gitlab-org--gitlab-foss/app/controllers/import/bitbucket_controller.rb

class Import::BitbucketController < Import::BaseController
  before_action :verify_bitbucket_import_enabled
  before_action :bitbucket_auth, except: :callback

  rescue_from OAuth::Error, with: :bitbucket_unauthorized
  rescue_from Bitbucket::Error::Unauthorized, with: :bitbucket_unauthorized

  def callback
    response = client.auth_code.get_token(params[:code], redirect_uri: callback_import_bitbucket_url)

    session[:bitbucket_token]         = response.token
    session[:bitbucket_expires_at]    = response.expires_at
    session[:bitbucket_expires_in]    = response.expires_in
    session[:bitbucket_refresh_token] = response.refresh_token

    redirect_to status_import_bitbucket_url
  end

  def status
    bitbucket_client = Bitbucket::Client.new(credentials)
    repos = bitbucket_client.repos

    @repos, @incompatible_repos = repos.partition { |repo| repo.valid? }

    @already_added_projects = current_user.created_projects.where(import_type: 'bitbucket')
    already_added_projects_names = @already_added_projects.pluck(:import_source)

    @repos.to_a.reject! { |repo| already_added_projects_names.include?(repo.full_name) }
  end

  def jobs
    render json: current_user.created_projects
                             .where(import_type: 'bitbucket')
                             .to_json(only: [:id, :import_status])
  end

  def create
    bitbucket_client = Bitbucket::Client.new(credentials)

    @repo_id = params[:repo_id].to_s
    name = @repo_id.gsub('___', '/')
    repo = bitbucket_client.repo(name)
    @project_name = params[:new_name].presence || repo.name

    repo_owner = repo.owner
    repo_owner = current_user.username if repo_owner == bitbucket_client.user.username
    @target_namespace = params[:new_namespace].presence || repo_owner

    namespace = find_or_create_namespace(@target_namespace, repo_owner)

    if current_user.can?(:create_projects, namespace)
      @project = Gitlab::BitbucketImport::ProjectCreator.new(repo, @project_name, namespace, current_user, credentials).execute
    else
      render 'unauthorized'
    end
  end

  private

  def client
    @client ||= OAuth2::Client.new(provider.app_id, provider.app_secret, options)
  end

  def provider
    Gitlab.config.omniauth.providers.find { |provider| provider.name == 'bitbucket' }
  end

  def options
    OmniAuth::Strategies::Bitbucket.default_options[:client_options].deep_symbolize_keys
  end

  def verify_bitbucket_import_enabled
    render_404 unless bitbucket_import_enabled?
  end

  def bitbucket_auth
    go_to_bitbucket_for_permissions if session[:bitbucket_token].blank?
  end

  def go_to_bitbucket_for_permissions
    redirect_to client.auth_code.authorize_url(redirect_uri: callback_import_bitbucket_url)
  end

  def bitbucket_unauthorized
    go_to_bitbucket_for_permissions
  end

  def credentials
    {
      token: session[:bitbucket_token],
      expires_at: session[:bitbucket_expires_at],
      expires_in: session[:bitbucket_expires_in],
      refresh_token: session[:bitbucket_refresh_token]
    }
  end
end
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00			`class Import::BitbucketController < Import::BaseController`
Fixed the Rails/ActionFilter cop Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com> 2015-04-16 08:03:37 -04:00			`before_action :verify_bitbucket_import_enabled`
			`before_action :bitbucket_auth, except: :callback`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00
Re-enable rescuing from Bitbucket OAuth errors. 2015-02-21 05:08:05 -05:00			`rescue_from OAuth::Error, with: :bitbucket_unauthorized`
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00			`rescue_from Bitbucket::Error::Unauthorized, with: :bitbucket_unauthorized`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00
			`def callback`
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00			`response = client.auth_code.get_token(params[:code], redirect_uri: callback_import_bitbucket_url)`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00			`session[:bitbucket_token] = response.token`
			`session[:bitbucket_expires_at] = response.expires_at`
			`session[:bitbucket_expires_in] = response.expires_in`
			`session[:bitbucket_refresh_token] = response.refresh_token`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00
			`redirect_to status_import_bitbucket_url`
			`end`

			`def status`
Address initial review comments 2016-11-11 18:44:52 -05:00			`bitbucket_client = Bitbucket::Client.new(credentials)`
			`repos = bitbucket_client.repos`
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00
Address initial review comments 2016-11-11 18:44:52 -05:00			`@repos, @incompatible_repos = repos.partition { \|repo\| repo.valid? }`
Fixed the Rails/ActionFilter cop Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com> 2015-04-16 08:03:37 -04:00
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00			`@already_added_projects = current_user.created_projects.where(import_type: 'bitbucket')`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00			`already_added_projects_names = @already_added_projects.pluck(:import_source)`

Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00			`@repos.to_a.reject! { \|repo\| already_added_projects_names.include?(repo.full_name) }`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00			`end`

			`def jobs`
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00			`render json: current_user.created_projects`
			`.where(import_type: 'bitbucket')`
			`.to_json(only: [:id, :import_status])`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00			`end`

			`def create`
Address initial review comments 2016-11-11 18:44:52 -05:00			`bitbucket_client = Bitbucket::Client.new(credentials)`
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00
Don't create groups for unallowed users when importing projects 2016-08-29 17:17:11 -04:00			`@repo_id = params[:repo_id].to_s`
Support selection of different namespace and project destination 2016-11-11 17:44:31 -05:00			`name = @repo_id.gsub('___', '/')`
Address initial review comments 2016-11-11 18:44:52 -05:00			`repo = bitbucket_client.repo(name)`
Support selection of different namespace and project destination 2016-11-11 17:44:31 -05:00			`@project_name = params[:new_name].presence \|\| repo.name`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00			`repo_owner = repo.owner`
Address initial review comments 2016-11-11 18:44:52 -05:00			`repo_owner = current_user.username if repo_owner == bitbucket_client.user.username`
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00			`@target_namespace = params[:new_namespace].presence \|\| repo_owner`

Fix rebase failures with Bitbucket changes 2016-11-11 17:00:33 -05:00			`namespace = find_or_create_namespace(@target_namespace, repo_owner)`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00
Fix rebase failures with Bitbucket changes 2016-11-11 17:00:33 -05:00			`if current_user.can?(:create_projects, namespace)`
Support selection of different namespace and project destination 2016-11-11 17:44:31 -05:00			`@project = Gitlab::BitbucketImport::ProjectCreator.new(repo, @project_name, namespace, current_user, credentials).execute`
Refactoring Import::BaseController#find_or_create_namespace 2016-08-30 13:34:37 -04:00			`else`
			`render 'unauthorized'`
			`end`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00			`end`

			`private`

			`def client`
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00			`@client \|\|= OAuth2::Client.new(provider.app_id, provider.app_secret, options)`
			`end`

			`def provider`
			`Gitlab.config.omniauth.providers.find { \|provider\| provider.name == 'bitbucket' }`
			`end`

			`def options`
			`OmniAuth::Strategies::Bitbucket.default_options[:client_options].deep_symbolize_keys`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00			`end`

Load public key in initializer. 2015-02-17 16:52:32 -05:00			`def verify_bitbucket_import_enabled`
Only render 404 page from /public 2015-10-09 13:07:29 -04:00			`render_404 unless bitbucket_import_enabled?`
Load public key in initializer. 2015-02-17 16:52:32 -05:00			`end`

Add Bitbucket importer. 2015-02-17 10:59:50 -05:00			`def bitbucket_auth`
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00			`go_to_bitbucket_for_permissions if session[:bitbucket_token].blank?`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00			`end`

			`def go_to_bitbucket_for_permissions`
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00			`redirect_to client.auth_code.authorize_url(redirect_uri: callback_import_bitbucket_url)`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00			`end`

			`def bitbucket_unauthorized`
			`go_to_bitbucket_for_permissions`
			`end`
Remove user OAuth tokens stored in database for Bitbucket, GitHub, and GitLab and request them each session. Pass these tokens to the project import data. This prevents the need to encrypt these tokens and clear them in case they expire or get revoked. For example, if you deleted and re-created OAuth2 keys for Bitbucket, you would get an Error 500 with no way to recover: ``` Started GET "/import/bitbucket/status" for x.x.x.x at 2015-08-07 05:24:10 +0000 Processing by Import::BitbucketController#status as HTML Completed 500 Internal Server Error in 607ms (ActiveRecord: 2.3ms) NameError (uninitialized constant Import::BitbucketController::Unauthorized): app/controllers/import/bitbucket_controller.rb:77:in `rescue in go_to_bitbucket_for_permissions' app/controllers/import/bitbucket_controller.rb:74:in `go_to_bitbucket_for_permissions' app/controllers/import/bitbucket_controller.rb:86:in `bitbucket_unauthorized' ``` Closes #1871 2015-08-07 03:06:20 -04:00
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00			`def credentials`
Remove user OAuth tokens stored in database for Bitbucket, GitHub, and GitLab and request them each session. Pass these tokens to the project import data. This prevents the need to encrypt these tokens and clear them in case they expire or get revoked. For example, if you deleted and re-created OAuth2 keys for Bitbucket, you would get an Error 500 with no way to recover: ``` Started GET "/import/bitbucket/status" for x.x.x.x at 2015-08-07 05:24:10 +0000 Processing by Import::BitbucketController#status as HTML Completed 500 Internal Server Error in 607ms (ActiveRecord: 2.3ms) NameError (uninitialized constant Import::BitbucketController::Unauthorized): app/controllers/import/bitbucket_controller.rb:77:in `rescue in go_to_bitbucket_for_permissions' app/controllers/import/bitbucket_controller.rb:74:in `go_to_bitbucket_for_permissions' app/controllers/import/bitbucket_controller.rb:86:in `bitbucket_unauthorized' ``` Closes #1871 2015-08-07 03:06:20 -04:00			`{`
Refactoring Bitbucket import controller to use the new OAuth2 client 2016-08-22 15:02:48 -04:00			`token: session[:bitbucket_token],`
			`expires_at: session[:bitbucket_expires_at],`
			`expires_in: session[:bitbucket_expires_in],`
			`refresh_token: session[:bitbucket_refresh_token]`
Remove user OAuth tokens stored in database for Bitbucket, GitHub, and GitLab and request them each session. Pass these tokens to the project import data. This prevents the need to encrypt these tokens and clear them in case they expire or get revoked. For example, if you deleted and re-created OAuth2 keys for Bitbucket, you would get an Error 500 with no way to recover: ``` Started GET "/import/bitbucket/status" for x.x.x.x at 2015-08-07 05:24:10 +0000 Processing by Import::BitbucketController#status as HTML Completed 500 Internal Server Error in 607ms (ActiveRecord: 2.3ms) NameError (uninitialized constant Import::BitbucketController::Unauthorized): app/controllers/import/bitbucket_controller.rb:77:in `rescue in go_to_bitbucket_for_permissions' app/controllers/import/bitbucket_controller.rb:74:in `go_to_bitbucket_for_permissions' app/controllers/import/bitbucket_controller.rb:86:in `bitbucket_unauthorized' ``` Closes #1871 2015-08-07 03:06:20 -04:00			`}`
			`end`
Add Bitbucket importer. 2015-02-17 10:59:50 -05:00			`end`