllers/projects/ci_services_controller.rb b/app/controllers/projects/ci_services_controller.rb new file mode 100644 index 00000000000..6d2756eba3d --- /dev/null +++ b/app/controllers/projects/ci_services_controller.rb @@ -0,0 +1,49 @@ +class Projects::CiServicesController < Projects::ApplicationController + before_action :ci_project + before_action :authorize_admin_project! + + layout "project_settings" + + def index + @ci_project.build_missing_services + @services = @ci_project.services.reload + end + + def edit + service + end + + def update + if @service.update_attributes(service_params) + redirect_to edit_namespace_project_ci_service_path(@project, @project.namespace, @service.to_param) + else + render 'edit' + end + end + + def test + last_build = @project.builds.last + + if @service.execute(last_build) + message = { notice: 'We successfully tested the service' } + else + message = { alert: 'We tried to test the service but error occurred' } + end + + redirect_to :back, message + end + + private + + def service + @service ||= @ci_project.services.find { |service| service.to_param == params[:id] } + end + + def service_params + params.require(:service).permit( + :type, :active, :webhook, :notify_only_broken_builds, + :email_recipients, :email_only_broken_builds, :email_add_pusher, + :hipchat_token, :hipchat_room, :hipchat_server + ) + end +end diff --git a/app/controllers/projects/ci_web_hooks_controller.rb b/app/controllers/projects/ci_web_hooks_controller.rb new file mode 100644 index 00000000000..7f40ddcb3f3 --- /dev/null +++ b/app/controllers/projects/ci_web_hooks_controller.rb @@ -0,0 +1,45 @@ +class Projects::CiWebHooksController < Projects::ApplicationController + before_action :ci_project + before_action :authorize_admin_project! + + layout "project_settings" + + def index + @web_hooks = @ci_project.web_hooks + @web_hook = Ci::WebHook.new + end + + def create + @web_hook = @ci_project.web_hooks.new(web_hook_params) + @web_hook.save + + if @web_hook.valid? + redirect_to namespace_project_ci_web_hooks_path(@project.namespace, @project) + else + @web_hooks = @ci_project.web_hooks.select(&:persisted?) + render :index + end + end + + def test + Ci::TestHookService.new.execute(hook, current_user) + + redirect_to :back + end + + def destroy + hook.destroy + + redirect_to namespace_project_ci_web_hooks_path(@project.namespace, @project) + end + + private + + def hook + @web_hook ||= @ci_project.web_hooks.find(params[:id]) + end + + def web_hook_params + params.require(:web_hook).permit(:url) + end +end diff --git a/app/controllers/projects/commit_controller.rb b/app/controllers/projects/commit_controller.rb index 2fae5057138..7886f3c6deb 100644 --- a/app/controllers/projects/commit_controller.rb +++ b/app/controllers/projects/commit_controller.rb @@ -31,6 +31,21 @@ class Projects::CommitController < Projects::ApplicationController end end + def ci + @ci_commit = @project.ci_commit(@commit.sha) + @builds = @ci_commit.builds if @ci_commit + @notes_count = @commit.notes.count + @ci_project = @project.gitlab_ci_project + end + + def cancel_builds + @ci_commit = @project.ci_commit(@commit.sha) + @ci_commit.builds.running_or_pending.each(&:cancel) + + redirect_to ci_namespace_project_commit_path(project.namespace, project, commit.sha) + end + + def branches @branches = @project.repository.branch_names_contains(commit.id) @tags = @project.repository.tag_names_contains(commit.id) diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb index 0f89f2e88cc..97485c101fb 100644 --- a/app/controllers/projects/issues_controller.rb +++ b/app/controllers/projects/issues_controller.rb @@ -55,9 +55,9 @@ class Projects::IssuesController < Projects::ApplicationController end def show - @participants = @issue.participants(current_user, @project) + @participants = @issue.participants(current_user) @note = @project.notes.new(noteable: @issue) - @notes = @issue.notes.inc_author.fresh + @notes = @issue.notes.with_associations.fresh @noteable = @issue respond_with(@issue) diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 7570934e727..98df6984bf7 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -246,7 +246,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController end def define_show_vars - @participants = @merge_request.participants(current_user, @project) + @participants = @merge_request.participants(current_user) # Build a note object for comment form @note = @project.notes.new(noteable: @merge_request) diff --git a/app/controllers/projects/raw_controller.rb b/app/controllers/projects/raw_controller.rb index 5f6fbce795e..d5ee6ac8663 100644 --- a/app/controllers/projects/raw_controller.rb +++ b/app/controllers/projects/raw_controller.rb @@ -20,7 +20,7 @@ class Projects::RawController < Projects::ApplicationController disposition: 'inline' ) else - not_found! + render_404 end end diff --git a/app/controllers/projects/refs_controller.rb b/app/controllers/projects/refs_controller.rb index 6080c849c8d..c4e18c17077 100644 --- a/app/controllers/projects/refs_controller.rb +++ b/app/controllers/projects/refs_controller.rb @@ -3,6 +3,7 @@ class Projects::RefsController < Projects::ApplicationController include TreeHelper before_action :require_non_empty_project + before_action :validate_ref_id before_action :assign_ref_vars before_action :authorize_download_code! @@ -71,4 +72,10 @@ class Projects::RefsController < Projects::ApplicationController format.js end end + + private + + def validate_ref_id + return not_found! if params[:id].present? && params[:id] !~ Gitlab::Regex.git_reference_regex + end end diff --git a/app/controllers/projects/repositories_controller.rb b/app/controllers/projects/repositories_controller.rb index c4a5e2d6359..ba9aea1c165 100644 --- a/app/controllers/projects/repositories_controller.rb +++ b/app/controllers/projects/repositories_controller.rb @@ -11,18 +11,9 @@ class Projects::RepositoriesController < Projects::ApplicationController end def archive - begin - file_path = ArchiveRepositoryService.new(@project, params[:ref], params[:format]).execute - rescue - return head :not_found - end - - if file_path - # Send file to user - response.headers["Content-Length"] = File.open(file_path).size.to_s - send_file file_path - else - redirect_to request.fullpath - end + render json: ArchiveRepositoryService.new(@project, params[:ref], params[:format]).execute + rescue => ex + logger.error("#{self.class.name}: #{ex}") + return git_not_found! end end diff --git a/app/controllers/projects/runners_controller.rb b/app/controllers/projects/runners_controller.rb index 6cb6e3ef6d4..deb07a21416 100644 --- a/app/controllers/projects/runners_controller.rb +++ b/app/controllers/projects/runners_controller.rb @@ -60,6 +60,6 @@ class Projects::RunnersController < Projects::ApplicationController end def runner_params - params.require(:runner).permit(:description, :tag_list, :contacted_at, :active) + params.require(:runner).permit(:description, :tag_list, :active) end end diff --git a/app/controllers/projects/services_controller.rb b/app/controllers/projects/services_controller.rb index 3047ee8a1ff..129068ef019 100644 --- a/app/controllers/projects/services_controller.rb +++ b/app/controllers/projects/services_controller.rb @@ -9,6 +9,10 @@ class Projects::ServicesController < Projects::ApplicationController :note_events, :send_from_committer_email, :disable_diffs, :external_wiki_url, :notify, :color, :server_host, :server_port, :default_irc_uri, :enable_ssl_verification] + + # Parameters to ignore if no value is specified + FILTER_BLANK_PARAMS = [:password] + # Authorize before_action :authorize_admin_project! before_action :service, only: [:edit, :update, :test] @@ -59,7 +63,9 @@ class Projects::ServicesController < Projects::ApplicationController def service_params service_params = params.require(:service).permit(ALLOWED_PARAMS) - service_params.delete("password") if service_params["password"].blank? + FILTER_BLANK_PARAMS.each do |param| + service_params.delete(param) if service_params[param].blank? + end service_params end end diff --git a/app/controllers/projects/tree_controller.rb b/app/controllers/projects/tree_controller.rb index 92e4bc16d9d..bdcb1a3e297 100644 --- a/app/controllers/projects/tree_controller.rb +++ b/app/controllers/projects/tree_controller.rb @@ -1,13 +1,16 @@ # Controller for viewing a repository's file structure class Projects::TreeController < Projects::ApplicationController include ExtractsPath + include ActionView::Helpers::SanitizeHelper before_action :require_non_empty_project, except: [:new, :create] before_action :assign_ref_vars + before_action :assign_dir_vars, only: [:create_dir] before_action :authorize_download_code! + before_action :authorize_push_code!, only: [:create_dir] def show - return not_found! unless @repository.commit(@ref) + return render_404 unless @repository.commit(@ref) if tree.entries.empty? if @repository.blob_at(@commit.id, @path) @@ -16,7 +19,7 @@ class Projects::TreeController < Projects::ApplicationController File.join(@ref, @path)) ) and return elsif @path.present? - return not_found! + return render_404 end end @@ -26,4 +29,38 @@ class Projects::TreeController < Projects::ApplicationController format.js { no_cache_headers } end end + + def create_dir + return render_404 unless @commit_params.values.all? + + begin + result = Files::CreateDirService.new(@project, current_user, @commit_params).execute + message = result[:message] + rescue => e + message = e.to_s + end + + if result && result[:status] == :success + flash[:notice] = "The directory has been successfully created" + respond_to do |format| + format.html { redirect_to namespace_project_blob_path(@project.namespace, @project, File.join(@new_branch, @dir_name)) } + end + else + flash[:alert] = message + respond_to do |format| + format.html { redirect_to namespace_project_blob_path(@project.namespace, @project, @new_branch) } + end + end + end + + def assign_dir_vars + @new_branch = params[:new_branch].present? ? sanitize(strip_tags(params[:new_branch])) : @ref + @dir_name = File.join(@path, params[:dir_name]) + @commit_params = { + file_path: @dir_name, + current_branch: @ref, + target_branch: @new_branch, + commit_message: params[:commit_message], + } + end end diff --git a/app/controllers/projects/uploads_controller.rb b/app/controllers/projects/uploads_controller.rb index 71ecc20dd95..e1fe7ea2114 100644 --- a/app/controllers/projects/uploads_controller.rb +++ b/app/controllers/projects/uploads_controller.rb @@ -20,7 +20,7 @@ class Projects::UploadsController < Projects::ApplicationController end def show - return not_found! if uploader.nil? || !uploader.file.exists? + return render_404 if uploader.nil? || !uploader.file.exists? disposition = uploader.image? ? 'inline' : 'attachment' send_file uploader.file.path, disposition: disposition diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb index 28536e359e5..868b05929d7 100644 --- a/app/controllers/uploads_controller.rb +++ b/app/controllers/uploads_controller.rb @@ -10,7 +10,7 @@ class UploadsController < ApplicationController end unless uploader.file && uploader.file.exists? - return not_found! + return render_404 end disposition = uploader.image? ? 'inline' : 'attachment' @@ -21,7 +21,7 @@ class UploadsController < ApplicationController def find_model unless upload_model && upload_mount - return not_found! + return render_404 end @model = upload_model.find(params[:id]) @@ -44,7 +44,7 @@ class UploadsController < ApplicationController return if authorized if current_user - not_found! + render_404 else authenticate_user! end |