2016-07-20 12:41:26 -04:00
|
|
|
class Projects::LfsApiController < Projects::GitHttpClientController
|
2016-11-21 10:31:51 -05:00
|
|
|
include LfsRequest
|
2016-07-20 12:41:26 -04:00
|
|
|
|
2016-11-21 10:31:51 -05:00
|
|
|
skip_before_action :lfs_check_access!, only: [:deprecated]
|
2017-09-19 03:44:58 -04:00
|
|
|
before_action :lfs_check_batch_operation!, only: [:batch]
|
2016-07-20 12:41:26 -04:00
|
|
|
|
|
|
|
def batch
|
|
|
|
unless objects.present?
|
|
|
|
render_lfs_not_found
|
|
|
|
return
|
|
|
|
end
|
|
|
|
|
|
|
|
if download_request?
|
|
|
|
render json: { objects: download_objects! }
|
|
|
|
elsif upload_request?
|
|
|
|
render json: { objects: upload_objects! }
|
|
|
|
else
|
|
|
|
raise "Never reached"
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def deprecated
|
|
|
|
render(
|
|
|
|
json: {
|
|
|
|
message: 'Server supports batch API only, please update your Git LFS client to version 1.0.1 and up.',
|
2017-05-03 07:22:03 -04:00
|
|
|
documentation_url: "#{Gitlab.config.gitlab.url}/help"
|
2016-07-20 12:41:26 -04:00
|
|
|
},
|
|
|
|
status: 501
|
|
|
|
)
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
2016-11-21 10:31:51 -05:00
|
|
|
def download_request?
|
|
|
|
params[:operation] == 'download'
|
|
|
|
end
|
|
|
|
|
|
|
|
def upload_request?
|
|
|
|
params[:operation] == 'upload'
|
|
|
|
end
|
|
|
|
|
2016-07-20 12:41:26 -04:00
|
|
|
def existing_oids
|
|
|
|
@existing_oids ||= begin
|
2018-04-04 10:40:58 -04:00
|
|
|
project.all_lfs_objects.where(oid: objects.map { |o| o['oid'].to_s }).pluck(:oid)
|
2016-07-20 12:41:26 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def download_objects!
|
|
|
|
objects.each do |object|
|
|
|
|
if existing_oids.include?(object[:oid])
|
|
|
|
object[:actions] = download_actions(object)
|
2017-01-26 13:58:05 -05:00
|
|
|
|
|
|
|
if Guest.can?(:download_code, project)
|
|
|
|
object[:authenticated] = true
|
|
|
|
end
|
2016-07-20 12:41:26 -04:00
|
|
|
else
|
|
|
|
object[:error] = {
|
|
|
|
code: 404,
|
2017-05-03 07:22:03 -04:00
|
|
|
message: "Object does not exist on the server or you don't have permissions to access it"
|
2016-07-20 12:41:26 -04:00
|
|
|
}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
objects
|
|
|
|
end
|
|
|
|
|
|
|
|
def upload_objects!
|
|
|
|
objects.each do |object|
|
|
|
|
object[:actions] = upload_actions(object) unless existing_oids.include?(object[:oid])
|
|
|
|
end
|
|
|
|
objects
|
|
|
|
end
|
|
|
|
|
|
|
|
def download_actions(object)
|
|
|
|
{
|
|
|
|
download: {
|
|
|
|
href: "#{project.http_url_to_repo}/gitlab-lfs/objects/#{object[:oid]}",
|
|
|
|
header: {
|
|
|
|
Authorization: request.headers['Authorization']
|
|
|
|
}.compact
|
|
|
|
}
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
def upload_actions(object)
|
|
|
|
{
|
|
|
|
upload: {
|
|
|
|
href: "#{project.http_url_to_repo}/gitlab-lfs/objects/#{object[:oid]}/#{object[:size]}",
|
|
|
|
header: {
|
|
|
|
Authorization: request.headers['Authorization']
|
|
|
|
}.compact
|
|
|
|
}
|
|
|
|
}
|
|
|
|
end
|
2017-09-19 03:44:58 -04:00
|
|
|
|
|
|
|
def lfs_check_batch_operation!
|
|
|
|
if upload_request? && Gitlab::Database.read_only?
|
|
|
|
render(
|
|
|
|
json: {
|
|
|
|
message: lfs_read_only_message
|
|
|
|
},
|
2018-02-07 08:00:53 -05:00
|
|
|
content_type: LfsRequest::CONTENT_TYPE,
|
2017-09-19 03:44:58 -04:00
|
|
|
status: 403
|
|
|
|
)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# Overridden in EE
|
|
|
|
def lfs_read_only_message
|
|
|
|
_('You cannot write to this read-only GitLab instance.')
|
|
|
|
end
|
2016-07-20 12:41:26 -04:00
|
|
|
end
|