Skip to content

G
gitlab-foss

李少辉-开发者 / gitlab-foss

通知 15
Star 0
Fork 0
G
gitlab-foss

体验新版 GitCode,发现更多精彩内容 >>

切换分支/标签
查找文件 普通视图历史永久链接Permalink
controller.rb 2.5 KB
Newer Older
L
Put controller in its separate file  
Lin Jen-Shin 已提交
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 
module Gitlab
  module Middleware
    class ReadOnly
      class Controller
        def initialize(app, env)
          @app = app
          @env = env
        end

        def call
          if disallowed_request? && Gitlab::Database.read_only?
            Rails.logger.debug('GitLab ReadOnly: preventing possible non read-only operation')
            error_message = 'You cannot do writing operations on a read-only GitLab instance'

            if json_request?
              return [403, { 'Content-Type' => 'application/json' }, [{ 'message' => error_message }.to_json]]
            else
              rack_flash.alert = error_message
              rack_session['flash'] = rack_flash.to_session_value

              return [301, { 'Location' => last_visited_url }, []]
            end
          end

          @app.call(@env)
        end

        private

        def disallowed_request?
          DISALLOWED_METHODS.include?(@env['REQUEST_METHOD']) &&
            !whitelisted_routes
        end

        def json_request?
          request.media_type == APPLICATION_JSON
        end

        def rack_flash
          @rack_flash ||= ActionDispatch::Flash::FlashHash.from_session_value(rack_session)
        end

        def rack_session
          @env['rack.session']
        end

        def request
          @env['rack.request'] ||= Rack::Request.new(@env)
        end

        def last_visited_url
          @env['HTTP_REFERER'] || rack_session['user_return_to'] || Gitlab::Routing.url_helpers.root_url
        end

        def route_hash
          @route_hash ||= Rails.application.routes.recognize_path(request.url, { method: request.request_method }) rescue {}
        end

        def whitelisted_routes
          grack_route || ReadOnly.internal_routes.any? { |path| request.path.include?(path) } || lfs_route || sidekiq_route
        end

        def sidekiq_route
          request.path.start_with?('/admin/sidekiq')
        end

        def grack_route
          # Calling route_hash may be expensive. Only do it if we think there's a possible match
          return false unless request.path.end_with?('.git/git-upload-pack')

          route_hash[:controller] == 'projects/git_http' && route_hash[:action] == 'git_upload_pack'
        end

        def lfs_route
          # Calling route_hash may be expensive. Only do it if we think there's a possible match
          return false unless request.path.end_with?('/info/lfs/objects/batch')

          route_hash[:controller] == 'projects/lfs_api' && route_hash[:action] == 'batch'
        end
      end
    end
  end
end