gitlab-org--gitlab-foss/app/services/search_service.rb

# frozen_string_literal: true

class SearchService
  include Gitlab::Allowable

  SEARCH_TERM_LIMIT = 64
  SEARCH_CHAR_LIMIT = 4096

  def initialize(current_user, params = {})
    @current_user = current_user
    @params = params.dup
  end

  # rubocop: disable CodeReuse/ActiveRecord
  def project
    return @project if defined?(@project)

    @project =
      if params[:project_id].present?
        the_project = Project.find_by(id: params[:project_id])
        can?(current_user, :read_project, the_project) ? the_project : nil
      else
        nil
      end
  end
  # rubocop: enable CodeReuse/ActiveRecord

  # rubocop: disable CodeReuse/ActiveRecord
  def group
    return @group if defined?(@group)

    @group =
      if params[:group_id].present?
        the_group = Group.find_by(id: params[:group_id])
        can?(current_user, :read_group, the_group) ? the_group : nil
      else
        nil
      end
  end
  # rubocop: enable CodeReuse/ActiveRecord

  def show_snippets?
    return @show_snippets if defined?(@show_snippets)

    @show_snippets = params[:snippets] == 'true'
  end

  def valid_query_length?
    params[:search].length <= SEARCH_CHAR_LIMIT
  end

  def valid_terms_count?
    params[:search].split.count { |word| word.length >= 3 } <= SEARCH_TERM_LIMIT
  end

  delegate :scope, to: :search_service

  def search_results
    @search_results ||= search_service.execute
  end

  def search_objects
    @search_objects ||= redact_unauthorized_results(search_results.objects(scope, params[:page]))
  end

  private

  def visible_result?(object)
    return true unless object.respond_to?(:to_ability_name) && DeclarativePolicy.has_policy?(object)

    Ability.allowed?(current_user, :"read_#{object.to_ability_name}", object)
  end

  def redact_unauthorized_results(results_collection)
    results = results_collection.to_a
    permitted_results = results.select { |object| visible_result?(object) }

    filtered_results = (results - permitted_results).each_with_object({}) do |object, memo|
      memo[object.id] = { ability: :"read_#{object.to_ability_name}", id: object.id, class_name: object.class.name }
    end

    log_redacted_search_results(filtered_results.values) if filtered_results.any?

    return results_collection.id_not_in(filtered_results.keys) if results_collection.is_a?(ActiveRecord::Relation)

    Kaminari.paginate_array(
      permitted_results,
      total_count: results_collection.total_count,
      limit: results_collection.limit_value,
      offset: results_collection.offset_value
    )
  end

  def log_redacted_search_results(filtered_results)
    logger.error(message: "redacted_search_results", filtered: filtered_results, current_user_id: current_user&.id, query: params[:search])
  end

  def logger
    @logger ||= ::Gitlab::RedactedSearchResultsLogger.build
  end

  def search_service
    @search_service ||=
      if project
        Search::ProjectService.new(project, current_user, params)
      elsif show_snippets?
        Search::SnippetService.new(current_user, params)
      elsif group
        Search::GroupService.new(current_user, group, params)
      else
        Search::GlobalService.new(current_user, params)
      end
  end

  attr_reader :current_user, :params
end

SearchService.prepend_if_ee('EE::SearchService')
Enable frozen string in apps/uploaders/*.rb Partially addresses #47424. 2018-07-05 06:18:17 -04:00			`# frozen_string_literal: true`

Refactor SearchController#show 2017-03-31 09:03:55 -04:00			`class SearchService`
			`include Gitlab::Allowable`

Add latest changes from gitlab-org/gitlab@master 2020-01-14 13:08:31 -05:00			`SEARCH_TERM_LIMIT = 64`
			`SEARCH_CHAR_LIMIT = 4096`

Refactor SearchController#show 2017-03-31 09:03:55 -04:00			`def initialize(current_user, params = {})`
			`@current_user = current_user`
			`@params = params.dup`
			`end`

Disable existing offenses for the CodeReuse cops This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. 2018-08-27 11:31:01 -04:00			`# rubocop: disable CodeReuse/ActiveRecord`
Refactor SearchController#show 2017-03-31 09:03:55 -04:00			`def project`
			`return @project if defined?(@project)`

			`@project =`
			`if params[:project_id].present?`
			`the_project = Project.find_by(id: params[:project_id])`
Fix: Wiki is not searchable with Guest permissions 2017-05-22 12:51:09 -04:00			`can?(current_user, :read_project, the_project) ? the_project : nil`
Refactor SearchController#show 2017-03-31 09:03:55 -04:00			`else`
			`nil`
			`end`
			`end`
Disable existing offenses for the CodeReuse cops This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. 2018-08-27 11:31:01 -04:00			`# rubocop: enable CodeReuse/ActiveRecord`
Refactor SearchController#show 2017-03-31 09:03:55 -04:00
Disable existing offenses for the CodeReuse cops This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. 2018-08-27 11:31:01 -04:00			`# rubocop: disable CodeReuse/ActiveRecord`
Refactor SearchController#show 2017-03-31 09:03:55 -04:00			`def group`
			`return @group if defined?(@group)`

			`@group =`
			`if params[:group_id].present?`
			`the_group = Group.find_by(id: params[:group_id])`
			`can?(current_user, :read_group, the_group) ? the_group : nil`
			`else`
			`nil`
			`end`
			`end`
Disable existing offenses for the CodeReuse cops This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. 2018-08-27 11:31:01 -04:00			`# rubocop: enable CodeReuse/ActiveRecord`
Refactor SearchController#show 2017-03-31 09:03:55 -04:00
			`def show_snippets?`
			`return @show_snippets if defined?(@show_snippets)`

			`@show_snippets = params[:snippets] == 'true'`
			`end`

Add latest changes from gitlab-org/gitlab@master 2020-01-14 13:08:31 -05:00			`def valid_query_length?`
			`params[:search].length <= SEARCH_CHAR_LIMIT`
			`end`

			`def valid_terms_count?`
			`params[:search].split.count { \|word\| word.length >= 3 } <= SEARCH_TERM_LIMIT`
			`end`

Refactor SearchController#show 2017-03-31 09:03:55 -04:00			`delegate :scope, to: :search_service`

			`def search_results`
			`@search_results \|\|= search_service.execute`
			`end`

			`def search_objects`
Add latest changes from gitlab-org/gitlab@master 2020-03-17 17:09:16 -04:00			`@search_objects \|\|= redact_unauthorized_results(search_results.objects(scope, params[:page]))`
			`end`

Refactor SearchController#show 2017-03-31 09:03:55 -04:00			`private`

Add latest changes from gitlab-org/gitlab@master 2020-03-17 17:09:16 -04:00			`def visible_result?(object)`
			`return true unless object.respond_to?(:to_ability_name) && DeclarativePolicy.has_policy?(object)`

			`Ability.allowed?(current_user, :"read_#{object.to_ability_name}", object)`
			`end`

Add latest changes from gitlab-org/gitlab@master 2020-04-09 17:09:19 -04:00			`def redact_unauthorized_results(results_collection)`
			`results = results_collection.to_a`
			`permitted_results = results.select { \|object\| visible_result?(object) }`
Add latest changes from gitlab-org/gitlab@master 2020-03-17 17:09:16 -04:00
			`filtered_results = (results - permitted_results).each_with_object({}) do \|object, memo\|`
			`memo[object.id] = { ability: :"read_#{object.to_ability_name}", id: object.id, class_name: object.class.name }`
			`end`

			`log_redacted_search_results(filtered_results.values) if filtered_results.any?`

Add latest changes from gitlab-org/gitlab@master 2020-04-09 17:09:19 -04:00			`return results_collection.id_not_in(filtered_results.keys) if results_collection.is_a?(ActiveRecord::Relation)`
Add latest changes from gitlab-org/gitlab@master 2020-03-17 17:09:16 -04:00
			`Kaminari.paginate_array(`
			`permitted_results,`
Add latest changes from gitlab-org/gitlab@master 2020-04-09 17:09:19 -04:00			`total_count: results_collection.total_count,`
			`limit: results_collection.limit_value,`
			`offset: results_collection.offset_value`
Add latest changes from gitlab-org/gitlab@master 2020-03-17 17:09:16 -04:00			`)`
			`end`

			`def log_redacted_search_results(filtered_results)`
			`logger.error(message: "redacted_search_results", filtered: filtered_results, current_user_id: current_user&.id, query: params[:search])`
			`end`

			`def logger`
			`@logger \|\|= ::Gitlab::RedactedSearchResultsLogger.build`
			`end`

Refactor SearchController#show 2017-03-31 09:03:55 -04:00			`def search_service`
			`@search_service \|\|=`
			`if project`
			`Search::ProjectService.new(project, current_user, params)`
			`elsif show_snippets?`
			`Search::SnippetService.new(current_user, params)`
Refactor group search out of global search 2017-04-13 11:20:04 -04:00			`elsif group`
			`Search::GroupService.new(current_user, group, params)`
Refactor SearchController#show 2017-03-31 09:03:55 -04:00			`else`
			`Search::GlobalService.new(current_user, params)`
			`end`
			`end`

			`attr_reader :current_user, :params`
			`end`
Add latest changes from gitlab-org/gitlab@master 2019-09-13 09:26:31 -04:00
			`SearchService.prepend_if_ee('EE::SearchService')`