Commit 5883ce95 authored by Sean McGivern's avatar Sean McGivern

`current_application_settings` belongs on `Gitlab::CurrentSettings`

The initializers including this were doing so at the top level, so every object
loaded after them had a `current_application_settings` method. However, if
someone had rack-attack enabled (which was loaded before these initializers), it
would try to load the API, and fail, because `Gitlab::CurrentSettings` didn't
have that method.

To fix this:

1. Don't include `Gitlab::CurrentSettings` at the top level. We do not need
   `Object.new.current_application_settings` to work.
2. Make `Gitlab::CurrentSettings` explicitly `extend self`, as we already use it
   like that in several places.
3. Change the initializers to use that new form.
parent bf51ab88
module RequiresWhitelistedMonitoringClient module RequiresWhitelistedMonitoringClient
extend ActiveSupport::Concern extend ActiveSupport::Concern
include Gitlab::CurrentSettings
included do included do
before_action :validate_ip_whitelisted_or_valid_token! before_action :validate_ip_whitelisted_or_valid_token!
end end
......
...@@ -202,7 +202,7 @@ module ApplicationHelper ...@@ -202,7 +202,7 @@ module ApplicationHelper
end end
def support_url def support_url
current_application_settings.help_page_support_url.presence || promo_url + '/getting-help/' Gitlab::CurrentSettings.current_application_settings.help_page_support_url.presence || promo_url + '/getting-help/'
end end
def page_filter_path(options = {}) def page_filter_path(options = {})
......
module ApplicationSettingsHelper module ApplicationSettingsHelper
extend self extend self
include Gitlab::CurrentSettings
delegate :gravatar_enabled?, delegate :gravatar_enabled?,
:signup_enabled?, :signup_enabled?,
:password_authentication_enabled?, :password_authentication_enabled?,
......
module AuthHelper module AuthHelper
include Gitlab::CurrentSettings
PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2 facebook azure_oauth2 authentiq).freeze PROVIDERS_WITH_ICONS = %w(twitter github gitlab bitbucket google_oauth2 facebook azure_oauth2 authentiq).freeze
FORM_BASED_PROVIDERS = [/\Aldap/, 'crowd'].freeze FORM_BASED_PROVIDERS = [/\Aldap/, 'crowd'].freeze
......
module ProjectsHelper module ProjectsHelper
include Gitlab::CurrentSettings
def link_to_project(project) def link_to_project(project)
link_to [project.namespace.becomes(Namespace), project], title: h(project.name) do link_to [project.namespace.becomes(Namespace), project], title: h(project.name) do
title = content_tag(:span, project.name, class: 'project-name') title = content_tag(:span, project.name, class: 'project-name')
......
class BaseMailer < ActionMailer::Base class BaseMailer < ActionMailer::Base
include Gitlab::CurrentSettings
around_action :render_with_default_locale around_action :render_with_default_locale
helper ApplicationHelper helper ApplicationHelper
helper MarkupHelper helper MarkupHelper
attr_accessor :current_user attr_accessor :current_user
helper_method :current_user, :can? helper_method :current_user, :can?, :current_application_settings
default from: proc { default_sender_address.format } default from: proc { default_sender_address.format }
default reply_to: proc { default_reply_to_address.format } default reply_to: proc { default_reply_to_address.format }
......
...@@ -28,7 +28,7 @@ module Spammable ...@@ -28,7 +28,7 @@ module Spammable
def submittable_as_spam? def submittable_as_spam?
if user_agent_detail if user_agent_detail
user_agent_detail.submittable? && current_application_settings.akismet_enabled user_agent_detail.submittable? && Gitlab::CurrentSettings.current_application_settings.akismet_enabled
else else
false false
end end
......
...@@ -19,6 +19,7 @@ class Project < ActiveRecord::Base ...@@ -19,6 +19,7 @@ class Project < ActiveRecord::Base
include Routable include Routable
extend Gitlab::ConfigHelper extend Gitlab::ConfigHelper
extend Gitlab::CurrentSettings
BoardLimitExceeded = Class.new(StandardError) BoardLimitExceeded = Class.new(StandardError)
......
...@@ -2,6 +2,8 @@ class ProtectedBranch < ActiveRecord::Base ...@@ -2,6 +2,8 @@ class ProtectedBranch < ActiveRecord::Base
include Gitlab::ShellAdapter include Gitlab::ShellAdapter
include ProtectedRef include ProtectedRef
extend Gitlab::CurrentSettings
protected_ref_access_levels :merge, :push protected_ref_access_levels :merge, :push
# Check if branch name is marked as protected in the system # Check if branch name is marked as protected in the system
......
...@@ -10,6 +10,8 @@ class Snippet < ActiveRecord::Base ...@@ -10,6 +10,8 @@ class Snippet < ActiveRecord::Base
include Spammable include Spammable
include Editable include Editable
extend Gitlab::CurrentSettings
cache_markdown_field :title, pipeline: :single_line cache_markdown_field :title, pipeline: :single_line
cache_markdown_field :description cache_markdown_field :description
cache_markdown_field :content cache_markdown_field :content
......
...@@ -2,6 +2,7 @@ require 'carrierwave/orm/activerecord' ...@@ -2,6 +2,7 @@ require 'carrierwave/orm/activerecord'
class User < ActiveRecord::Base class User < ActiveRecord::Base
extend Gitlab::ConfigHelper extend Gitlab::ConfigHelper
extend Gitlab::CurrentSettings
include Gitlab::ConfigHelper include Gitlab::ConfigHelper
include Gitlab::CurrentSettings include Gitlab::CurrentSettings
......
require_dependency 'declarative_policy' require_dependency 'declarative_policy'
class BasePolicy < DeclarativePolicy::Base class BasePolicy < DeclarativePolicy::Base
include Gitlab::CurrentSettings
desc "User is an instance admin" desc "User is an instance admin"
with_options scope: :user, score: 0 with_options scope: :user, score: 0
condition(:admin) { @user&.admin? } condition(:admin) { @user&.admin? }
...@@ -15,6 +13,6 @@ class BasePolicy < DeclarativePolicy::Base ...@@ -15,6 +13,6 @@ class BasePolicy < DeclarativePolicy::Base
desc "The application is restricted from public visibility" desc "The application is restricted from public visibility"
condition(:restricted_public_level, scope: :global) do condition(:restricted_public_level, scope: :global) do
current_application_settings.restricted_visibility_levels.include?(Gitlab::VisibilityLevel::PUBLIC) Gitlab::CurrentSettings.current_application_settings.restricted_visibility_levels.include?(Gitlab::VisibilityLevel::PUBLIC)
end end
end end
class AkismetService class AkismetService
include Gitlab::CurrentSettings
attr_accessor :owner, :text, :options attr_accessor :owner, :text, :options
def initialize(owner, text, options = {}) def initialize(owner, text, options = {})
......
module Auth module Auth
class ContainerRegistryAuthenticationService < BaseService class ContainerRegistryAuthenticationService < BaseService
include Gitlab::CurrentSettings extend Gitlab::CurrentSettings
AUDIENCE = 'container_registry'.freeze AUDIENCE = 'container_registry'.freeze
......
module Projects module Projects
class UpdatePagesService < BaseService class UpdatePagesService < BaseService
include Gitlab::CurrentSettings
BLOCK_SIZE = 32.kilobytes BLOCK_SIZE = 32.kilobytes
MAX_SIZE = 1.terabyte MAX_SIZE = 1.terabyte
SITE_PATH = 'public/'.freeze SITE_PATH = 'public/'.freeze
......
class UploadService class UploadService
include Gitlab::CurrentSettings
def initialize(model, file, uploader_class = FileUploader) def initialize(model, file, uploader_class = FileUploader)
@model, @file, @uploader_class = model, file, uploader_class @model, @file, @uploader_class = model, file, uploader_class
end end
......
module Users module Users
class BuildService < BaseService class BuildService < BaseService
include Gitlab::CurrentSettings
def initialize(current_user, params = {}) def initialize(current_user, params = {})
@current_user = current_user @current_user = current_user
@params = params.dup @params = params.dup
......
# Be sure to restart your server when you modify this file. # Be sure to restart your server when you modify this file.
require 'gitlab/current_settings' require 'gitlab/current_settings'
include Gitlab::CurrentSettings
if Rails.env.production? if Rails.env.production?
# allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done # allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done
begin begin
sentry_enabled = current_application_settings.sentry_enabled sentry_enabled = Gitlab::CurrentSettings.current_application_settings.sentry_enabled
rescue rescue
sentry_enabled = false sentry_enabled = false
end end
if sentry_enabled if sentry_enabled
Raven.configure do |config| Raven.configure do |config|
config.dsn = current_application_settings.sentry_dsn config.dsn = Gitlab::CurrentSettings.current_application_settings.sentry_dsn
config.release = Gitlab::REVISION config.release = Gitlab::REVISION
# Sanitize fields based on those sanitized from Rails. # Sanitize fields based on those sanitized from Rails.
......
# Be sure to restart your server when you modify this file. # Be sure to restart your server when you modify this file.
require 'gitlab/current_settings' require 'gitlab/current_settings'
include Gitlab::CurrentSettings
# allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done # allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done
begin begin
Settings.gitlab['session_expire_delay'] = current_application_settings.session_expire_delay || 10080 Settings.gitlab['session_expire_delay'] = Gitlab::CurrentSettings.current_application_settings.session_expire_delay || 10080
rescue rescue
Settings.gitlab['session_expire_delay'] ||= 10080 Settings.gitlab['session_expire_delay'] ||= 10080
end end
......
module API module API
module Helpers module Helpers
module Runner module Runner
include Gitlab::CurrentSettings
JOB_TOKEN_HEADER = 'HTTP_JOB_TOKEN'.freeze JOB_TOKEN_HEADER = 'HTTP_JOB_TOKEN'.freeze
JOB_TOKEN_PARAM = :token JOB_TOKEN_PARAM = :token
UPDATE_RUNNER_EVERY = 10 * 60 UPDATE_RUNNER_EVERY = 10 * 60
......
# Read about interceptors in http://guides.rubyonrails.org/action_mailer_basics.html#intercepting-emails # Read about interceptors in http://guides.rubyonrails.org/action_mailer_basics.html#intercepting-emails
class EmailTemplateInterceptor class EmailTemplateInterceptor
include Gitlab::CurrentSettings extend Gitlab::CurrentSettings
def self.delivering_email(message) def self.delivering_email(message)
# Remove HTML part if HTML emails are disabled. # Remove HTML part if HTML emails are disabled.
......
...@@ -6,6 +6,8 @@ module Gitlab ...@@ -6,6 +6,8 @@ module Gitlab
# Parser/renderer for the AsciiDoc format that uses Asciidoctor and filters # Parser/renderer for the AsciiDoc format that uses Asciidoctor and filters
# the resulting HTML through HTML pipeline filters. # the resulting HTML through HTML pipeline filters.
module Asciidoc module Asciidoc
extend Gitlab::CurrentSettings
DEFAULT_ADOC_ATTRS = [ DEFAULT_ADOC_ATTRS = [
'showtitle', 'idprefix=user-content-', 'idseparator=-', 'env=gitlab', 'showtitle', 'idprefix=user-content-', 'idseparator=-', 'env=gitlab',
'env-gitlab', 'source-highlighter=html-pipeline', 'icons=font' 'env-gitlab', 'source-highlighter=html-pipeline', 'icons=font'
......
...@@ -19,6 +19,8 @@ module Gitlab ...@@ -19,6 +19,8 @@ module Gitlab
OPTIONAL_SCOPES = (AVAILABLE_SCOPES + OPENID_SCOPES - DEFAULT_SCOPES).freeze OPTIONAL_SCOPES = (AVAILABLE_SCOPES + OPENID_SCOPES - DEFAULT_SCOPES).freeze
class << self class << self
include Gitlab::CurrentSettings
def find_for_git_client(login, password, project:, ip:) def find_for_git_client(login, password, project:, ip:)
raise "Must provide an IP for rate limiting" if ip.nil? raise "Must provide an IP for rate limiting" if ip.nil?
......
module Gitlab module Gitlab
module CurrentSettings module CurrentSettings
extend self
def current_application_settings def current_application_settings
if RequestStore.active? if RequestStore.active?
RequestStore.fetch(:current_application_settings) { ensure_application_settings! } RequestStore.fetch(:current_application_settings) { ensure_application_settings! }
......
...@@ -3,6 +3,7 @@ ...@@ -3,6 +3,7 @@
module Gitlab module Gitlab
module GonHelper module GonHelper
include WebpackHelper include WebpackHelper
include Gitlab::CurrentSettings
def add_gon_variables def add_gon_variables
gon.api_version = 'v4' gon.api_version = 'v4'
......
module Gitlab module Gitlab
module Metrics module Metrics
module InfluxDb module InfluxDb
extend Gitlab::CurrentSettings include Gitlab::CurrentSettings
extend self extend self
MUTEX = Mutex.new MUTEX = Mutex.new
......
module Gitlab module Gitlab
module PerformanceBar module PerformanceBar
include Gitlab::CurrentSettings extend Gitlab::CurrentSettings
ALLOWED_USER_IDS_KEY = 'performance_bar_allowed_user_ids:v2'.freeze ALLOWED_USER_IDS_KEY = 'performance_bar_allowed_user_ids:v2'.freeze
EXPIRY_TIME = 5.minutes EXPIRY_TIME = 5.minutes
......
module Gitlab module Gitlab
class PollingInterval class PollingInterval
include Gitlab::CurrentSettings extend Gitlab::CurrentSettings
HEADER_NAME = 'Poll-Interval'.freeze HEADER_NAME = 'Poll-Interval'.freeze
......
module Gitlab module Gitlab
module ProtocolAccess module ProtocolAccess
extend Gitlab::CurrentSettings
def self.allowed?(protocol) def self.allowed?(protocol)
if protocol == 'web' if protocol == 'web'
true true
......
module Gitlab module Gitlab
module Recaptcha module Recaptcha
extend Gitlab::CurrentSettings
def self.load_configurations! def self.load_configurations!
if current_application_settings.recaptcha_enabled if current_application_settings.recaptcha_enabled
::Recaptcha.configure do |config| ::Recaptcha.configure do |config|
......
module Gitlab module Gitlab
module Sentry module Sentry
extend Gitlab::CurrentSettings
def self.enabled? def self.enabled?
Rails.env.production? && current_application_settings.sentry_enabled? Rails.env.production? && current_application_settings.sentry_enabled?
end end
......
module Gitlab module Gitlab
class UsageData class UsageData
include Gitlab::CurrentSettings
class << self class << self
include Gitlab::CurrentSettings
def data(force_refresh: false) def data(force_refresh: false)
Rails.cache.fetch('usage_data', force: force_refresh, expires_in: 2.weeks) { uncached_data } Rails.cache.fetch('usage_data', force: force_refresh, expires_in: 2.weeks) { uncached_data }
end end
......
...@@ -80,7 +80,7 @@ class GithubImport ...@@ -80,7 +80,7 @@ class GithubImport
end end
def visibility_level def visibility_level
@repo['private'] ? Gitlab::VisibilityLevel::PRIVATE : current_application_settings.default_project_visibility @repo['private'] ? Gitlab::VisibilityLevel::PRIVATE : Gitlab::CurrentSettings.current_application_settings.default_project_visibility
end end
end end
......
...@@ -4,7 +4,7 @@ describe VersionCheckHelper do ...@@ -4,7 +4,7 @@ describe VersionCheckHelper do
describe '#version_status_badge' do describe '#version_status_badge' do
it 'should return nil if not dev environment and not enabled' do it 'should return nil if not dev environment and not enabled' do
allow(Rails.env).to receive(:production?) { false } allow(Rails.env).to receive(:production?) { false }
allow(current_application_settings).to receive(:version_check_enabled) { false } allow(helper.current_application_settings).to receive(:version_check_enabled) { false }
expect(helper.version_status_badge).to be(nil) expect(helper.version_status_badge).to be(nil)
end end
...@@ -12,7 +12,7 @@ describe VersionCheckHelper do ...@@ -12,7 +12,7 @@ describe VersionCheckHelper do
context 'when production and enabled' do context 'when production and enabled' do
before do before do
allow(Rails.env).to receive(:production?) { true } allow(Rails.env).to receive(:production?) { true }
allow(current_application_settings).to receive(:version_check_enabled) { true } allow(helper.current_application_settings).to receive(:version_check_enabled) { true }
allow_any_instance_of(VersionCheck).to receive(:url) { 'https://version.host.com/check.svg?gitlab_info=xxx' } allow_any_instance_of(VersionCheck).to receive(:url) { 'https://version.host.com/check.svg?gitlab_info=xxx' }
@image_tag = helper.version_status_badge @image_tag = helper.version_status_badge
......
...@@ -41,7 +41,7 @@ describe Gitlab::Auth::UniqueIpsLimiter, :clean_gitlab_redis_shared_state do ...@@ -41,7 +41,7 @@ describe Gitlab::Auth::UniqueIpsLimiter, :clean_gitlab_redis_shared_state do
context 'allow 2 unique ips' do context 'allow 2 unique ips' do
before do before do
current_application_settings.update!(unique_ips_limit_per_user: 2) Gitlab::CurrentSettings.current_application_settings.update!(unique_ips_limit_per_user: 2)
end end
it 'blocks user trying to login from third ip' do it 'blocks user trying to login from third ip' do
......
# Inspired by https://github.com/ljkbennett/stub_env/blob/master/lib/stub_env/helpers.rb # Inspired by https://github.com/ljkbennett/stub_env/blob/master/lib/stub_env/helpers.rb
module StubENV module StubENV
include Gitlab::CurrentSettings
def stub_env(key_or_hash, value = nil) def stub_env(key_or_hash, value = nil)
init_stub unless env_stubbed? init_stub unless env_stubbed?
if key_or_hash.is_a? Hash if key_or_hash.is_a? Hash
......
...@@ -9,6 +9,7 @@ describe 'admin/dashboard/index.html.haml' do ...@@ -9,6 +9,7 @@ describe 'admin/dashboard/index.html.haml' do
assign(:groups, create_list(:group, 1)) assign(:groups, create_list(:group, 1))
allow(view).to receive(:admin?).and_return(true) allow(view).to receive(:admin?).and_return(true)
allow(view).to receive(:current_application_settings).and_return(Gitlab::CurrentSettings.current_application_settings)
end end
it "shows version of GitLab Workhorse" do it "shows version of GitLab Workhorse" do
......
...@@ -5,6 +5,7 @@ describe 'devise/shared/_signin_box' do ...@@ -5,6 +5,7 @@ describe 'devise/shared/_signin_box' do
before do before do
stub_devise stub_devise
assign(:ldap_servers, []) assign(:ldap_servers, [])
allow(view).to receive(:current_application_settings).and_return(Gitlab::CurrentSettings.current_application_settings)
end end
it 'is shown when Crowd is enabled' do it 'is shown when Crowd is enabled' do
......
...@@ -37,5 +37,6 @@ describe 'help/index' do ...@@ -37,5 +37,6 @@ describe 'help/index' do
def stub_helpers def stub_helpers
allow(view).to receive(:markdown).and_return('') allow(view).to receive(:markdown).and_return('')
allow(view).to receive(:version_status_badge).and_return('') allow(view).to receive(:version_status_badge).and_return('')
allow(view).to receive(:current_application_settings).and_return(Gitlab::CurrentSettings.current_application_settings)
end end
end end
require 'spec_helper' require 'spec_helper'
describe 'layouts/_head' do describe 'layouts/_head' do
before do
allow(view).to receive(:current_application_settings).and_return(Gitlab::CurrentSettings.current_application_settings)
end
it 'escapes HTML-safe strings in page_title' do it 'escapes HTML-safe strings in page_title' do
stub_helper_with_safe_string(:page_title) stub_helper_with_safe_string(:page_title)
......
require 'spec_helper' require 'spec_helper'
describe 'projects/commits/_commit.html.haml' do describe 'projects/commits/_commit.html.haml' do
before do
allow(view).to receive(:current_application_settings).and_return(Gitlab::CurrentSettings.current_application_settings)
end
context 'with a singed commit' do context 'with a singed commit' do
let(:project) { create(:project, :repository) } let(:project) { create(:project, :repository) }
let(:repository) { project.repository } let(:repository) { project.repository }
......
...@@ -10,7 +10,9 @@ describe 'projects/edit' do ...@@ -10,7 +10,9 @@ describe 'projects/edit' do
assign(:project, project) assign(:project, project)
allow(controller).to receive(:current_user).and_return(user) allow(controller).to receive(:current_user).and_return(user)
allow(view).to receive_messages(current_user: user, can?: true) allow(view).to receive_messages(current_user: user,
can?: true,
current_application_settings: Gitlab::CurrentSettings.current_application_settings)
end end
context 'LFS enabled setting' do context 'LFS enabled setting' do
......
...@@ -14,6 +14,7 @@ describe 'projects/merge_requests/creations/_new_submit.html.haml' do ...@@ -14,6 +14,7 @@ describe 'projects/merge_requests/creations/_new_submit.html.haml' do
allow(view).to receive(:can?).and_return(true) allow(view).to receive(:can?).and_return(true)
allow(view).to receive(:url_for).and_return('#') allow(view).to receive(:url_for).and_return('#')
allow(view).to receive(:current_user).and_return(merge_request.author) allow(view).to receive(:current_user).and_return(merge_request.author)
allow(view).to receive(:current_application_settings).and_return(Gitlab::CurrentSettings.current_application_settings)
end end
context 'when there are pipelines for merge request but no pipeline for last commit' do context 'when there are pipelines for merge request but no pipeline for last commit' do
......
...@@ -25,7 +25,9 @@ describe 'projects/merge_requests/show.html.haml' do ...@@ -25,7 +25,9 @@ describe 'projects/merge_requests/show.html.haml' do
assign(:notes, []) assign(:notes, [])
assign(:pipelines, Ci::Pipeline.none) assign(:pipelines, Ci::Pipeline.none)
allow(view).to receive_messages(current_user: user, can?: true) allow(view).to receive_messages(current_user: user,
can?: true,
current_application_settings: Gitlab::CurrentSettings.current_application_settings)
end end
context 'when the merge request is closed' do context 'when the merge request is closed' do
......
...@@ -12,6 +12,7 @@ describe 'projects/tree/show' do ...@@ -12,6 +12,7 @@ describe 'projects/tree/show' do
allow(view).to receive(:can?).and_return(true) allow(view).to receive(:can?).and_return(true)
allow(view).to receive(:can_collaborate_with_project?).and_return(true) allow(view).to receive(:can_collaborate_with_project?).and_return(true)
allow(view).to receive(:current_application_settings).and_return(Gitlab::CurrentSettings.current_application_settings)
end end
context 'for branch names ending on .json' do context 'for branch names ending on .json' do
......
...@@ -3,6 +3,10 @@ require 'spec_helper' ...@@ -3,6 +3,10 @@ require 'spec_helper'
describe 'shared/projects/_project.html.haml' do describe 'shared/projects/_project.html.haml' do
let(:project) { create(:project) } let(:project) { create(:project) }
before do
allow(view).to receive(:current_application_settings).and_return(Gitlab::CurrentSettings.current_application_settings)
end
it 'should render creator avatar if project has a creator' do it 'should render creator avatar if project has a creator' do
render 'shared/projects/project', use_creator_avatar: true, project: project render 'shared/projects/project', use_creator_avatar: true, project: project
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment