gitlab-org--gitlab-foss/app/controllers/projects/application_controller.rb

# frozen_string_literal: true

class Projects::ApplicationController < ApplicationController
  include CookiesHelper
  include RoutableActions
  include ChecksCollaboration

  skip_before_action :authenticate_user!
  before_action :project
  before_action :repository
  layout 'project'

  helper_method :repository, :can_collaborate_with_project?, :user_access

  rescue_from Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError do |exception|
    log_exception(exception)
    render_404
  end

  private

  def project
    return @project if @project
    return unless params[:project_id] || params[:id]

    path = File.join(params[:namespace_id], params[:project_id] || params[:id])
    auth_proc = ->(project) { !project.pending_delete? }

    @project = find_routable!(Project, path, extra_authorization_proc: auth_proc)
  end

  def build_canonical_path(project)
    params[:namespace_id] = project.namespace.to_param
    params[:project_id] = project.to_param

    url_for(safe_params)
  end

  def repository
    @repository ||= project.repository
  end

  def authorize_action!(action)
    unless can?(current_user, action, project)
      return access_denied!
    end
  end

  def check_project_feature_available!(feature)
    render_404 unless project.feature_available?(feature, current_user)
  end

  def check_issuables_available!
    render_404 unless project.feature_available?(:issues, current_user) ||
        project.feature_available?(:merge_requests, current_user)
  end

  def method_missing(method_sym, *arguments, &block)
    case method_sym.to_s
    when /\Aauthorize_(.*)!\z/
      authorize_action!($1.to_sym)
    when /\Acheck_(.*)_available!\z/
      check_project_feature_available!($1.to_sym)
    else
      super
    end
  end

  def require_non_empty_project
    # Be sure to return status code 303 to avoid a double DELETE:
    # http://api.rubyonrails.org/classes/ActionController/Redirecting.html
    redirect_to project_path(@project), status: :see_other if @project.empty_repo?
  end

  def require_branch_head
    unless @repository.branch_exists?(@ref)
      redirect_to(
        project_tree_path(@project, @ref),
        notice: "This action is not allowed unless you are on a branch"
      )
    end
  end

  def apply_diff_view_cookie!
    set_secure_cookie(:diff_view, params.delete(:view), permanent: true) if params[:view].present?
  end

  def require_pages_enabled!
    not_found unless @project.pages_available?
  end

  def check_issues_available!
    return render_404 unless @project.feature_available?(:issues, current_user)
  end
end
Enable even more frozen string in app/controllers Enables frozen string for some vestigial files as well as the following: * app/controllers/projects/*/.rb * app/controllers/sherlock/*/.rb * app/controllers/snippets/*/.rb * app/controllers/users/*/.rb Partially addresses #47424. 2018-09-25 23:45:43 -04:00			`# frozen_string_literal: true`

assign team to project from project page in public section 2013-01-23 09:14:20 -05:00			`class Projects::ApplicationController < ApplicationController`
Set issuable_sort and diff_view cookies to secure when possible Closes #49120 2018-08-30 16:39:56 -04:00			`include CookiesHelper`
Redirect from redirect routes to canonical routes 2017-05-01 16:46:30 -04:00			`include RoutableActions`
Share collaboration check between view and presenter 2018-04-06 10:02:36 -04:00			`include ChecksCollaboration`
Redirect from redirect routes to canonical routes 2017-05-01 16:46:30 -04:00
Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00			`skip_before_action :authenticate_user!`
Address feedback 2016-03-21 19:09:20 -04:00			`before_action :project`
			`before_action :repository`
Add a page title to every page. 2015-04-30 13:06:18 -04:00			`layout 'project'`
Allow non authenticated user access to public projects 2013-09-24 08:58:39 -04:00
Allow maintainers to edit directly in a fork 2018-02-28 03:06:18 -05:00			`helper_method :repository, :can_collaborate_with_project?, :user_access`
Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00
Authorize access before serving project template Previously, if a user was a guest member of a private project, they could access the merge request template as we were not checking permission-levels of the user. When a issue template is asked for, the user must have :read_issue for the project; or :read_merge_request when a merge request template is asked for. We also now rescue_from FileNotFoundError and handle as 404. This is because RepoTemplateFinder can raise a FileNotFoundError exception, which Rails previously handled as a 500. Handling these in a way that is consistent with ActiveRecord::RecordNotFound exceptions, within controllers that inherit from Projects::ApplicationController at least, and returning a 404. https://gitlab.com/gitlab-org/gitlab-ce/issues/54943 2019-05-23 00:33:11 -04:00			`rescue_from Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError do \|exception\|`
			`log_exception(exception)`
			`render_404`
			`end`

Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00			`private`

Dry up routable lookups. Fixes #30317 Note: This changes the behavior of user lookups (see the spec change) so it acts the same way as groups and projects. Unauthenticated clients attempting to access a user page will be redirected to login whether the user exists and is publicly restricted, or does not exist at all. 2017-05-04 17:20:13 -04:00			`def project`
Resolve discussions 2017-05-05 13:48:01 -04:00			`return @project if @project`
Adds the Rubocop ReturnNil cop This style change enforces `return if ...` instead of `return nil if ...` to save maintainers a few minor review points 2019-02-08 07:19:53 -05:00			`return unless params[:project_id] \|\| params[:id]`
Resolve discussions 2017-05-05 13:48:01 -04:00
			`path = File.join(params[:namespace_id], params[:project_id] \|\| params[:id])`
			`auth_proc = ->(project) { !project.pending_delete? }`
Dry up routable lookups. Fixes #30317 Note: This changes the behavior of user lookups (see the spec change) so it acts the same way as groups and projects. Unauthenticated clients attempting to access a user page will be redirected to login whether the user exists and is publicly restricted, or does not exist at all. 2017-05-04 17:20:13 -04:00
Avoid passing not_found_or_authorized_proc around Since this needs to be called on every find_routable!(Project, ... we can instead move it to a RoutableActions check. 2019-05-13 04:50:23 -04:00			`@project = find_routable!(Project, path, extra_authorization_proc: auth_proc)`
Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00			`end`

Refactor to more robust implementation In order to avoid string manipulation or modify route params (to make them unambiguous for `url_for`), we are accepting a behavior change: When being redirected to the canonical path for a group, if you requested a group show path starting with `/groups/…` then you’ll now be redirected to the group at root `/…`. 2017-05-18 19:23:05 -04:00			`def build_canonical_path(project)`
			`params[:namespace_id] = project.namespace.to_param`
			`params[:project_id] = project.to_param`

[Rails5] Use `safe_params` instead of `params` in `url_for` helpers This commits replaces `params` with `safe_params` in `url_for` helpers to resolve security issues [1] and failing specs with the ``` ArgumentError: Attempting to generate a URL from non-sanitized request parameters! An attacker can inject malicious data into the generated URL, such as changing the host. Whitelist and sanitize passed parameters to be secure. ``` error. [1]: https://gitlab.com/gitlab-org/gitlab-ce/issues/45168 2018-04-28 06:35:16 -04:00			`url_for(safe_params)`
Refactor to more robust implementation In order to avoid string manipulation or modify route params (to make them unambiguous for `url_for`), we are accepting a behavior change: When being redirected to the canonical path for a group, if you requested a group show path starting with `/groups/…` then you’ll now be redirected to the group at root `/…`. 2017-05-18 19:23:05 -04:00			`end`

Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00			`def repository`
			`@repository \|\|= project.repository`
			`end`

Authorize build update on per object basis 2017-05-05 07:24:07 -04:00			`def authorize_action!(action)`
			`unless can?(current_user, action, project)`
			`return access_denied!`
			`end`
Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00			`end`

Backport check_project_feature_available! from EE 2017-06-20 06:59:50 -04:00			`def check_project_feature_available!(feature)`
Use the new check_project_feature_available! method in project controllers 2017-06-20 07:13:04 -04:00			`render_404 unless project.feature_available?(feature, current_user)`
			`end`

			`def check_issuables_available!`
			`render_404 unless project.feature_available?(:issues, current_user) \|\|`
			`project.feature_available?(:merge_requests, current_user)`
Backport check_project_feature_available! from EE 2017-06-20 06:59:50 -04:00			`end`

Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00			`def method_missing(method_sym, *arguments, &block)`
Backport check_project_feature_available! from EE 2017-06-20 06:59:50 -04:00			`case method_sym.to_s`
			`when /\Aauthorize_(.*)!\z/`
Authorize build update on per object basis 2017-05-05 07:24:07 -04:00			`authorize_action!($1.to_sym)`
Backport check_project_feature_available! from EE 2017-06-20 06:59:50 -04:00			`when /\Acheck_(.*)_available!\z/`
			`check_project_feature_available!($1.to_sym)`
Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00			`else`
			`super`
Allow non authenticated user access to public projects 2013-09-24 08:58:39 -04:00			`end`
Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00			`end`
Allow non authenticated user access to public projects 2013-09-24 08:58:39 -04:00
Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00			`def require_non_empty_project`
Return status code 303 after a branch DELETE operation to avoid project deletion Closes #14994 2016-04-07 00:10:24 -04:00			`# Be sure to return status code 303 to avoid a double DELETE:`
			`# http://api.rubyonrails.org/classes/ActionController/Redirecting.html`
Updates from `rubocop -a` 2018-07-02 06:43:06 -04:00			`redirect_to project_path(@project), status: :see_other if @project.empty_repo?`
Allow non authenticated user access to public projects 2013-09-24 08:58:39 -04:00			`end`

Refactoring for EditTree and NewTree controllers and contexts Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-11-05 05:21:11 -05:00			`def require_branch_head`
Unify check branch name exist 2016-06-20 09:38:54 -04:00			`unless @repository.branch_exists?(@ref)`
Upgrade to Rails 4.1.9 Make the following changes to deal with new behavior in Rails 4.1.2: * Use nested resources to avoid slashes in arguments to path helpers. 2015-01-24 13:02:58 -05:00			`redirect_to(`
Create and use project path helpers that only need a project, no namespace 2017-06-29 13:06:35 -04:00			`project_tree_path(@project, @ref),`
Make tooltip less confusing 2015-12-08 16:30:40 -05:00			`notice: "This action is not allowed unless you are on a branch"`
Upgrade to Rails 4.1.9 Make the following changes to deal with new behavior in Rails 4.1.2: * Use nested resources to avoid slashes in arguments to path helpers. 2015-01-24 13:02:58 -05:00			`)`
Refactoring for EditTree and NewTree controllers and contexts Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-11-05 05:21:11 -05:00			`end`
			`end`
Add header for ci graphs and check that it is enabled Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-09-24 03:44:38 -04:00
Remember user's inline/tabular diff view preference in a cookie 2015-10-22 21:52:17 -04:00			`def apply_diff_view_cookie!`
Set issuable_sort and diff_view cookies to secure when possible Closes #49120 2018-08-30 16:39:56 -04:00			`set_secure_cookie(:diff_view, params.delete(:view), permanent: true) if params[:view].present?`
Remember user's inline/tabular diff view preference in a cookie 2015-10-22 21:52:17 -04:00			`end`

Disable navigation to Pages config if Pages is disabled * Regards project-level pages config - Nav link is now shown only if Pages is enabled for instance - Navigation to following controllers denied if Pages disabled: * projects/pages_controller * projects/pages_domains_controller - 'disabled' partial removed + Test for pages_controller introduced 2017-04-06 23:27:35 -04:00			`def require_pages_enabled!`
Don't show references to Pages when not available In this instance its subgroups, and given we can't deploy it, we shouldn't allow it to be shown. Fixes gitlab-org/gitlab-ce#34864 2017-08-29 06:15:19 -04:00			`not_found unless @project.pages_available?`
Disable navigation to Pages config if Pages is disabled * Regards project-level pages config - Nav link is now shown only if Pages is enabled for instance - Navigation to following controllers denied if Pages disabled: * projects/pages_controller * projects/pages_domains_controller - 'disabled' partial removed + Test for pages_controller introduced 2017-04-06 23:27:35 -04:00			`end`
disables the shortcut to the issue boards when issues are disabled 2018-01-08 04:06:25 -05:00
			`def check_issues_available!`
			`return render_404 unless @project.feature_available?(:issues, current_user)`
			`end`
assign team to project from project page in public section 2013-01-23 09:14:20 -05:00			`end`