kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add receive_max_input_size setting to Application settings

Browse source 
If user has configure the setting then it will be passed to gitlab-shell
and gitlab-workhorse
This commit is contained in:
Rubén Dávila 2018-08-01 09:47:14 -05:00
parent 9083fc04f1
commit 007b81b8e2
10 changed files with 83 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
app/helpers/application_settings_helper.rb
View file

@ -220,6 +220,7 @@ module ApplicationSettingsHelper
:recaptcha_enabled, :recaptcha_enabled,
:recaptcha_private_key, :recaptcha_private_key,
:recaptcha_site_key, :recaptcha_site_key,
:receive_max_input_size,
:repository_checks_enabled, :repository_checks_enabled,
:repository_storages, :repository_storages,
:require_two_factor_authentication, :require_two_factor_authentication,

5
app/views/admin/application_settings/_account_and_limit.html.haml
View file

@ -14,7 +14,10 @@
= f.label :max_attachment_size, 'Maximum attachment size (MB)', class: 'label-bold' = f.label :max_attachment_size, 'Maximum attachment size (MB)', class: 'label-bold'
= f.number_field :max_attachment_size, class: 'form-control' = f.number_field :max_attachment_size, class: 'form-control'
.form-group .form-group
= f.label :session_expire_delay, 'Session duration (minutes)', class: 'label-bold' = f.label :receive_max_input_size, 'Maximum push size (MB)', class: 'label-light'
= f.number_field :receive_max_input_size, class: 'form-control'
.form-group
= f.label :session_expire_delay, 'Session duration (minutes)', class: 'label-light'
= f.number_field :session_expire_delay, class: 'form-control' = f.number_field :session_expire_delay, class: 'form-control'
%span.form-text.text-muted#session_expire_delay_help_block GitLab restart is required to apply changes %span.form-text.text-muted#session_expire_delay_help_block GitLab restart is required to apply changes
.form-group .form-group

5
changelogs/unreleased/rd-26044-new-option-to-prevent-too-big-git-pushes.yml Normal file
View file

@ -0,0 +1,5 @@
---
title: Allow admins to configure the maximum Git push size
merge_request: 20758
author:
type: added

11
db/migrate/20180720023512_add_receive_max_input_size_to_application_settings.rb Normal file
View file

@ -0,0 +1,11 @@
# frozen_string_literal: true
# See http://doc.gitlab.com/ce/development/migration_style_guide.html
# for more information on how to write migrations for GitLab.
class AddReceiveMaxInputSizeToApplicationSettings < ActiveRecord::Migration
DOWNTIME = false
def change
add_column :application_settings, :receive_max_input_size, :integer
end
end

1
db/schema.rb
View file

@ -173,6 +173,7 @@ ActiveRecord::Schema.define(version: 20180906101639) do
t.boolean "web_ide_clientside_preview_enabled", default: false, null: false t.boolean "web_ide_clientside_preview_enabled", default: false, null: false
t.boolean "user_show_add_ssh_key_message", default: true, null: false t.boolean "user_show_add_ssh_key_message", default: true, null: false
t.integer "usage_stats_set_by_user_id" t.integer "usage_stats_set_by_user_id"
t.integer "receive_max_input_size"
end end
create_table "audit_events", force: :cascade do |t| create_table "audit_events", force: :cascade do |t|

8
lib/api/internal.rb
View file

@ -74,6 +74,7 @@ module API
gl_repository: gl_repository, gl_repository: gl_repository,
gl_id: Gitlab::GlId.gl_id(user), gl_id: Gitlab::GlId.gl_id(user),
gl_username: user&.username, gl_username: user&.username,
git_config_options: [],
# This repository_path is a bogus value but gitlab-shell still requires # This repository_path is a bogus value but gitlab-shell still requires
# its presence. https://gitlab.com/gitlab-org/gitlab-shell/issues/135 # its presence. https://gitlab.com/gitlab-org/gitlab-shell/issues/135
@ -81,6 +82,13 @@ module API
gitaly: gitaly_payload(params[:action]) gitaly: gitaly_payload(params[:action])
} }
# Custom option for git-receive-pack command
receive_max_input_size = Gitlab::CurrentSettings.receive_max_input_size.to_i
if receive_max_input_size > 0
payload[:git_config_options] << "receive.maxInputSize=#{receive_max_input_size.megabytes}"
end
response_with_status(**payload) response_with_status(**payload)
when ::Gitlab::GitAccessResult::CustomAction when ::Gitlab::GitAccessResult::CustomAction
response_with_status(code: 300, message: check_result.message, payload: check_result.payload) response_with_status(code: 300, message: check_result.message, payload: check_result.payload)

11
lib/gitlab/workhorse.rb
View file

@ -22,18 +22,27 @@ module Gitlab
project = repository.project project = repository.project
{ attrs = {
GL_ID: Gitlab::GlId.gl_id(user), GL_ID: Gitlab::GlId.gl_id(user),
GL_REPOSITORY: Gitlab::GlRepository.gl_repository(project, is_wiki), GL_REPOSITORY: Gitlab::GlRepository.gl_repository(project, is_wiki),
GL_USERNAME: user&.username, GL_USERNAME: user&.username,
ShowAllRefs: show_all_refs, ShowAllRefs: show_all_refs,
Repository: repository.gitaly_repository.to_h, Repository: repository.gitaly_repository.to_h,
RepoPath: 'ignored but not allowed to be empty in gitlab-workhorse', RepoPath: 'ignored but not allowed to be empty in gitlab-workhorse',
GitConfigOptions: [],
GitalyServer: { GitalyServer: {
address: Gitlab::GitalyClient.address(project.repository_storage), address: Gitlab::GitalyClient.address(project.repository_storage),
token: Gitlab::GitalyClient.token(project.repository_storage) token: Gitlab::GitalyClient.token(project.repository_storage)
} }
} }
# Custom option for git-receive-pack command
receive_max_input_size = Gitlab::CurrentSettings.receive_max_input_size.to_i
if receive_max_input_size > 0
attrs[:GitConfigOptions] << "receive.maxInputSize=#{receive_max_input_size.megabytes}"
end
attrs
end end
def send_git_blob(repository, blob) def send_git_blob(repository, blob)

7
spec/controllers/admin/application_settings_controller_spec.rb
View file

@ -78,5 +78,12 @@ describe Admin::ApplicationSettingsController do
expect(response).to redirect_to(admin_application_settings_path) expect(response).to redirect_to(admin_application_settings_path)
expect(ApplicationSetting.current.restricted_visibility_levels).to be_empty expect(ApplicationSetting.current.restricted_visibility_levels).to be_empty
end end
it 'updates the receive_max_input_size setting' do
put :update, application_setting: { receive_max_input_size: "1024" }
expect(response).to redirect_to(admin_application_settings_path)
expect(ApplicationSetting.current.receive_max_input_size).to eq(1024)
end
end end
end end

16
spec/lib/gitlab/workhorse_spec.rb
View file

@ -336,6 +336,22 @@ describe Gitlab::Workhorse do
it { expect { subject }.to raise_exception('Unsupported action: download') } it { expect { subject }.to raise_exception('Unsupported action: download') }
end end
end end
context 'when receive_max_input_size has been updated' do
it 'returns custom git config' do
allow(Gitlab::CurrentSettings).to receive(:receive_max_input_size) { 1 }
expect(subject[:GitConfigOptions]).to be_present
end
end
context 'when receive_max_input_size is empty' do
it 'returns an empty git config' do
allow(Gitlab::CurrentSettings).to receive(:receive_max_input_size) { nil }
expect(subject[:GitConfigOptions]).to be_empty
end
end
end end
describe '.set_key_and_notify' do describe '.set_key_and_notify' do

20
spec/requests/api/internal_spec.rb
View file

@ -369,6 +369,26 @@ describe API::Internal do
expect(user.reload.last_activity_on).to be_nil expect(user.reload.last_activity_on).to be_nil
end end
end end
context 'when receive_max_input_size has been updated' do
it 'returns custom git config' do
allow(Gitlab::CurrentSettings).to receive(:receive_max_input_size) { 1 }
push(key, project)
expect(json_response["git_config_options"]).to be_present
end
end
context 'when receive_max_input_size is empty' do
it 'returns an empty git config' do
allow(Gitlab::CurrentSettings).to receive(:receive_max_input_size) { nil }
push(key, project)
expect(json_response["git_config_options"]).to be_empty
end
end
end end
end end