Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
iv
gitlab-ce
Commits
cda0b7e1
Commit
cda0b7e1
authored
Mar 10, 2016
by
Jacob Vosmaer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Rename ExpiringLock to ExclusiveLease
parent
acd9bc02
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
39 additions
and
54 deletions
+39
-54
app/controllers/application_controller.rb
app/controllers/application_controller.rb
+1
-1
lib/gitlab/exclusive_lease.rb
lib/gitlab/exclusive_lease.rb
+37
-0
lib/gitlab/expiring_lock.rb
lib/gitlab/expiring_lock.rb
+0
-52
lib/gitlab/ldap/access.rb
lib/gitlab/ldap/access.rb
+1
-1
No files found.
app/controllers/application_controller.rb
View file @
cda0b7e1
...
...
@@ -246,7 +246,7 @@ class ApplicationController < ActionController::Base
def
ldap_security_check
if
current_user
&&
current_user
.
requires_ldap_check?
return
unless
Gitlab
::
LDAP
::
Access
.
try_lock_user
(
user
)
return
unless
Gitlab
::
LDAP
::
Access
.
try_lock_user
(
current_
user
)
unless
Gitlab
::
LDAP
::
Access
.
allowed?
(
current_user
)
sign_out
current_user
...
...
lib/gitlab/exclusive_lease.rb
0 → 100644
View file @
cda0b7e1
require
'securerandom'
module
Gitlab
# This class implements an 'exclusive lease'. We call it a 'lease'
# because it has a set expiry time. We call it 'exclusive' because only
# one caller may obtain a lease for a given key at a time. The
# implementation is intended to work across GitLab processes and across
# servers. It is a 'cheap' alternative to using SQL queries and updates:
# you do not need to change the SQL schema to start using
# ExclusiveLease.
class
ExclusiveLease
def
initialize
(
key
,
timeout
)
@key
,
@timeout
=
key
,
timeout
end
# Try to obtain the lease. Return true on succes,
# false if the lease is already taken.
def
try_obtain
!!
redis
.
set
(
redis_key
,
redis_value
,
nx:
true
,
ex:
@timeout
)
end
private
def
redis
# Maybe someday we want to use a connection pool...
@redis
||=
Redis
.
new
(
url:
Gitlab
::
RedisConfig
.
url
)
end
def
redis_key
"gitlab:exclusive_lease:
#{
@key
}
"
end
def
redis_value
@redis_value
||=
SecureRandom
.
hex
(
10
)
end
end
end
lib/gitlab/expiring_lock.rb
deleted
100644 → 0
View file @
acd9bc02
module
Gitlab
# This class implements a distributed self-expiring lock.
#
# [2] pry(main)> l = Gitlab::ExpiringLock.new('foobar', 5)
# => #<Gitlab::ExpiringLock:0x007ffb9d7cb7f8 @key="foobar", @timeout=5>
# [3] pry(main)> l.try_lock
# => true
# [4] pry(main)> l.try_lock # Only the first try_lock succeeds
# => false
# [5] pry(main)> l.locked?
# => true
# [6] pry(main)> sleep 5
# => 5
# [7] pry(main)> l.locked? # After the timeout the lock is released
# => false
#
class
ExpiringLock
def
initialize
(
key
,
timeout
)
@key
,
@timeout
=
key
,
timeout
end
# Try to obtain the lock. Return true on succes,
# false if the lock is already taken.
def
try_lock
# INCR does not change the key TTL
if
redis
.
incr
(
redis_key
)
==
1
# We won the race to insert the key into Redis
redis
.
expire
(
redis_key
,
@timeout
)
true
else
# Somebody else won the race
false
end
end
# Check if somebody somewhere locked this key
def
locked?
!!
redis
.
get
(
redis_key
)
end
private
def
redis
# Maybe someday we want to use a connection pool...
@redis
||=
Redis
.
new
(
url:
Gitlab
::
RedisConfig
.
url
)
end
def
redis_key
"gitlab:expiring_lock:
#{
@key
}
"
end
end
end
lib/gitlab/ldap/access.rb
View file @
cda0b7e1
...
...
@@ -10,7 +10,7 @@ module Gitlab
LOCK_TIMEOUT
=
600
def
self
.
try_lock_user
(
user
)
Gitlab
::
Ex
piringLock
.
new
(
"user_ldap_check:
#{
user
.
id
}
"
,
LOCK_TIMEOUT
).
try_lock
Gitlab
::
Ex
clusiveLease
.
new
(
"user_ldap_check:
#{
user
.
id
}
"
,
LOCK_TIMEOUT
).
try_obtain
end
def
self
.
open
(
user
,
&
block
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment