Commit 0e921c7c authored by Nick Thomas's avatar Nick Thomas

Merge branch 'extract-ee-specific-lines-for-issues-and-mr-controllers' into 'master'

Extract EE-specific lines for issues and MR controllers

Closes #6668

See merge request gitlab-org/gitlab-ee!8062
parents 989d5661 4c7c9a2b
...@@ -9,14 +9,27 @@ class Projects::IssuesController < Projects::ApplicationController ...@@ -9,14 +9,27 @@ class Projects::IssuesController < Projects::ApplicationController
include IssuesCalendar include IssuesCalendar
include SpammableActions include SpammableActions
prepend_before_action :authenticate_user!, only: [:new, :export_csv] prepend ::EE::Projects::IssuesController
def self.authenticate_user_only_actions
%i[new]
end
def self.issue_except_actions
%i[index calendar new create bulk_update]
end
def self.set_issuables_index_only_actions
%i[index calendar]
end
prepend_before_action :authenticate_user!, only: authenticate_user_only_actions
before_action :whitelist_query_limiting_ee, only: [:update]
before_action :whitelist_query_limiting, only: [:create, :create_merge_request, :move, :bulk_update] before_action :whitelist_query_limiting, only: [:create, :create_merge_request, :move, :bulk_update]
before_action :check_issues_available! before_action :check_issues_available!
before_action :issue, except: [:index, :calendar, :new, :create, :bulk_update, :export_csv] before_action :issue, except: issue_except_actions
before_action :set_issuables_index, only: [:index, :calendar] before_action :set_issuables_index, only: set_issuables_index_only_actions
# Allow write(create) issue # Allow write(create) issue
before_action :authorize_create_issue!, only: [:new, :create] before_action :authorize_create_issue!, only: [:new, :create]
...@@ -27,8 +40,6 @@ class Projects::IssuesController < Projects::ApplicationController ...@@ -27,8 +40,6 @@ class Projects::IssuesController < Projects::ApplicationController
# Allow create a new branch and empty WIP merge request from current issue # Allow create a new branch and empty WIP merge request from current issue
before_action :authorize_create_merge_request_from!, only: [:create_merge_request] before_action :authorize_create_merge_request_from!, only: [:create_merge_request]
prepend ::EE::Projects::IssuesController
respond_to :html respond_to :html
def index def index
...@@ -254,8 +265,4 @@ class Projects::IssuesController < Projects::ApplicationController ...@@ -254,8 +265,4 @@ class Projects::IssuesController < Projects::ApplicationController
# 3. https://gitlab.com/gitlab-org/gitlab-ce/issues/42426 # 3. https://gitlab.com/gitlab-org/gitlab-ce/issues/42426
Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42422') Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42422')
end end
def whitelist_query_limiting_ee
Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ee/issues/4794')
end
end end
...@@ -11,7 +11,6 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo ...@@ -11,7 +11,6 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
prepend ::EE::Projects::MergeRequestsController prepend ::EE::Projects::MergeRequestsController
skip_before_action :merge_request, only: [:index, :bulk_update] skip_before_action :merge_request, only: [:index, :bulk_update]
before_action :whitelist_query_limiting_ee, only: [:merge, :show]
before_action :whitelist_query_limiting, only: [:assign_related_issues, :update] before_action :whitelist_query_limiting, only: [:assign_related_issues, :update]
before_action :authorize_update_issuable!, only: [:close, :edit, :update, :remove_wip, :sort] before_action :authorize_update_issuable!, only: [:close, :edit, :update, :remove_wip, :sort]
before_action :set_issuables_index, only: [:index] before_action :set_issuables_index, only: [:index]
...@@ -171,8 +170,9 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo ...@@ -171,8 +170,9 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
end end
def merge def merge
return access_denied! unless @merge_request.can_be_merged_by?(current_user) access_check_result = merge_access_check
return render_404 unless @merge_request.approved?
return access_check_result if access_check_result
status = merge! status = merge!
...@@ -266,9 +266,9 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo ...@@ -266,9 +266,9 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
return :failed return :failed
end end
merge_request_service = ::MergeRequests::MergeService.new(@project, current_user, merge_params) merge_service = ::MergeRequests::MergeService.new(@project, current_user, merge_params)
unless merge_request_service.hooks_validation_pass?(@merge_request) unless merge_service.hooks_validation_pass?(@merge_request)
return :hook_validation_error return :hook_validation_error
end end
...@@ -334,13 +334,12 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo ...@@ -334,13 +334,12 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
access_denied! unless access_check access_denied! unless access_check
end end
def merge_access_check
access_denied! unless @merge_request.can_be_merged_by?(current_user)
end
def whitelist_query_limiting def whitelist_query_limiting
# Also see https://gitlab.com/gitlab-org/gitlab-ce/issues/42441 # Also see https://gitlab.com/gitlab-org/gitlab-ce/issues/42441
Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42438') Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42438')
end end
def whitelist_query_limiting_ee
# Also see https://gitlab.com/gitlab-org/gitlab-ee/issues/4793
Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ee/issues/4792')
end
end end
...@@ -51,6 +51,11 @@ module MergeRequests ...@@ -51,6 +51,11 @@ module MergeRequests
end end
end end
# Overridden in EE.
def hooks_validation_pass?(_merge_request)
true
end
private private
def error_check! def error_check!
......
# frozen_string_literal: true
module EE module EE
module Projects module Projects
module IssuesController module IssuesController
...@@ -6,8 +8,26 @@ module EE ...@@ -6,8 +8,26 @@ module EE
prepended do prepended do
before_action :check_export_issues_available!, only: [:export_csv] before_action :check_export_issues_available!, only: [:export_csv]
before_action :check_service_desk_available!, only: [:service_desk] before_action :check_service_desk_available!, only: [:service_desk]
before_action :set_issuables_index, only: [:index, :calendar, :service_desk] before_action :whitelist_query_limiting_ee, only: [:update]
skip_before_action :issue, only: [:service_desk] end
class_methods do
extend ::Gitlab::Utils::Override
override :authenticate_user_only_actions
def authenticate_user_only_actions
super + %i[export_csv]
end
override :issue_except_actions
def issue_except_actions
super + %i[export_csv service_desk]
end
override :set_issuables_index_only_actions
def set_issuables_index_only_actions
super + %i[service_desk]
end
end end
def service_desk def service_desk
...@@ -46,6 +66,10 @@ module EE ...@@ -46,6 +66,10 @@ module EE
def service_desk? def service_desk?
action_name == 'service_desk' action_name == 'service_desk'
end end
def whitelist_query_limiting_ee
::Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ee/issues/4794')
end
end end
end end
end end
...@@ -5,6 +5,11 @@ module EE ...@@ -5,6 +5,11 @@ module EE
APPROVAL_RENDERING_ACTIONS = [:approve, :approvals, :unapprove].freeze APPROVAL_RENDERING_ACTIONS = [:approve, :approvals, :unapprove].freeze
prepended do
before_action :whitelist_query_limiting_ee_merge, only: [:merge]
before_action :whitelist_query_limiting_ee_show, only: [:show]
end
def approve def approve
unless merge_request.can_approve?(current_user) unless merge_request.can_approve?(current_user)
return render_404 return render_404
...@@ -59,6 +64,23 @@ module EE ...@@ -59,6 +64,23 @@ module EE
end end
end end
end end
private
def merge_access_check
super_result = super
return super_result if super_result
return render_404 unless @merge_request.approved?
end
def whitelist_query_limiting_ee_merge
::Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ee/issues/4792')
end
def whitelist_query_limiting_ee_show
::Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ee/issues/4793')
end
end end
end end
end end
...@@ -10,6 +10,7 @@ module EE ...@@ -10,6 +10,7 @@ module EE
super super
end end
override :hooks_validation_pass?
def hooks_validation_pass?(merge_request) def hooks_validation_pass?(merge_request)
# handle_merge_error needs this. We should move that to a separate # handle_merge_error needs this. We should move that to a separate
# object instead of relying on the order of method calls. # object instead of relying on the order of method calls.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment