2020-12-02 15:09:37 +00:00
|
|
|
package upload
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"net/http"
|
|
|
|
|
|
2021-07-21 15:08:52 +00:00
|
|
|
"gitlab.com/gitlab-org/gitlab/workhorse/internal/api"
|
2020-12-02 15:09:37 +00:00
|
|
|
)
|
|
|
|
|
|
2022-02-14 09:13:38 +00:00
|
|
|
// Multipart is a request middleware. If the request has a MIME multipart
|
|
|
|
|
// request body, the middleware will iterate through the multipart parts.
|
|
|
|
|
// When it finds a file part (filename != ""), the middleware will save
|
|
|
|
|
// the file contents to a temporary location and replace the file part
|
|
|
|
|
// with a reference to the temporary location.
|
|
|
|
|
func Multipart(rails PreAuthorizer, h http.Handler, p Preparer) http.Handler {
|
2020-12-02 15:09:37 +00:00
|
|
|
return rails.PreAuthorizeHandler(func(w http.ResponseWriter, r *http.Request, a *api.Response) {
|
|
|
|
|
s := &SavedFileTracker{Request: r}
|
|
|
|
|
|
2022-05-24 09:09:17 +00:00
|
|
|
interceptMultipartFiles(w, r, h, s, &eagerAuthorizer{a}, p)
|
2020-12-02 15:09:37 +00:00
|
|
|
}, "/authorize")
|
|
|
|
|
}
|
2022-05-24 09:09:17 +00:00
|
|
|
|
2022-07-07 09:10:00 +00:00
|
|
|
// FixedPreAuthMultipart behaves like Multipart except it makes lazy
|
|
|
|
|
// preauthorization requests when it encounters a multipart upload. The
|
|
|
|
|
// preauthorization requests go to a fixed internal GitLab Rails API
|
|
|
|
|
// endpoint. This endpoint currently does not support direct upload, so
|
|
|
|
|
// using FixedPreAuthMultipart implies disk buffering.
|
|
|
|
|
func FixedPreAuthMultipart(myAPI *api.API, h http.Handler, p Preparer) http.Handler {
|
2022-05-24 09:09:17 +00:00
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
s := &SavedFileTracker{Request: r}
|
2022-07-07 09:10:00 +00:00
|
|
|
fa := &apiAuthorizer{myAPI}
|
2022-05-24 09:09:17 +00:00
|
|
|
interceptMultipartFiles(w, r, h, s, fa, p)
|
|
|
|
|
})
|
|
|
|
|
}
|
