Commit graph

9 commits

Author SHA1 Message Date
Patrick Derichs
b0fbf001da Fix url redaction for issue links
Add changelog entry

Add missing href to all redactor specs and removed href assignment

Remove obsolete spec

If original_content is given, it should be used for link content
2019-05-03 15:09:20 +02:00
gfyoung
d598e4fd93 Enable more frozen string in lib/**/*.rb
Enables frozen for the following:

* lib/*.rb
* lib/banzai/**/*.rb
* lib/bitbucket/**/*.rb
* lib/constraints/**/*.rb
* lib/container_registry/**/*.rb
* lib/declarative_policy/**/*.rb

Partially addresses #47424.
2018-10-06 17:02:50 -07:00
Brett Walker
9ba554c8a0 Filter system notes with public and private cross references 2018-10-02 17:01:49 -05:00
Yorick Peterse
daad7144ec
Support Markdown rendering using multiple projects
This refactors the Markdown pipeline so it supports the rendering of
multiple documents that may belong to different projects. An example of
where this happens is when displaying the event feed of a group. In this
case we retrieve events for all projects in the group. Previously we
would group events per project and render these chunks separately, but
this would result in many SQL queries being executed. By extending the
Markdown pipeline to support this out of the box we can drastically
reduce the number of SQL queries.

To achieve this we introduce a new object to the pipeline:
Banzai::RenderContext. This object simply wraps two other objects: an
optional Project instance, and an optional User instance. On its own
this wouldn't be very helpful, but a RenderContext can also be used to
associate HTML documents with specific Project instances. This work is
done in Banzai::ObjectRenderer and allows us to reuse as many queries
(and results) as possible.
2018-04-11 14:10:19 +02:00
Oswaldo Ferreira
ffb107ac7d Keep link when redacting unauthorized object links 2018-02-27 10:32:50 -03:00
Bob Van Landuyt
08266ba0a1 Use Redactor to hide cross project information
Since the redactor can be run on multiple documents at once and
query results are stored in the request store.
2018-02-22 17:11:36 +01:00
panjan
6b4c6fa193 Fix Markdown styling inside reference links
Fixes: https://gitlab.com/gitlab-org/gitlab-ce/issues/18096
2016-11-01 09:49:30 +00:00
Stan Hu
af3727b34a Optimize system note visibility checking by hiding notes that
have been fully redacted and contain cross-project references.

The previous implementation relied on Note#cross_reference_not_visible_for?,
which essentially tries to render all the Markdown references in a system note
and only displays the note if the user can see the referring project. But this
duplicated the work that Banzai::NotesRenderer was doing already. Instead, for
each note we render, we memoize the number of visible user references and
use it later if it is available.

Improves #19273
2016-07-11 15:09:21 -07:00
Yorick Peterse
d470f3d195
Support for rendering/redacting multiple documents
This commit changes the way certain documents are rendered (currently
only Notes) and how documents are redacted. Previously both rendering
and redacting would run on a per document basis. The result of this was
that for every document we'd have to run countless queries just to
figure out if we could display a set of links or not.

This commit changes things around so that redacting Markdown documents
is no longer tied into the html-pipeline Gem. This in turn allows it to
redact multiple documents in a single pass, thus reducing the number of
queries needed.

In turn rendering issue/merge request notes has been adjusted to take
advantage of this new setup. Instead of rendering Markdown somewhere
deep down in a view the Markdown is rendered and redacted in the
controller (taking the current user and all that into account). This has
been done in such a way that the "markdown()" helper method can still be
used on its own.

This particular commit also paves the way for caching rendered HTML on
object level. Right now there's an accessor method Note#note_html which
is used for setting/getting the rendered HTML. Once we cache HTML on row
level we can simply change this field to be a column and call a "save"
whenever needed and we're pretty much done.
2016-06-24 11:46:39 +02:00