Commit graph

7 commits

Author SHA1 Message Date
Douwe Maan
bf061d0aff
Merge branch 'issue_23548_dev' into 'master'
disable markdown in comments when referencing disabled features

fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23548

This MR prevents the following references when tool is disabled:

- issues
- snippets
- commits - when repo is disabled
- commit range - when repo is disabled
- milestones

This MR does not prevent references to repository files, since they are just markdown links and don't leak
information.

See merge request !2011

Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-11-09 12:25:17 +01:00
Paco Guzman
f4a84f504f Avoid database queries on Banzai::ReferenceParser::BaseParser for nodes without references 2016-09-28 09:08:28 +02:00
http://jneen.net/
5853c96b49 remove Ability.abilities 2016-08-30 11:35:06 -07:00
Yorick Peterse
002ad21581
Method for returning issues readable by a user
The method Ability.issues_readable_by_user takes a list of users and an
optional user and returns an Array of issues readable by said user. This
method in turn is used by
Banzai::ReferenceParser::IssueParser#nodes_visible_to_user so this
method no longer needs to get all the available abilities just to check
if a user has the "read_issue" ability.

To test this I benchmarked an issue with 222 comments on my development
environment. Using these changes the time spent in nodes_visible_to_user
was reduced from around 120 ms to around 40 ms.
2016-07-29 12:51:18 +02:00
Yorick Peterse
9ac4c556ea
Re-use queries in reference parsers
This caches various queries to ensure that multiple reference extraction
runs re-use any objects queried in previous runs.
2016-07-08 21:54:35 +02:00
Yorick Peterse
fce675d7fc
Eager load project relations in IssueParser
By eager loading these associations we can greatly cut down the number
of SQL queries executed when processing documents with lots of
references, especially in cases where there are references belonging to
the same project.

Since these associations are so specific to the reference parsing
process and the permissions checking process that follows it I opted to
include them directly in IssueParser instead of using something like a
scope. Once we have a need for it we can move this code to a scope or
method.
2016-06-15 15:30:34 +02:00
Yorick Peterse
86166d2802
Split Markdown rendering & reference gathering
This splits the Markdown rendering and reference extraction phases into
two distinct code bases. The reference extraction phase no longer relies
on the html-pipeline Gem (and any related code) and allows for
extracting of references from multiple HTML nodes in a single pass. This
means that if you want to extract user references from 200 comments you
no longer need to run 200 times N number of queries, instead only a
handful of queries may be needed.
2016-05-26 17:14:00 +02:00