2016-08-18 14:31:44 +00:00
|
|
|
Rails.application.configure do |config|
|
2019-09-13 13:26:31 +00:00
|
|
|
# ApolloUploadServer::Middleware expects to find uploaded files ready to use
|
|
|
|
config.middleware.insert_before(ApolloUploadServer::Middleware, Gitlab::Middleware::Multipart)
|
2016-08-18 14:31:44 +00:00
|
|
|
end
|
2016-12-23 12:42:42 +00:00
|
|
|
|
2016-12-27 17:12:37 +00:00
|
|
|
# The Gitlab::Middleware::Multipart middleware inserts instances of our
|
|
|
|
# own ::UploadedFile class in the Rack env of requests. These instances
|
|
|
|
# will be blocked by the 'strong parameters' feature of ActionController
|
|
|
|
# unless we somehow whitelist them. At the moment it seems the only way
|
|
|
|
# to do that is by monkey-patching.
|
|
|
|
#
|
2016-12-23 12:42:42 +00:00
|
|
|
module Gitlab
|
|
|
|
module StrongParameterScalars
|
|
|
|
def permitted_scalar?(value)
|
2017-08-21 15:50:34 +00:00
|
|
|
super || value.is_a?(::UploadedFile)
|
2016-12-23 12:42:42 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
module ActionController
|
|
|
|
class Parameters
|
|
|
|
prepend Gitlab::StrongParameterScalars
|
|
|
|
end
|
|
|
|
end
|