gitlab-org--gitlab-foss/lib/gitlab/import_export/saver.rb
James Lopez 532a0b6018 Merge branch 'fix/import-rce-10-3' into 'security-10-3'
[10.3] Fix RCE via project import mechanism

See merge request gitlab/gitlabhq!2294

(cherry picked from commit dcfec507d6f9ee119d65a832393e7c593af1d3b2)

86d75812 Fix RCE via project import mechanism
2018-01-16 17:04:51 -08:00

44 lines
1 KiB
Ruby

module Gitlab
module ImportExport
class Saver
include Gitlab::ImportExport::CommandLineUtil
def self.save(*args)
new(*args).save
end
def initialize(project:, shared:)
@project = project
@shared = shared
end
def save
if compress_and_save
remove_export_path
Rails.logger.info("Saved project export #{archive_file}")
archive_file
else
@shared.error(Gitlab::ImportExport::Error.new("Unable to save #{archive_file} into #{@shared.export_path}"))
false
end
rescue => e
@shared.error(e)
false
end
private
def compress_and_save
tar_czf(archive: archive_file, dir: @shared.export_path)
end
def remove_export_path
FileUtils.rm_rf(@shared.export_path)
end
def archive_file
@archive_file ||= File.join(@shared.archive_path, Gitlab::ImportExport.export_filename(project: @project))
end
end
end
end