gitlab-org--gitlab-foss/lib/gitlab/project_search_results.rb

module Gitlab
  class ProjectSearchResults < SearchResults
    attr_reader :project, :repository_ref

    def initialize(current_user, project, query, repository_ref = nil)
      @current_user = current_user
      @project = project
      @repository_ref = repository_ref.presence || project.default_branch
      @query = query
    end

    def objects(scope, page = nil)
      case scope
      when 'notes'
        notes.page(page).per(per_page)
      when 'blobs'
        Kaminari.paginate_array(blobs).page(page).per(per_page)
      when 'wiki_blobs'
        Kaminari.paginate_array(wiki_blobs).page(page).per(per_page)
      when 'commits'
        Kaminari.paginate_array(commits).page(page).per(per_page)
      else
        super
      end
    end

    def blobs_count
      @blobs_count ||= blobs.count
    end

    def notes_count
      @notes_count ||= notes.count
    end

    def wiki_blobs_count
      @wiki_blobs_count ||= wiki_blobs.count
    end

    def commits_count
      @commits_count ||= commits.count
    end

    def self.parse_search_result(result)
      ref = nil
      filename = nil
      basename = nil
      startline = 0

      result.each_line.each_with_index do |line, index|
        matches = line.match(/^(?<ref>[^:]*):(?<filename>.*):(?<startline>\d+):/)
        if matches
          ref = matches[:ref]
          filename = matches[:filename]
          startline = matches[:startline]
          startline = startline.to_i - index
          extname = Regexp.escape(File.extname(filename))
          basename = filename.sub(/#{extname}$/, '')
          break
        end
      end

      data = ""

      result.each_line do |line|
        data << line.sub(ref, '').sub(filename, '').sub(/^:-\d+-/, '').sub(/^::\d+:/, '')
      end

      FoundBlob.new(
        filename: filename,
        basename: basename,
        ref: ref,
        startline: startline,
        data: data
      )
    end

    def single_commit_result?
      commits_count == 1 && total_result_count == 1
    end

    def total_result_count
      issues_count + merge_requests_count + milestones_count + notes_count + blobs_count + wiki_blobs_count + commits_count
    end

    private

    def blobs
      return [] unless Ability.allowed?(@current_user, :download_code, @project)

      @blobs ||= Gitlab::FileFinder.new(project, repository_ref).find(query)
    end

    def wiki_blobs
      return [] unless Ability.allowed?(@current_user, :read_wiki, @project)

      @wiki_blobs ||= begin
        if project.wiki_enabled? && query.present?
          project_wiki = ProjectWiki.new(project)

          unless project_wiki.empty?
            project_wiki.search_files(query)
          else
            []
          end
        else
          []
        end
      end
    end

    def notes
      @notes ||= NotesFinder.new(project, @current_user, search: query).execute.user.order('updated_at DESC')
    end

    def commits
      @commits ||= find_commits(query)
    end

    def find_commits(query)
      return [] unless Ability.allowed?(@current_user, :download_code, @project)

      commits = find_commits_by_message(query)
      commit_by_sha = find_commit_by_sha(query)
      commits |= [commit_by_sha] if commit_by_sha
      commits
    end

    def find_commits_by_message(query)
      project.repository.find_commits_by_message(query)
    end

    def find_commit_by_sha(query)
      key = query.strip
      project.repository.commit(key) if Commit.valid_hash?(key)
    end

    def project_ids_relation
      project
    end
  end
end
Search results libraries added Gitlab::SearchResults and Gitlab::ProjectSearchResults are libraries we are going to use to get search results based on query, enitity type and pagination. It will allow us to get only issues from project #23 where title or description includes 'foo'. Ex: search_results = Gitlab::ProjectSearchResults.new(project.id, 'foo', 'issues') search_results.objects => # [<Issues #23>, <Issues #34>] search_results.issues_count => 2 search_results.total_count => 12 (it includes results from comments and merge requests too) Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-08-26 16:32:41 -04:00			`module Gitlab`
			`class ProjectSearchResults < SearchResults`
			`attr_reader :project, :repository_ref`

Restrict access to confidential issues on search results 2016-03-17 16:48:19 -04:00			`def initialize(current_user, project, query, repository_ref = nil)`
			`@current_user = current_user`
Refactor Gitlab::ProjectSearchResults Previously this class would be given a project ID which was then used to retrieve the corresponding Project object. However, in all cases the Project object was already known as it was used to grab the ID to pass to ProjectSearchResults. By just passing a Project instead we remove the need for an extra query as well as the need for some other complexity in this class. 2016-03-01 12:04:37 -05:00			`@project = project`
Search for a filename in a project 2016-11-10 12:27:09 -05:00			`@repository_ref = repository_ref.presence \|\| project.default_branch`
Fix issue #3055 (project search with unmatched parentheses) 2015-10-14 19:14:24 -04:00			`@query = query`
Search results libraries added Gitlab::SearchResults and Gitlab::ProjectSearchResults are libraries we are going to use to get search results based on query, enitity type and pagination. It will allow us to get only issues from project #23 where title or description includes 'foo'. Ex: search_results = Gitlab::ProjectSearchResults.new(project.id, 'foo', 'issues') search_results.objects => # [<Issues #23>, <Issues #34>] search_results.issues_count => 2 search_results.total_count => 12 (it includes results from comments and merge requests too) Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-08-26 16:32:41 -04:00			`end`

Fix tests Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-08-27 08:26:35 -04:00			`def objects(scope, page = nil)`
Search results libraries added Gitlab::SearchResults and Gitlab::ProjectSearchResults are libraries we are going to use to get search results based on query, enitity type and pagination. It will allow us to get only issues from project #23 where title or description includes 'foo'. Ex: search_results = Gitlab::ProjectSearchResults.new(project.id, 'foo', 'issues') search_results.objects => # [<Issues #23>, <Issues #34>] search_results.issues_count => 2 search_results.total_count => 12 (it includes results from comments and merge requests too) Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-08-26 16:32:41 -04:00			`case scope`
			`when 'notes'`
			`notes.page(page).per(per_page)`
			`when 'blobs'`
			`Kaminari.paginate_array(blobs).page(page).per(per_page)`
Added search wiki feature 2014-09-05 06:33:05 -04:00			`when 'wiki_blobs'`
			`Kaminari.paginate_array(wiki_blobs).page(page).per(per_page)`
Add support for searching commit log messages Include the log messages of recent commits in project-level search results, providing functionality similar to 'git log --grep'. Update repository model rspec tests to validate the output of Repository#commits_with_log_matching. 2015-06-14 18:04:20 -04:00			`when 'commits'`
			`Kaminari.paginate_array(commits).page(page).per(per_page)`
Search results libraries added Gitlab::SearchResults and Gitlab::ProjectSearchResults are libraries we are going to use to get search results based on query, enitity type and pagination. It will allow us to get only issues from project #23 where title or description includes 'foo'. Ex: search_results = Gitlab::ProjectSearchResults.new(project.id, 'foo', 'issues') search_results.objects => # [<Issues #23>, <Issues #34>] search_results.issues_count => 2 search_results.total_count => 12 (it includes results from comments and merge requests too) Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-08-26 16:32:41 -04:00			`else`
			`super`
			`end`
			`end`

			`def blobs_count`
			`@blobs_count \|\|= blobs.count`
			`end`

			`def notes_count`
			`@notes_count \|\|= notes.count`
			`end`

Added search wiki feature 2014-09-05 06:33:05 -04:00			`def wiki_blobs_count`
			`@wiki_blobs_count \|\|= wiki_blobs.count`
			`end`

Add support for searching commit log messages Include the log messages of recent commits in project-level search results, providing functionality similar to 'git log --grep'. Update repository model rspec tests to validate the output of Repository#commits_with_log_matching. 2015-06-14 18:04:20 -04:00			`def commits_count`
			`@commits_count \|\|= commits.count`
			`end`

Search for a filename in a project 2016-11-10 12:27:09 -05:00			`def self.parse_search_result(result)`
			`ref = nil`
			`filename = nil`
			`basename = nil`
			`startline = 0`

			`result.each_line.each_with_index do \|line, index\|`
fix for special charecter in file names 2017-11-30 04:57:58 -05:00			`matches = line.match(/^(?<ref>[^:]):(?<filename>.):(?<startline>\d+):/)`
			`if matches`
			`ref = matches[:ref]`
			`filename = matches[:filename]`
			`startline = matches[:startline]`
Search for a filename in a project 2016-11-10 12:27:09 -05:00			`startline = startline.to_i - index`
			`extname = Regexp.escape(File.extname(filename))`
			`basename = filename.sub(/#{extname}$/, '')`
			`break`
			`end`
			`end`

			`data = ""`

			`result.each_line do \|line\|`
			`data << line.sub(ref, '').sub(filename, '').sub(/^:-\d+-/, '').sub(/^::\d+:/, '')`
			`end`

Fix blob highlighting in search 2017-04-03 13:31:52 -04:00			`FoundBlob.new(`
Search for a filename in a project 2016-11-10 12:27:09 -05:00			`filename: filename,`
			`basename: basename,`
			`ref: ref,`
			`startline: startline,`
			`data: data`
			`)`
			`end`

Search feature: redirects to commit page if query is commit sha and only commit found See !8028 and #24833 2017-01-10 23:20:32 -05:00			`def single_commit_result?`
			`commits_count == 1 && total_result_count == 1`
			`end`

			`def total_result_count`
			`issues_count + merge_requests_count + milestones_count + notes_count + blobs_count + wiki_blobs_count + commits_count`
			`end`

Search results libraries added Gitlab::SearchResults and Gitlab::ProjectSearchResults are libraries we are going to use to get search results based on query, enitity type and pagination. It will allow us to get only issues from project #23 where title or description includes 'foo'. Ex: search_results = Gitlab::ProjectSearchResults.new(project.id, 'foo', 'issues') search_results.objects => # [<Issues #23>, <Issues #34>] search_results.issues_count => 2 search_results.total_count => 12 (it includes results from comments and merge requests too) Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-08-26 16:32:41 -04:00			`private`

			`def blobs`
Merge branch '31157-respect-project-features-in-wiki-search' into 'security' Respect project features in wiki and blob search See merge request !2089 2017-04-24 11:09:29 -04:00			`return [] unless Ability.allowed?(@current_user, :download_code, @project)`

Backport FileFinder from EE 2017-05-12 03:16:33 -04:00			`@blobs \|\|= Gitlab::FileFinder.new(project, repository_ref).find(query)`
Search results libraries added Gitlab::SearchResults and Gitlab::ProjectSearchResults are libraries we are going to use to get search results based on query, enitity type and pagination. It will allow us to get only issues from project #23 where title or description includes 'foo'. Ex: search_results = Gitlab::ProjectSearchResults.new(project.id, 'foo', 'issues') search_results.objects => # [<Issues #23>, <Issues #34>] search_results.issues_count => 2 search_results.total_count => 12 (it includes results from comments and merge requests too) Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-08-26 16:32:41 -04:00			`end`

Added search wiki feature 2014-09-05 06:33:05 -04:00			`def wiki_blobs`
Merge branch '31157-respect-project-features-in-wiki-search' into 'security' Respect project features in wiki and blob search See merge request !2089 2017-04-24 11:09:29 -04:00			`return [] unless Ability.allowed?(@current_user, :read_wiki, @project)`

Faster search 2016-11-08 07:21:19 -05:00			`@wiki_blobs \|\|= begin`
			`if project.wiki_enabled? && query.present?`
			`project_wiki = ProjectWiki.new(project)`
Prevent 500 error when search wiki for non-existing repo Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-09-09 10:56:33 -04:00
Faster search 2016-11-08 07:21:19 -05:00			`unless project_wiki.empty?`
			`project_wiki.search_files(query)`
			`else`
			`[]`
			`end`
Prevent 500 error when search wiki for non-existing repo Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-09-09 10:56:33 -04:00			`else`
			`[]`
			`end`
Added search wiki feature 2014-09-05 06:33:05 -04:00			`end`
			`end`

Search results libraries added Gitlab::SearchResults and Gitlab::ProjectSearchResults are libraries we are going to use to get search results based on query, enitity type and pagination. It will allow us to get only issues from project #23 where title or description includes 'foo'. Ex: search_results = Gitlab::ProjectSearchResults.new(project.id, 'foo', 'issues') search_results.objects => # [<Issues #23>, <Issues #34>] search_results.issues_count => 2 search_results.total_count => 12 (it includes results from comments and merge requests too) Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-08-26 16:32:41 -04:00			`def notes`
Merge branch 'jej-note-search-uses-finder' into 'security' Fix missing Note access checks in by moving Note#search to updated NoteFinder Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867 ## Which fixes are in this MR? :warning: - Potentially untested :bomb: - No test coverage :traffic_light: - Test coverage of some sort exists (a test failed when error raised) :vertical_traffic_light: - Test coverage of return value (a test failed when nil used) :white_check_mark: - Permissions check tested ### Note lookup without access check - [x] :white_check_mark: app/finders/notes_finder.rb:13 :download_code check - [x] :white_check_mark: app/finders/notes_finder.rb:19 `SnippetsFinder` - [x] :white_check_mark: app/models/note.rb:121 [`Issue#visible_to_user`] - [x] :white_check_mark: lib/gitlab/project_search_results.rb:113 - This is the only use of `app/models/note.rb:121` above, but importantly has no access checks at all. This means it leaks MR comments and snippets when those features are `team-only` in addition to the issue comments which would be fixed by `app/models/note.rb:121`. - It is only called from SearchController where `can?(current_user, :download_code, @project)` is checked, so commit comments are not leaked. ### Previous discussions - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b915c5267a63628b0bafd23d37792ae73ceae272_13_13 `: download_code` check on commit - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b915c5267a63628b0bafd23d37792ae73ceae272_19_19 `SnippetsFinder` should be used - `SnippetsFinder` should check if the snippets feature is enabled -> https://gitlab.com/gitlab-org/gitlab-ce/issues/25223 ### Acceptance criteria met? - [x] Tests added for new code - [x] TODO comments removed - [x] Squashed and removed skipped tests - [x] Changelog entry - [ ] State Gitlab versions affected and issue severity in description - [ ] Create technical debt issue for NotesFinder. - Either split into `NotesFinder::ForTarget` and `NotesFinder::Search` or consider object per notable type such as `NotesFinder::OnIssue`. For the first option could create `NotesFinder::Base` which is either inherited from or which can be included in the other two. - Avoid case statement anti-pattern in this finder with use of `NotesFinder::OnCommit` etc. Consider something on the finder for this? `Model.finder(user, project)` - Move `inc_author` to the controller, and implement `related_notes` to replace `non_diff_notes`/`mr_and_commit_notes` See merge request !2035 2016-12-08 20:56:31 -05:00			`@notes \|\|= NotesFinder.new(project, @current_user, search: query).execute.user.order('updated_at DESC')`
Search results libraries added Gitlab::SearchResults and Gitlab::ProjectSearchResults are libraries we are going to use to get search results based on query, enitity type and pagination. It will allow us to get only issues from project #23 where title or description includes 'foo'. Ex: search_results = Gitlab::ProjectSearchResults.new(project.id, 'foo', 'issues') search_results.objects => # [<Issues #23>, <Issues #34>] search_results.issues_count => 2 search_results.total_count => 12 (it includes results from comments and merge requests too) Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-08-26 16:32:41 -04:00			`end`

Add support for searching commit log messages Include the log messages of recent commits in project-level search results, providing functionality similar to 'git log --grep'. Update repository model rspec tests to validate the output of Repository#commits_with_log_matching. 2015-06-14 18:04:20 -04:00			`def commits`
Allows to search within project by commit's hash Was proposed in #24833 2016-12-08 09:54:45 -05:00			`@commits \|\|= find_commits(query)`
			`end`

			`def find_commits(query)`
			`return [] unless Ability.allowed?(@current_user, :download_code, @project)`

			`commits = find_commits_by_message(query)`
			`commit_by_sha = find_commit_by_sha(query)`
Search feature: redirects to commit page if query is commit sha and only commit found See !8028 and #24833 2017-01-10 23:20:32 -05:00			`commits \|= [commit_by_sha] if commit_by_sha`
Allows to search within project by commit's hash Was proposed in #24833 2016-12-08 09:54:45 -05:00			`commits`
			`end`

			`def find_commits_by_message(query)`
			`project.repository.find_commits_by_message(query)`
			`end`

			`def find_commit_by_sha(query)`
			`key = query.strip`
			`project.repository.commit(key) if Commit.valid_hash?(key)`
Add support for searching commit log messages Include the log messages of recent commits in project-level search results, providing functionality similar to 'git log --grep'. Update repository model rspec tests to validate the output of Repository#commits_with_log_matching. 2015-06-14 18:04:20 -04:00			`end`
Added ProjectSearchResults#project_ids_relation This ensures some other methods such as the "issues" method still work. 2016-03-03 09:10:14 -05:00
			`def project_ids_relation`
			`project`
			`end`
Search results libraries added Gitlab::SearchResults and Gitlab::ProjectSearchResults are libraries we are going to use to get search results based on query, enitity type and pagination. It will allow us to get only issues from project #23 where title or description includes 'foo'. Ex: search_results = Gitlab::ProjectSearchResults.new(project.id, 'foo', 'issues') search_results.objects => # [<Issues #23>, <Issues #34>] search_results.issues_count => 2 search_results.total_count => 12 (it includes results from comments and merge requests too) Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-08-26 16:32:41 -04:00			`end`
			`end`