projects_controller.rb 12.9 KB
Newer Older
1 2
# frozen_string_literal: true

Douwe Maan's avatar
Douwe Maan committed
3
class ProjectsController < Projects::ApplicationController
4
  include API::Helpers::RelatedResourcesHelpers
5
  include IssuableCollections
6
  include ExtractsPath
7
  include PreviewMarkdown
8
  include SendFileUpload
9
  include RecordUserLastActivity
10

11 12
  prepend_before_action(only: [:show]) { authenticate_sessionless_user!(:rss) }

13
  before_action :whitelist_query_limiting, only: [:create]
14
  before_action :authenticate_user!, except: [:index, :show, :activity, :refs, :resolve]
15
  before_action :redirect_git_extension, only: [:show]
16 17
  before_action :project, except: [:index, :new, :create, :resolve]
  before_action :repository, except: [:index, :new, :create, :resolve]
18
  before_action :assign_ref_vars, only: [:show], if: :repo_exists?
winniehell's avatar
winniehell committed
19
  before_action :tree, only: [:show], if: [:repo_exists?, :project_view_files?]
20
  before_action :lfs_blob_ids, only: [:show], if: [:repo_exists?, :project_view_files?]
21
  before_action :project_export_enabled, only: [:export, :download_export, :remove_export, :generate_new_export]
22
  before_action :present_project, only: [:edit]
23
  before_action :authorize_download_code!, only: [:refs]
gitlabhq's avatar
gitlabhq committed
24 25

  # Authorize
26
  before_action :authorize_admin_project!, only: [:edit, :update, :housekeeping, :download_export, :export, :remove_export, :generate_new_export]
27
  before_action :event_filter, only: [:show, :activity]
gitlabhq's avatar
gitlabhq committed
28

Douwe Maan's avatar
Douwe Maan committed
29
  layout :determine_layout
Cyril's avatar
Cyril committed
30

31
  def index
32
    redirect_to(current_user ? root_path : explore_root_path)
33 34
  end

35
  # rubocop: disable CodeReuse/ActiveRecord
gitlabhq's avatar
gitlabhq committed
36
  def new
37 38 39 40
    namespace = Namespace.find_by(id: params[:namespace_id]) if params[:namespace_id]
    return access_denied! if namespace && !can?(current_user, :create_projects, namespace)

    @project = Project.new(namespace_id: namespace&.id)
gitlabhq's avatar
gitlabhq committed
41
  end
42
  # rubocop: enable CodeReuse/ActiveRecord
gitlabhq's avatar
gitlabhq committed
43 44

  def edit
45
    @badge_api_endpoint = expose_url(api_v4_projects_badges_path(id: @project.id))
Douwe Maan's avatar
Douwe Maan committed
46
    render 'edit'
gitlabhq's avatar
gitlabhq committed
47 48 49
  end

  def create
50
    @project = ::Projects::CreateService.new(current_user, project_params(attributes: project_params_create_attributes)).execute
gitlabhq's avatar
gitlabhq committed
51

52
    if @project.saved?
53 54
      cookies[:issue_board_welcome_hidden] = { path: project_path(@project), value: nil, expires: Time.at(0) }

Vinnie Okada's avatar
Vinnie Okada committed
55
      redirect_to(
56
        project_path(@project, custom_import_params),
57
        notice: _("Project '%{project_name}' was successfully created.") % { project_name: @project.name }
Vinnie Okada's avatar
Vinnie Okada committed
58
      )
59
    else
Eric Eastwood's avatar
Eric Eastwood committed
60
      render 'new', locals: { active_tab: active_new_project_tab }
gitlabhq's avatar
gitlabhq committed
61 62
    end
  end
gitlabhq's avatar
gitlabhq committed
63

gitlabhq's avatar
gitlabhq committed
64
  def update
65
    result = ::Projects::UpdateService.new(@project, current_user, project_params).execute
66

67
    # Refresh the repo in case anything changed
68
    @repository = @project.repository
69

gitlabhq's avatar
gitlabhq committed
70
    respond_to do |format|
71
      if result[:status] == :success
72
        flash[:notice] = _("Project '%{project_name}' was successfully updated.") % { project_name: @project.name }
73

Vinnie Okada's avatar
Vinnie Okada committed
74
        format.html do
75
          redirect_to(edit_project_path(@project, anchor: 'js-general-project-settings'))
Vinnie Okada's avatar
Vinnie Okada committed
76
        end
gitlabhq's avatar
gitlabhq committed
77
      else
78
        flash.now[:alert] = result[:message]
79

Douwe Maan's avatar
Douwe Maan committed
80
        format.html { render 'edit' }
gitlabhq's avatar
gitlabhq committed
81
      end
82 83

      format.js
gitlabhq's avatar
gitlabhq committed
84
    end
85
  end
86

87
  # rubocop: disable CodeReuse/ActiveRecord
88
  def transfer
89 90
    return access_denied! unless can?(current_user, :change_namespace, @project)

91 92 93 94 95
    namespace = Namespace.find_by(id: params[:new_namespace_id])
    ::Projects::TransferService.new(project, current_user).execute(namespace)

    if @project.errors[:new_namespace].present?
      flash[:alert] = @project.errors[:new_namespace].first
skv-headless's avatar
skv-headless committed
96
    end
gitlabhq's avatar
gitlabhq committed
97
  end
98
  # rubocop: enable CodeReuse/ActiveRecord
gitlabhq's avatar
gitlabhq committed
99

100
  def remove_fork
101 102
    return access_denied! unless can?(current_user, :remove_fork_project, @project)

103
    if ::Projects::UnlinkForkService.new(@project, current_user).execute
104
      flash[:notice] = _('The fork relationship has been removed.')
105 106 107
    end
  end

108 109 110 111 112 113 114 115 116 117
  def activity
    respond_to do |format|
      format.html
      format.json do
        load_events
        pager_json('events/_events', @events.count)
      end
    end
  end

gitlabhq's avatar
gitlabhq committed
118
  def show
119
    if @project.import_in_progress?
120
      redirect_to project_import_path(@project, custom_import_params)
121 122 123
      return
    end

124
    if @project.pending_delete?
125
      flash.now[:alert] = _("Project '%{project_name}' queued for deletion.") % { project_name: @project.name }
126 127
    end

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
128
    respond_to do |format|
Nihad Abbasov's avatar
Nihad Abbasov committed
129
      format.html do
130
        @notification_setting = current_user.notification_settings_for(@project) if current_user
131 132
        @project = @project.present(current_user: current_user)

133
        render_landing_page
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
134
      end
135

136 137
      format.atom do
        load_events
138
        render layout: 'xml.atom'
139
      end
140 141 142
    end
  end

gitlabhq's avatar
gitlabhq committed
143
  def destroy
144
    return access_denied! unless can?(current_user, :remove_project, @project)
145

Stan Hu's avatar
Stan Hu committed
146
    ::Projects::DestroyService.new(@project, current_user, {}).async_execute
147
    flash[:notice] = _("Project '%{project_name}' is in the process of being deleted.") % { project_name: @project.full_name }
gitlabhq's avatar
gitlabhq committed
148

Lin Jen-Shin's avatar
Lin Jen-Shin committed
149
    redirect_to dashboard_projects_path, status: :found
150
  rescue Projects::DestroyService::DestroyError => ex
151
    redirect_to edit_project_path(@project), status: 302, alert: ex.message
gitlabhq's avatar
gitlabhq committed
152
  end
153

154
  def new_issuable_address
155 156 157
    return render_404 unless Gitlab::IncomingEmail.supports_issue_creation?

    current_user.reset_incoming_email_token!
158
    render json: { new_address: @project.new_issuable_address(current_user, params[:issuable_type]) }
159 160
  end

161
  def archive
162
    return access_denied! unless can?(current_user, :archive_project, @project)
Douwe Maan's avatar
Douwe Maan committed
163

164
    ::Projects::UpdateService.new(@project, current_user, archived: true).execute
165 166

    respond_to do |format|
167
      format.html { redirect_to project_path(@project) }
168 169 170 171
    end
  end

  def unarchive
172
    return access_denied! unless can?(current_user, :archive_project, @project)
Douwe Maan's avatar
Douwe Maan committed
173

174
    ::Projects::UpdateService.new(@project, current_user, archived: false).execute
175 176

    respond_to do |format|
177
      format.html { redirect_to project_path(@project) }
178 179
    end
  end
180 181

  def housekeeping
182 183 184 185
    ::Projects::HousekeepingService.new(@project).execute

    redirect_to(
      project_path(@project),
186
      notice: _("Housekeeping successfully started")
187 188 189
    )
  rescue ::Projects::HousekeepingService::LeaseTaken => ex
    redirect_to(
190
      edit_project_path(@project, anchor: 'js-project-advanced-settings'),
191 192
      alert: ex.to_s
    )
193
  end
194

195
  def export
196
    @project.add_export_job(current_user: current_user)
197 198

    redirect_to(
199
      edit_project_path(@project, anchor: 'js-export-project'),
200
      notice: _("Project export started. A download link will be sent by email.")
201 202 203
    )
  end

James Lopez's avatar
James Lopez committed
204
  def download_export
205
    if @project.export_file_exists?
206
      send_upload(@project.export_file, attachment: @project.export_file.filename)
James Lopez's avatar
James Lopez committed
207
    else
208
      redirect_to(
209
        edit_project_path(@project, anchor: 'js-export-project'),
210
        alert: _("Project export link has expired. Please generate a new export from your project settings.")
211 212 213 214 215 216
      )
    end
  end

  def remove_export
    if @project.remove_exports
217
      flash[:notice] = _("Project export has been deleted.")
218
    else
219
      flash[:alert] = _("Project export could not be deleted.")
220
    end
221

222
    redirect_to(edit_project_path(@project, anchor: 'js-export-project'))
223 224 225 226 227
  end

  def generate_new_export
    if @project.remove_exports
      export
228 229
    else
      redirect_to(
230
        edit_project_path(@project, anchor: 'js-export-project'),
231
        alert: _("Project export could not be deleted.")
232
      )
James Lopez's avatar
James Lopez committed
233
    end
James Lopez's avatar
James Lopez committed
234 235
  end

Ciro Santilli's avatar
Ciro Santilli committed
236 237
  def toggle_star
    current_user.toggle_star(@project)
238
    @project.reload
239 240

    render json: {
241
      star_count: @project.star_count
242
    }
Ciro Santilli's avatar
Ciro Santilli committed
243 244
  end

245
  # rubocop: disable CodeReuse/ActiveRecord
246
  def refs
247 248 249 250 251
    find_refs = params['find']

    find_branches = true
    find_tags = true
    find_commits = true
Luke "Jared" Bennett's avatar
Luke "Jared" Bennett committed
252 253

    unless find_refs.nil?
Douwe Maan's avatar
Douwe Maan committed
254 255 256
      find_branches = find_refs.include?('branches')
      find_tags = find_refs.include?('tags')
      find_commits = find_refs.include?('commits')
257
    end
258

259 260 261
    options = {}

    if find_branches
Douwe Maan's avatar
Douwe Maan committed
262
      branches = BranchesFinder.new(@repository, params).execute.take(100).map(&:name)
263
      options['Branches'] = branches
264
    end
265

Douwe Maan's avatar
Douwe Maan committed
266 267
    if find_tags && @repository.tag_count.nonzero?
      tags = TagsFinder.new(@repository, params).execute.take(100).map(&:name)
268

269
      options['Tags'] = tags
Phil Hughes's avatar
Phil Hughes committed
270 271
    end

272
    # If reference is commit id - we should add it to branch/tag selectbox
273
    ref = Addressable::URI.unescape(params[:ref])
Douwe Maan's avatar
Douwe Maan committed
274
    if find_commits && ref && options.flatten(2).exclude?(ref) && ref =~ /\A[0-9a-zA-Z]{6,52}\z/
275
      options['Commits'] = [ref]
276 277 278 279
    end

    render json: options.to_json
  end
280
  # rubocop: enable CodeReuse/ActiveRecord
281

282
  # Render project landing depending of which features are available
283
  # So if page is not available in the list it renders the next page
284 285 286
  #
  # pages list order: repository readme, wiki home, issues list, customize workflow
  def render_landing_page
287
    if can?(current_user, :download_code, @project)
288
      return render 'projects/no_repo' unless @project.repository_exists?
289

290 291
      render 'projects/empty' if @project.empty_repo?
    else
292
      if can?(current_user, :read_wiki, @project)
293 294
        @project_wiki = @project.wiki
        @wiki_home = @project_wiki.find_page('home', params[:version_id])
295
      elsif @project.feature_available?(:issues, current_user)
296
        @issues = issuables_collection.page(params[:page])
297 298
        @collection_type = 'Issue'
        @issuable_meta_data = issuable_meta_data(@issues, @collection_type)
299 300 301 302 303 304
      end

      render :show
    end
  end

305 306 307 308
  def finder_type
    IssuesFinder
  end

Douwe Maan's avatar
Douwe Maan committed
309 310 311 312 313 314 315 316
  def determine_layout
    if [:new, :create].include?(action_name.to_sym)
      'application'
    elsif [:edit, :update].include?(action_name.to_sym)
      'project_settings'
    else
      'project'
    end
317
  end
318

319
  # rubocop: disable CodeReuse/ActiveRecord
320
  def load_events
321 322 323 324 325
    projects = Project.where(id: @project.id)

    @events = EventCollection
      .new(projects, offset: params[:offset].to_i, filter: event_filter)
      .to_a
326 327

    Events::RenderService.new(current_user).execute(@events, atom_request: request.format.atom?)
328
  end
329
  # rubocop: enable CodeReuse/ActiveRecord
330

Małgorzata Ksionek's avatar
Małgorzata Ksionek committed
331
  def project_params(attributes: [])
332
    params.require(:project)
Małgorzata Ksionek's avatar
Małgorzata Ksionek committed
333
      .permit(project_params_attributes + attributes)
334
  end
335

336
  def project_params_attributes
337 338 339 340
    [
      :avatar,
      :build_allow_git_fetch,
      :build_coverage_regex,
341
      :build_timeout_human_readable,
342
      :resolve_outdated_diff_discussions,
343
      :container_registry_enabled,
344 345 346 347 348 349 350 351
      :default_branch,
      :description,
      :import_url,
      :issues_tracker,
      :issues_tracker_id,
      :last_activity_at,
      :lfs_enabled,
      :name,
352
      :only_allow_merge_if_all_discussions_are_resolved,
353
      :only_allow_merge_if_pipeline_succeeds,
354
      :path,
355
      :printing_merge_request_link_enabled,
356 357 358 359 360
      :public_builds,
      :request_access_enabled,
      :runners_token,
      :tag_list,
      :visibility_level,
361
      :template_name,
362
      :merge_method,
363
      :initialize_with_readme,
364 365 366 367 368 369 370 371

      project_feature_attributes: %i[
        builds_access_level
        issues_access_level
        merge_requests_access_level
        repository_access_level
        snippets_access_level
        wiki_access_level
372
        pages_access_level
373 374
      ]
    ]
375
  end
376

377
  def project_params_create_attributes
Małgorzata Ksionek's avatar
Małgorzata Ksionek committed
378
    [:namespace_id]
379 380
  end

381 382 383 384
  def custom_import_params
    {}
  end

Eric Eastwood's avatar
Eric Eastwood committed
385 386 387 388
  def active_new_project_tab
    project_params[:import_url].present? ? 'import' : 'blank'
  end

389
  def repo_exists?
390
    project.repository_exists? && !project.empty_repo?
391 392 393 394 395

  rescue Gitlab::Git::Repository::NoRepository
    project.repository.expire_exists_cache

    false
396 397
  end

398
  def project_view_files?
399 400 401 402 403
    if current_user
      current_user.project_view == 'files'
    else
      project_view_files_allowed?
    end
404 405
  end

406
  # Override extract_ref from ExtractsPath, which returns the branch and file path
Douwe Maan's avatar
Douwe Maan committed
407
  # for the blob/tree, which in this case is just the root of the default branch.
408 409 410 411 412 413
  # This way we avoid to access the repository.ref_names.
  def extract_ref(_id)
    [get_id, '']
  end

  # Override get_id from ExtractsPath in this case is just the root of the default branch.
414 415 416
  def get_id
    project.repository.root_ref
  end
417 418 419 420

  def project_view_files_allowed?
    !project.empty_repo? && can?(current_user, :download_code, project)
  end
421 422 423 424 425

  def build_canonical_path(project)
    params[:namespace_id] = project.namespace.to_param
    params[:id] = project.to_param

426
    url_for(safe_params)
427
  end
428 429

  def project_export_enabled
430
    render_404 unless Gitlab::CurrentSettings.project_export_enabled?
431
  end
432 433 434 435 436 437 438

  def redirect_git_extension
    # Redirect from
    #   localhost/group/project.git
    # to
    #   localhost/group/project
    #
439
    redirect_to request.original_url.sub(%r{\.git/?\Z}, '') if params[:format] == 'git'
440
  end
441 442 443 444

  def whitelist_query_limiting
    Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42440')
  end
445 446 447 448

  def present_project
    @project = @project.present(current_user: current_user)
  end
449 450 451 452 453 454 455 456 457 458

  def resolve
    @project = Project.find(params[:id])

    if can?(current_user, :read_project, @project)
      redirect_to @project
    else
      render_404
    end
  end
gitlabhq's avatar
gitlabhq committed
459
end