2018-09-14 01:42:05 -04:00
# frozen_string_literal: true
2012-03-15 19:14:39 -04:00
class SearchController < ApplicationController
2017-12-11 09:21:06 -05:00
include ControllerWithCrossProjectAccessCheck
2014-01-18 07:16:46 -05:00
include SearchHelper
2020-08-28 08:10:37 -04:00
include RedisTracking
2014-01-18 07:16:46 -05:00
2021-12-07 07:10:33 -05:00
RESCUE_FROM_TIMEOUT_ACTIONS = [ :count , :show , :autocomplete ] . freeze
2021-07-28 11:09:57 -04:00
2021-02-11 10:09:11 -05:00
track_redis_hll_event :show , name : 'i_search_total'
2020-08-28 08:10:37 -04:00
2019-06-26 19:19:59 -04:00
around_action :allow_gitaly_ref_name_caching
2021-08-26 17:11:25 -04:00
before_action :block_anonymous_global_searches , :check_scope_global_search_enabled , except : :opensearch
2017-12-11 09:21:06 -05:00
skip_before_action :authenticate_user!
requires_cross_project_access if : - > do
search_term_present = params [ :search ] . present? || params [ :term ] . present?
search_term_present && ! params [ :project_id ] . present?
end
2021-12-20 13:13:27 -05:00
before_action :check_email_search_rate_limit! , only : [ :show , :count , :autocomplete ]
2017-12-11 09:21:06 -05:00
2021-07-09 08:08:17 -04:00
rescue_from ActiveRecord :: QueryCanceled , with : :render_timeout
2015-05-01 04:39:11 -04:00
layout 'search'
2015-04-30 13:06:18 -04:00
2020-10-05 08:08:47 -04:00
feature_category :global_search
2021-10-05 08:12:58 -04:00
urgency :high , [ :opensearch ]
2020-10-05 08:08:47 -04:00
2012-03-15 19:14:39 -04:00
def show
2017-03-31 09:03:55 -04:00
@project = search_service . project
@group = search_service . group
2015-04-28 05:48:42 -04:00
2016-11-07 13:36:58 -05:00
return if params [ :search ] . blank?
2016-09-09 07:08:49 -04:00
2019-12-26 16:07:49 -05:00
return unless search_term_valid?
2020-10-21 23:08:25 -04:00
return if check_single_commit_result?
2016-04-19 03:52:15 -04:00
@search_term = params [ :search ]
2020-10-26 08:08:44 -04:00
@sort = params [ :sort ] || default_sort
2016-04-19 03:52:15 -04:00
2020-12-01 10:09:28 -05:00
@search_service = Gitlab :: View :: Presenter :: Factory . new ( search_service , current_user : current_user ) . fabricate!
@scope = @search_service . scope
2021-08-13 05:09:58 -04:00
@without_count = @search_service . without_count?
2020-12-01 10:09:28 -05:00
@show_snippets = @search_service . show_snippets?
@search_results = @search_service . search_results
@search_objects = @search_service . search_objects
@search_highlight = @search_service . search_highlight
2021-10-26 14:09:19 -04:00
@aggregations = @search_service . search_aggregations
2017-08-23 12:53:29 -04:00
2020-05-25 02:08:38 -04:00
increment_search_counters
2013-10-23 16:27:40 -04:00
end
2014-01-18 07:16:46 -05:00
2019-07-15 13:59:57 -04:00
def count
params . require ( [ :search , :scope ] )
scope = search_service . scope
2021-04-15 14:09:01 -04:00
count = 0
ApplicationRecord . with_fast_read_statement_timeout do
count = search_service . search_results . formatted_count ( scope )
end
2019-07-15 13:59:57 -04:00
2021-02-25 13:11:05 -05:00
# Users switching tabs will keep fetching the same tab counts so it's a
# good idea to cache in their browser just for a short time. They can still
# clear cache if they are seeing an incorrect count but inaccurate count is
# not such a bad thing.
expires_in 1 . minute
2019-07-15 13:59:57 -04:00
render json : { count : count }
end
2020-07-10 05:09:01 -04:00
# rubocop: disable CodeReuse/ActiveRecord
def autocomplete
term = params [ :term ]
2021-12-07 07:10:33 -05:00
@project = search_service . project
2020-07-10 05:09:01 -04:00
@ref = params [ :project_ref ] if params [ :project_ref ] . present?
render json : search_autocomplete_opts ( term ) . to_json
end
# rubocop: enable CodeReuse/ActiveRecord
2021-02-01 07:09:03 -05:00
def opensearch
end
2017-01-10 23:20:32 -05:00
private
2020-10-26 08:08:44 -04:00
# overridden in EE
def default_sort
'created_desc'
end
2019-12-26 16:07:49 -05:00
def search_term_valid?
2020-01-14 13:08:31 -05:00
unless search_service . valid_query_length?
2021-12-09 07:15:43 -05:00
flash [ :alert ] = t ( 'errors.messages.search_chars_too_long' , count : Gitlab :: Search :: Params :: SEARCH_CHAR_LIMIT )
2019-12-26 16:07:49 -05:00
return false
end
2020-01-14 13:08:31 -05:00
unless search_service . valid_terms_count?
2021-12-09 07:15:43 -05:00
flash [ :alert ] = t ( 'errors.messages.search_terms_too_long' , count : Gitlab :: Search :: Params :: SEARCH_TERM_LIMIT )
2019-12-26 16:07:49 -05:00
return false
end
true
end
2020-10-21 23:08:25 -04:00
def check_single_commit_result?
return false if params [ :force_search_results ]
return false unless @project . present?
# download_code project policy grants user the read_commit ability
return false unless Ability . allowed? ( current_user , :download_code , @project )
2017-01-10 23:20:32 -05:00
2020-10-21 23:08:25 -04:00
query = params [ :search ] . strip . downcase
return false unless Commit . valid_hash? ( query )
commit = @project . commit_by ( oid : query )
return false unless commit . present?
link = search_path ( safe_params . merge ( force_search_results : true ) )
flash [ :notice ] = html_escape ( _ ( " You have been redirected to the only result; see the %{a_start}search results%{a_end} instead. " ) ) % { a_start : " <a href= \" #{ link } \" ><u> " . html_safe , a_end : '</u></a>' . html_safe }
redirect_to project_commit_path ( @project , commit )
true
2017-01-10 23:20:32 -05:00
end
2019-07-29 05:58:58 -04:00
2020-05-25 02:08:38 -04:00
def increment_search_counters
Gitlab :: UsageDataCounters :: SearchCounter . count ( :all_searches )
2019-07-29 05:58:58 -04:00
return if params [ :nav_source ] != 'navbar'
2020-05-25 02:08:38 -04:00
Gitlab :: UsageDataCounters :: SearchCounter . count ( :navbar_searches )
2019-07-29 05:58:58 -04:00
end
2020-07-30 08:09:33 -04:00
def append_info_to_payload ( payload )
super
# Merging to :metadata will ensure these are logged as top level keys
2020-09-13 23:09:21 -04:00
payload [ :metadata ] || = { }
2020-07-30 08:09:33 -04:00
payload [ :metadata ] [ 'meta.search.group_id' ] = params [ :group_id ]
payload [ :metadata ] [ 'meta.search.project_id' ] = params [ :project_id ]
2021-02-24 13:11:28 -05:00
payload [ :metadata ] [ 'meta.search.scope' ] = params [ :scope ] || @scope
2020-10-24 02:08:52 -04:00
payload [ :metadata ] [ 'meta.search.filters.confidential' ] = params [ :confidential ]
payload [ :metadata ] [ 'meta.search.filters.state' ] = params [ :state ]
payload [ :metadata ] [ 'meta.search.force_search_results' ] = params [ :force_search_results ]
2021-12-09 07:15:43 -05:00
if search_service . abuse_detected?
payload [ :metadata ] [ 'abuse.confidence' ] = Gitlab :: Abuse . confidence ( :certain )
payload [ :metadata ] [ 'abuse.messages' ] = search_service . abuse_messages
end
2020-07-30 08:09:33 -04:00
end
2020-09-11 08:08:50 -04:00
def block_anonymous_global_searches
2021-12-06 07:10:19 -05:00
return unless search_service . global_search?
2020-09-11 08:08:50 -04:00
return if current_user
2021-11-15 04:09:53 -05:00
return unless :: Feature . enabled? ( :block_anonymous_global_searches , type : :ops )
2020-09-11 08:08:50 -04:00
store_location_for ( :user , request . fullpath )
redirect_to new_user_session_path , alert : _ ( 'You must be logged in to search across all of GitLab' )
end
2021-07-09 08:08:17 -04:00
2021-08-26 17:11:25 -04:00
def check_scope_global_search_enabled
2021-12-06 07:10:19 -05:00
return unless search_service . global_search?
2021-08-26 17:11:25 -04:00
search_allowed = case params [ :scope ]
when 'blobs'
Feature . enabled? ( :global_search_code_tab , current_user , type : :ops , default_enabled : true )
when 'commits'
Feature . enabled? ( :global_search_commits_tab , current_user , type : :ops , default_enabled : true )
when 'issues'
Feature . enabled? ( :global_search_issues_tab , current_user , type : :ops , default_enabled : true )
when 'merge_requests'
Feature . enabled? ( :global_search_merge_requests_tab , current_user , type : :ops , default_enabled : true )
when 'wiki_blobs'
Feature . enabled? ( :global_search_wiki_tab , current_user , type : :ops , default_enabled : true )
else
true
end
return if search_allowed
redirect_to search_path , alert : _ ( 'Global Search is disabled for this scope' )
end
2021-07-09 08:08:17 -04:00
def render_timeout ( exception )
2021-07-28 11:09:57 -04:00
raise exception unless action_name . to_sym . in? ( RESCUE_FROM_TIMEOUT_ACTIONS )
2021-07-09 08:08:17 -04:00
log_exception ( exception )
@timeout = true
2021-07-28 11:09:57 -04:00
2021-12-07 07:10:33 -05:00
case action_name . to_sym
when :count
2021-07-28 11:09:57 -04:00
render json : { } , status : :request_timeout
2021-12-07 07:10:33 -05:00
when :autocomplete
render json : [ ] , status : :request_timeout
2021-07-28 11:09:57 -04:00
else
render status : :request_timeout
end
end
2021-12-20 13:13:27 -05:00
def check_email_search_rate_limit!
return unless search_service . params . email_lookup?
check_rate_limit! ( :user_email_lookup , scope : [ current_user ] )
end
2012-03-15 19:14:39 -04:00
end
2020-08-28 08:10:37 -04:00
2021-05-11 17:10:21 -04:00
SearchController . prepend_mod_with ( 'SearchController' )