Commit 648f38cd authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'fix-restricted-visibility' into 'master'

Restricted visibility levels - bug fix and new feature

This allows admin users to override restricted visibility settings when creating and updating projects and snippets, and moves the restricted visibility configuration from gitlab.yml to the web UI.  See #1903.

## Move configuration location

I added a new section to the application settings page for restricted visibility levels.  Each level has a checkbox, styled with Bootstrap to look like a toggle button.  A checked box means that the level is restricted.  I added a glowing text shadow and changed the background color for checked buttons because the default styles made it hard to distinguish between checked and unchecked.  This image shows the new section with the "Public" box checked:

![restricted_visibility_settings](https://dev.gitlab.org/Okada/gitlabhq/uploads/629562e4313f89b795e81c3bb0f95893/restricted_visibility_settings.png)

## Allow admins to override

To allow admin users to override the restricted visibility levels, I had to remove the `visibility_level` validation from the `Project` class.  The model doesn't know about the `current_user`, which should determine whether the restrictions can be overridden.  We could use the creator in the validation, but that wouldn't work correctly for projects where a non-admin user is the creator and an admin tries to change the project to a restricted visibility level.

The `Project::UpdateService` and `Project::CreateService` classes already had code to determine whether the current user is allowed to use a given visibility level; now all visibility level validation is done in those classes.  Currently, when a non-admin tries to create or update a project using a restricted level, these classes silently set the visibility level to the global default (create) or the project's existing value (update).  I changed this behavior to be more like an Active Model validation, where using a restricted level causes the entire request to be rejected.

Project and personal snippets didn't have service classes, and restricted visibility levels weren't being enforced in the model or the controllers.  The UI disabled radio buttons for restricted levels, but that wouldn't be difficult to circumvent.  I created the `CreateSnippetService` and `UpdateSnippetService` classes to do the same restricted visibility check that the project classes do.  And since I was dealing with snippet visibility levels, I updated the API endpoints for project snippets to allow users to set and update the visibility level.

## TODO

* [x] Add more tests for restricted visibility functionality

cc @sytse @dzaporozhets

See merge request !1655
parents 7b178bc7 ad0ca049
...@@ -17,6 +17,8 @@ v 7.9.0 (unreleased) ...@@ -17,6 +17,8 @@ v 7.9.0 (unreleased)
- Improve error messages for file edit failures - Improve error messages for file edit failures
- Improve UI for commits, issues and merge request lists - Improve UI for commits, issues and merge request lists
- Fix commit comments on first line of diff not rendering in Merge Request Discussion view. - Fix commit comments on first line of diff not rendering in Merge Request Discussion view.
- Allow admins to override restricted project visibility settings.
- Move restricted visibility settings from gitlab.yml into the web UI.
- Improve trigger merge request hook when source project branch has been updated (Kirill Zaitsev) - Improve trigger merge request hook when source project branch has been updated (Kirill Zaitsev)
- Save web edit in new branch - Save web edit in new branch
- Fix ordering of imported but unchanged projects (Marco Wessel) - Fix ordering of imported but unchanged projects (Marco Wessel)
......
...@@ -97,3 +97,8 @@ label { ...@@ -97,3 +97,8 @@ label {
.wiki-content { .wiki-content {
margin-top: 35px; margin-top: 35px;
} }
.btn-group .btn.active {
text-shadow: 0 0 0.2em #D9534F, 0 0 0.2em #D9534F, 0 0 0.2em #D9534F;
background-color: #5487bf;
}
...@@ -20,6 +20,13 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController ...@@ -20,6 +20,13 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
end end
def application_setting_params def application_setting_params
restricted_levels = params[:application_setting][:restricted_visibility_levels]
unless restricted_levels.nil?
restricted_levels.map! do |level|
level.to_i
end
end
params.require(:application_setting).permit( params.require(:application_setting).permit(
:default_projects_limit, :default_projects_limit,
:default_branch_protection, :default_branch_protection,
...@@ -28,7 +35,8 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController ...@@ -28,7 +35,8 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
:gravatar_enabled, :gravatar_enabled,
:twitter_sharing_enabled, :twitter_sharing_enabled,
:sign_in_text, :sign_in_text,
:home_page_url :home_page_url,
restricted_visibility_levels: []
) )
end end
end end
...@@ -28,26 +28,22 @@ class Projects::SnippetsController < Projects::ApplicationController ...@@ -28,26 +28,22 @@ class Projects::SnippetsController < Projects::ApplicationController
end end
def create def create
@snippet = @project.snippets.build(snippet_params) @snippet = CreateSnippetService.new(@project, current_user,
@snippet.author = current_user snippet_params).execute
respond_with(@snippet,
if @snippet.save location: namespace_project_snippet_path(@project.namespace,
redirect_to namespace_project_snippet_path(@project.namespace, @project, @project, @snippet))
@snippet)
else
respond_with(@snippet)
end
end end
def edit def edit
end end
def update def update
if @snippet.update_attributes(snippet_params) UpdateSnippetService.new(project, current_user, @snippet,
redirect_to namespace_project_snippet_path(@project.namespace, @project, @snippet) snippet_params).execute
else respond_with(@snippet,
respond_with(@snippet) location: namespace_project_snippet_path(@project.namespace,
end @project, @snippet))
end end
def show def show
......
...@@ -42,25 +42,19 @@ class SnippetsController < ApplicationController ...@@ -42,25 +42,19 @@ class SnippetsController < ApplicationController
end end
def create def create
@snippet = PersonalSnippet.new(snippet_params) @snippet = CreateSnippetService.new(nil, current_user,
@snippet.author = current_user snippet_params).execute
if @snippet.save respond_with @snippet.becomes(Snippet)
redirect_to snippet_path(@snippet)
else
respond_with @snippet
end
end end
def edit def edit
end end
def update def update
if @snippet.update_attributes(snippet_params) UpdateSnippetService.new(nil, current_user, @snippet,
redirect_to snippet_path(@snippet) snippet_params).execute
else respond_with @snippet.becomes(Snippet)
respond_with @snippet
end
end end
def show def show
......
...@@ -18,4 +18,21 @@ module ApplicationSettingsHelper ...@@ -18,4 +18,21 @@ module ApplicationSettingsHelper
def extra_sign_in_text def extra_sign_in_text
current_application_settings.sign_in_text current_application_settings.sign_in_text
end end
# Return a group of checkboxes that use Bootstrap's button plugin for a
# toggle button effect.
def restricted_level_checkboxes(help_block_id)
Gitlab::VisibilityLevel.options.map do |name, level|
checked = restricted_visibility_levels(true).include?(level)
css_class = 'btn btn-primary'
css_class += ' active' if checked
checkbox_name = 'application_setting[restricted_visibility_levels][]'
label_tag(checkbox_name, class: css_class) do
check_box_tag(checkbox_name, level, checked,
autocomplete: 'off',
'aria-describedby' => help_block_id) + name
end
end
end
end end
...@@ -45,7 +45,8 @@ module GitlabRoutingHelper ...@@ -45,7 +45,8 @@ module GitlabRoutingHelper
namespace_project_merge_request_url(entity.project.namespace, entity.project, entity, *args) namespace_project_merge_request_url(entity.project.namespace, entity.project, entity, *args)
end end
def snippet_url(entity, *args) def project_snippet_url(entity, *args)
namespace_project_snippet_url(entity.project.namespace, entity.project, entity, *args) namespace_project_snippet_url(entity.project.namespace, entity.project, entity, *args)
end end
end end
...@@ -60,7 +60,8 @@ module VisibilityLevelHelper ...@@ -60,7 +60,8 @@ module VisibilityLevelHelper
Project.visibility_levels.key(level) Project.visibility_levels.key(level)
end end
def restricted_visibility_levels def restricted_visibility_levels(show_all = false)
current_user.is_admin? ? [] : gitlab_config.restricted_visibility_levels return [] if current_user.is_admin? && !show_all
current_application_settings.restricted_visibility_levels
end end
end end
...@@ -225,13 +225,15 @@ class Ability ...@@ -225,13 +225,15 @@ class Ability
[:issue, :note, :project_snippet, :personal_snippet, :merge_request].each do |name| [:issue, :note, :project_snippet, :personal_snippet, :merge_request].each do |name|
define_method "#{name}_abilities" do |user, subject| define_method "#{name}_abilities" do |user, subject|
if subject.author == user if subject.author == user || user.is_admin?
[ rules = [
:"read_#{name}", :"read_#{name}",
:"write_#{name}", :"write_#{name}",
:"modify_#{name}", :"modify_#{name}",
:"admin_#{name}" :"admin_#{name}"
] ]
rules.push(:change_visibility_level) if subject.is_a?(Snippet)
rules
elsif subject.respond_to?(:assignee) && subject.assignee == user elsif subject.respond_to?(:assignee) && subject.assignee == user
[ [
:"read_#{name}", :"read_#{name}",
......
...@@ -4,23 +4,36 @@ ...@@ -4,23 +4,36 @@
# #
# id :integer not null, primary key # id :integer not null, primary key
# default_projects_limit :integer # default_projects_limit :integer
# default_branch_protection :integer
# signup_enabled :boolean # signup_enabled :boolean
# signin_enabled :boolean # signin_enabled :boolean
# gravatar_enabled :boolean # gravatar_enabled :boolean
# twitter_sharing_enabled :boolean
# sign_in_text :text # sign_in_text :text
# created_at :datetime # created_at :datetime
# updated_at :datetime # updated_at :datetime
# home_page_url :string(255) # home_page_url :string(255)
# default_branch_protection :integer default(2) # default_branch_protection :integer default(2)
# twitter_sharing_enabled :boolean default(TRUE) # twitter_sharing_enabled :boolean default(TRUE)
# restricted_visibility_levels :text
# #
class ApplicationSetting < ActiveRecord::Base class ApplicationSetting < ActiveRecord::Base
serialize :restricted_visibility_levels
validates :home_page_url, validates :home_page_url,
allow_blank: true, allow_blank: true,
format: { with: URI::regexp(%w(http https)), message: "should be a valid url" }, format: { with: URI::regexp(%w(http https)), message: "should be a valid url" },
if: :home_page_url_column_exist if: :home_page_url_column_exist
validates_each :restricted_visibility_levels do |record, attr, value|
value.each do |level|
unless Gitlab::VisibilityLevel.options.has_value?(level)
record.errors.add(attr, "'#{level}' is not a valid visibility level")
end
end
end
def self.current def self.current
ApplicationSetting.last ApplicationSetting.last
end end
...@@ -34,6 +47,7 @@ class ApplicationSetting < ActiveRecord::Base ...@@ -34,6 +47,7 @@ class ApplicationSetting < ActiveRecord::Base
twitter_sharing_enabled: Settings.gitlab['twitter_sharing_enabled'], twitter_sharing_enabled: Settings.gitlab['twitter_sharing_enabled'],
gravatar_enabled: Settings.gravatar['enabled'], gravatar_enabled: Settings.gravatar['enabled'],
sign_in_text: Settings.extra['sign_in_text'], sign_in_text: Settings.extra['sign_in_text'],
restricted_visibility_levels: Settings.gitlab['restricted_visibility_levels']
) )
end end
......
...@@ -131,9 +131,6 @@ class Project < ActiveRecord::Base ...@@ -131,9 +131,6 @@ class Project < ActiveRecord::Base
message: Gitlab::Regex.path_regex_message } message: Gitlab::Regex.path_regex_message }
validates :issues_enabled, :merge_requests_enabled, validates :issues_enabled, :merge_requests_enabled,
:wiki_enabled, inclusion: { in: [true, false] } :wiki_enabled, inclusion: { in: [true, false] }
validates :visibility_level,
exclusion: { in: gitlab_config.restricted_visibility_levels },
if: -> { gitlab_config.restricted_visibility_levels.any? }
validates :issues_tracker_id, length: { maximum: 255 }, allow_blank: true validates :issues_tracker_id, length: { maximum: 255 }, allow_blank: true
validates :namespace, presence: true validates :namespace, presence: true
validates_uniqueness_of :name, scope: :namespace_id validates_uniqueness_of :name, scope: :namespace_id
......
...@@ -31,8 +31,19 @@ class BaseService ...@@ -31,8 +31,19 @@ class BaseService
SystemHooksService.new SystemHooksService.new
end end
def current_application_settings # Add an error to the specified model for restricted visibility levels
ApplicationSetting.current def deny_visibility_level(model, denied_visibility_level = nil)
denied_visibility_level ||= model.visibility_level
level_name = 'Unknown'
Gitlab::VisibilityLevel.options.each do |name, level|
level_name = name if level == denied_visibility_level
end
model.errors.add(
:visibility_level,
"#{level_name} visibility has been restricted by your GitLab administrator"
)
end end
private private
......
class CreateSnippetService < BaseService
def execute
if project.nil?
snippet = PersonalSnippet.new(params)
else
snippet = project.snippets.build(params)
end
unless Gitlab::VisibilityLevel.allowed_for?(current_user,
params[:visibility_level])
deny_visibility_level(snippet)
return snippet
end
snippet.author = current_user
snippet.save
snippet
end
end
...@@ -7,9 +7,12 @@ module Projects ...@@ -7,9 +7,12 @@ module Projects
def execute def execute
@project = Project.new(params) @project = Project.new(params)
# Reset visibility level if is not allowed to set it # Make sure that the user is allowed to use the specified visibility
unless Gitlab::VisibilityLevel.allowed_for?(current_user, params[:visibility_level]) # level
@project.visibility_level = default_features.visibility_level unless Gitlab::VisibilityLevel.allowed_for?(current_user,
params[:visibility_level])
deny_visibility_level(@project)
return @project
end end
# Set project name from path # Set project name from path
......
...@@ -2,8 +2,13 @@ module Projects ...@@ -2,8 +2,13 @@ module Projects
class UpdateService < BaseService class UpdateService < BaseService
def execute def execute
# check that user is allowed to set specified visibility_level # check that user is allowed to set specified visibility_level
unless can?(current_user, :change_visibility_level, project) && Gitlab::VisibilityLevel.allowed_for?(current_user, params[:visibility_level]) new_visibility = params[:visibility_level]
params[:visibility_level] = project.visibility_level if new_visibility && new_visibility.to_i != project.visibility_level
unless can?(current_user, :change_visibility_level, project) &&
Gitlab::VisibilityLevel.allowed_for?(current_user, new_visibility)
deny_visibility_level(project, new_visibility)
return project
end
end end
new_branch = params[:default_branch] new_branch = params[:default_branch]
......
class UpdateSnippetService < BaseService
attr_accessor :snippet
def initialize(project, user, snippet, params)
super(project, user, params)
@snippet = snippet
end
def execute
# check that user is allowed to set specified visibility_level
new_visibility = params[:visibility_level]
if new_visibility && new_visibility.to_i != snippet.visibility_level
unless can?(current_user, :change_visibility_level, snippet) &&
Gitlab::VisibilityLevel.allowed_for?(current_user, new_visibility)
deny_visibility_level(snippet, new_visibility)
return snippet
end
end
snippet.update_attributes(params)
end
end
...@@ -42,6 +42,14 @@ ...@@ -42,6 +42,14 @@
= f.label :default_branch_protection, class: 'control-label col-sm-2' = f.label :default_branch_protection, class: 'control-label col-sm-2'
.col-sm-10 .col-sm-10
= f.select :default_branch_protection, options_for_select(Gitlab::Access.protection_options, @application_setting.default_branch_protection), {}, class: 'form-control' = f.select :default_branch_protection, options_for_select(Gitlab::Access.protection_options, @application_setting.default_branch_protection), {}, class: 'form-control'
.form-group
= f.label :restricted_visibility_levels, class: 'control-label col-sm-2'
.col-sm-10
- data_attrs = { toggle: 'buttons' }
.btn-group{ data: data_attrs }
- restricted_level_checkboxes('restricted-visibility-help').each do |level|
= level
%span.help-block#restricted-visibility-help Selected levels cannot be used by non-admin users for projects or snippets
.form-group .form-group
= f.label :home_page_url, class: 'control-label col-sm-2' = f.label :home_page_url, class: 'control-label col-sm-2'
.col-sm-10 .col-sm-10
......
...@@ -57,10 +57,6 @@ production: &base ...@@ -57,10 +57,6 @@ production: &base
## COLOR = 5 ## COLOR = 5
# default_theme: 2 # default: 2 # default_theme: 2 # default: 2
# Restrict setting visibility levels for non-admin users.
# The default is to allow all levels.
# restricted_visibility_levels: [ "public" ]
## Automatic issue closing ## Automatic issue closing
# If a commit message matches this regular expression, all issues referenced from the matched text will be closed. # If a commit message matches this regular expression, all issues referenced from the matched text will be closed.
# This happens when the commit is pushed or merged into the default branch of a project. # This happens when the commit is pushed or merged into the default branch of a project.
......
class AddRestrictedVisibilityLevelsToApplicationSettings < ActiveRecord::Migration
def change
add_column :application_settings, :restricted_visibility_levels, :text
end
end
...@@ -27,6 +27,7 @@ ActiveRecord::Schema.define(version: 20150306023112) do ...@@ -27,6 +27,7 @@ ActiveRecord::Schema.define(version: 20150306023112) do
t.string "home_page_url" t.string "home_page_url"
t.integer "default_branch_protection", default: 2 t.integer "default_branch_protection", default: 2
t.boolean "twitter_sharing_enabled", default: true t.boolean "twitter_sharing_enabled", default: true
t.text "restricted_visibility_levels"
end end
create_table "broadcast_messages", force: true do |t| create_table "broadcast_messages", force: true do |t|
......
...@@ -41,4 +41,4 @@ When visiting the public page of an user, you will only see listed projects whic ...@@ -41,4 +41,4 @@ When visiting the public page of an user, you will only see listed projects whic
## Restricting the use of public or internal projects ## Restricting the use of public or internal projects
In [gitlab.yml](https://gitlab.com/gitlab-org/gitlab-ce/blob/dbd88d453b8e6c78a423fa7e692004b1db6ea069/config/gitlab.yml.example#L64) you can disable public projects or public and internal projects for the entire GitLab installation to prevent people making code public by accident. In [gitlab.yml](https://gitlab.com/gitlab-org/gitlab-ce/blob/dbd88d453b8e6c78a423fa7e692004b1db6ea069/config/gitlab.yml.example#L64) you can disable public projects or public and internal projects for the entire GitLab installation to prevent people making code public by accident. The restricted visibility settings do not apply to admin users.
...@@ -207,7 +207,7 @@ module API ...@@ -207,7 +207,7 @@ module API
end end
def render_validation_error!(model) def render_validation_error!(model)
unless model.valid? if model.errors.any?
render_api_error!(model.errors.messages || '400 Bad Request', 400) render_api_error!(model.errors.messages || '400 Bad Request', 400)
end end
end end
......
...@@ -42,21 +42,22 @@ module API ...@@ -42,21 +42,22 @@ module API
# title (required) - The title of a snippet # title (required) - The title of a snippet
# file_name (required) - The name of a snippet file # file_name (required) - The name of a snippet file
# code (required) - The content of a snippet # code (required) - The content of a snippet
# visibility_level (required) - The snippet's visibility
# Example Request: # Example Request:
# POST /projects/:id/snippets # POST /projects/:id/snippets
post ":id/snippets" do post ":id/snippets" do
authorize! :write_project_snippet, user_project authorize! :write_project_snippet, user_project
required_attributes! [:title, :file_name, :code] required_attributes! [:title, :file_name, :code, :visibility_level]
attrs = attributes_for_keys [:title, :file_name] attrs = attributes_for_keys [:title, :file_name, :visibility_level]
attrs[:content] = params[:code] if params[:code].present? attrs[:content] = params[:code] if params[:code].present?
@snippet = user_project.snippets.new attrs @snippet = CreateSnippetService.new(user_project, current_user,
@snippet.author = current_user attrs).execute
if @snippet.save if @snippet.errors.any?
present @snippet, with: Entities::ProjectSnippet
else
render_validation_error!(@snippet) render_validation_error!(@snippet)
else
present @snippet, with: Entities::ProjectSnippet
end end
end end
...@@ -68,19 +69,22 @@ module API ...@@ -68,19 +69,22 @@ module API
# title (optional) - The title of a snippet # title (optional) - The title of a snippet
# file_name (optional) - The name of a snippet file # file_name (optional) - The name of a snippet file
# code (optional) - The content of a snippet # code (optional) - The content of a snippet
# visibility_level (optional) - The snippet's visibility
# Example Request: # Example Request:
# PUT /projects/:id/snippets/:snippet_id # PUT /projects/:id/snippets/:snippet_id
put ":id/snippets/:snippet_id" do put ":id/snippets/:snippet_id" do
@snippet = user_project.snippets.find(params[:snippet_id]) @snippet = user_project.snippets.find(params[:snippet_id])
authorize! :modify_project_snippet, @snippet authorize! :modify_project_snippet, @snippet
attrs = attributes_for_keys [:title, :file_name] attrs = attributes_for_keys [:title, :file_name, :visibility_level]
attrs[:content] = params[:code] if params[:code].present? attrs[:content] = params[:code] if params[:code].present?
if @snippet.update_attributes attrs UpdateSnippetService.new(user_project, current_user, @snippet,
present @snippet, with: Entities::ProjectSnippet attrs).execute
else if @snippet.errors.any?
render_validation_error!(@snippet) render_validation_error!(@snippet)
else
present @snippet, with: Entities::ProjectSnippet
end end
end end
......
...@@ -233,10 +233,10 @@ module API ...@@ -233,10 +233,10 @@ module API
::Projects::UpdateService.new(user_project, ::Projects::UpdateService.new(user_project,
current_user, attrs).execute current_user, attrs).execute
if user_project.valid? if user_project.errors.any?
present user_project, with: Entities::Project
else
render_validation_error!(user_project) render_validation_error!(user_project)
else
present user_project, with: Entities::Project
end end
end end
......
...@@ -5,8 +5,7 @@ module Gitlab ...@@ -5,8 +5,7 @@ module Gitlab
RequestStore.store[key] ||= begin RequestStore.store[key] ||= begin
if ActiveRecord::Base.connected? && ActiveRecord::Base.connection.table_exists?('application_settings') if ActiveRecord::Base.connected? && ActiveRecord::Base.connection.table_exists?('application_settings')
RequestStore.store[:current_application_settings] = ApplicationSetting.current || ApplicationSetting.create_from_defaults
(ApplicationSetting.current || ApplicationSetting.create_from_defaults)
else else
fake_application_settings fake_application_settings
end end
...@@ -21,6 +20,7 @@ module Gitlab ...@@ -21,6 +20,7 @@ module Gitlab
signin_enabled: Settings.gitlab['signin_enabled'], signin_enabled: Settings.gitlab['signin_enabled'],
gravatar_enabled: Settings.gravatar['enabled'], gravatar_enabled: Settings.gravatar['enabled'],
sign_in_text: Settings.extra['sign_in_text'], sign_in_text: Settings.extra['sign_in_text'],
restricted_visibility_levels: Settings.gitlab['restricted_visibility_levels']
) )
end end
end end
......
...@@ -51,7 +51,7 @@ module Gitlab ...@@ -51,7 +51,7 @@ module Gitlab
anchor: "note_#{note.id}") anchor: "note_#{note.id}")
elsif note.for_project_snippet? elsif note.for_project_snippet?
snippet = Snippet.find(note.noteable_id) snippet = Snippet.find(note.noteable_id)
snippet_url(snippet, project_snippet_url(snippet,
host: Gitlab.config.gitlab['url'], host: Gitlab.config.gitlab['url'],
anchor: "note_#{note.id}") anchor: "note_#{note.id}")
end end
......
...@@ -5,6 +5,8 @@ ...@@ -5,6 +5,8 @@
# #
module Gitlab module Gitlab
module VisibilityLevel module VisibilityLevel
extend CurrentSettings
PRIVATE = 0 unless const_defined?(:PRIVATE) PRIVATE = 0 unless const_defined?(:PRIVATE)
INTERNAL = 10 unless const_defined?(:INTERNAL) INTERNAL = 10 unless const_defined?(:INTERNAL)
PUBLIC = 20 unless const_defined?(:PUBLIC) PUBLIC = 20 unless const_defined?(:PUBLIC)
...@@ -23,21 +25,21 @@ module Gitlab ...@@ -23,21 +25,21 @@ module Gitlab
end end
def allowed_for?(user, level) def allowed_for?(user, level)
user.is_admin? || allowed_level?(level) user.is_admin? || allowed_level?(level.to_i)
end end
# Level can be a string `"public"` or a value `20`, first check if valid, # Return true if the specified level is allowed for the current user.
# then check if the corresponding string appears in the config # Level should be a numeric value, e.g. `20`.
def allowed_level?(level) def allowed_level?(level)
if options.has_key?(level.to_s) valid_level?(level) && non_restricted_level?(level)
non_restricted_level?(level)
elsif options.has_value?(level.to_i)
non_restricted_level?(options.key(level.to_i).downcase)
end
end end
def non_restricted_level?(level) def non_restricted_level?(level)
! Gitlab.config.gitlab.restricted_visibility_levels.include?(level) ! current_application_settings.restricted_visibility_levels.include?(level)
end
def valid_level?(level)
options.has_value?(level)
end end
end end
......
...@@ -4,6 +4,7 @@ ...@@ -4,6 +4,7 @@
# #
# id :integer not null, primary key # id :integer not null, primary key
# default_projects_limit :integer # default_projects_limit :integer
# default_branch_protection :integer
# signup_enabled :boolean # signup_enabled :boolean
# signin_enabled :boolean # signin_enabled :boolean
# gravatar_enabled :boolean # gravatar_enabled :boolean
...@@ -13,6 +14,7 @@ ...@@ -13,6 +14,7 @@
# home_page_url :string(255) # home_page_url :string(255)
# default_branch_protection :integer default(2) # default_branch_protection :integer default(2)
# twitter_sharing_enabled :boolean default(TRUE) # twitter_sharing_enabled :boolean default(TRUE)
# restricted_visibility_levels :text
# #
require 'spec_helper' require 'spec_helper'
......
...@@ -3,6 +3,7 @@ require 'spec_helper' ...@@ -3,6 +3,7 @@ require 'spec_helper'
describe API::API, api: true do describe API::API, api: true do
include ApiHelpers include ApiHelpers
include Gitlab::CurrentSettings
let(:user) { create(:user) } let(:user) { create(:user) }
let(:user2) { create(:user) } let(:user2) { create(:user) }
let(:user3) { create(:user) } let(:user3) { create(:user) }
...@@ -202,6 +203,31 @@ describe API::API, api: true do ...@@ -202,6 +203,31 @@ describe API::API, api: true do
expect(json_response['public']).to be_falsey expect(json_response['public']).to be_falsey
expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PRIVATE) expect(json_response['visibility_level']).to eq(Gitlab::VisibilityLevel::PRIVATE)
end end
context 'when a visibility level is restricted' do
before do
@project = attributes_for(:project, { public: true })
allow_any_instance_of(ApplicationSetting).to(
receive(:restricted_visibility_levels).and_return([20])
)
end
it 'should not allow a non-admin to use a restricted visibility level' do
post api('/projects', user), @project
expect(response.status).to eq(400)
expect(json_response['message']['visibility_level'].first).to(
match('restricted by your GitLab administrator')
)
end
it 'should allow an admin to override restricted visibility settings' do
post api('/projects', admin), @project
expect(json_response['public']).to be_truthy
expect(json_response['visibility_level']).to(
eq(Gitlab::VisibilityLevel::PUBLIC)
)
end
end
end end
describe 'POST /projects/user/:id' do describe 'POST /projects/user/:id' do
...@@ -399,7 +425,8 @@ describe API::API, api: true do ...@@ -399,7 +425,8 @@ describe API::API, api: true do
describe 'POST /projects/:id/snippets' do describe 'POST /projects/:id/snippets' do
it 'should create a new project snippet' do it 'should create a new project snippet' do
post api("/projects/#{project.id}/snippets", user), post api("/projects/#{project.id}/snippets", user),
title: 'api test', file_name: 'sample.rb', code: 'test' title: 'api test', file_name: 'sample.rb', code: 'test',
visibility_level: '0'
expect(response.status).to eq(201) expect(response.status).to eq(201)
expect(json_response['title']).to eq('api test') expect(json_response['title']).to eq('api test')
end end
......
require 'spec_helper'
describe CreateSnippetService do
before do
@user = create :user
@admin = create :user, admin: true
@opts = {
title: 'Test snippet',
file_name: 'snippet.rb',
content: 'puts "hello world"',
visibility_level: Gitlab::VisibilityLevel::PRIVATE
}
end
context 'When public visibility is restricted' do
before do
allow_any_instance_of(ApplicationSetting).to(
receive(:restricted_visibility_levels).and_return(
[Gitlab::VisibilityLevel::PUBLIC]
)
)
@opts.merge!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
end
it 'non-admins should not be able to create a public snippet' do
snippet = create_snippet(nil, @user, @opts)
expect(snippet.errors.messages).to have_key(:visibility_level)
expect(snippet.errors.messages[:visibility_level].first).to(
match('Public visibility has been restricted')
)
end
it 'admins should be able to create a public snippet' do
snippet = create_snippet(nil, @admin, @opts)
expect(snippet.errors.any?).to be_falsey
expect(snippet.visibility_level).to eq(Gitlab::VisibilityLevel::PUBLIC)
end
end
def create_snippet(project, user, opts)
CreateSnippetService.new(project, user, opts).execute
end
end
...@@ -55,6 +55,33 @@ describe Projects::CreateService do ...@@ -55,6 +55,33 @@ describe Projects::CreateService do
it { expect(File.exists?(@path)).to be_falsey } it { expect(File.exists?(@path)).to be_falsey }
end end
end end
context 'restricted visibility level' do
before do
allow_any_instance_of(ApplicationSetting).to(
receive(:restricted_visibility_levels).and_return([20])
)
@opts.merge!(
visibility_level: Gitlab::VisibilityLevel.options['Public']
)
end
it 'should not allow a restricted visibility level for non-admins' do
project = create_project(@user, @opts)
expect(project).to respond_to(:errors)
expect(project.errors.messages).to have_key(:visibility_level)
expect(project.errors.messages[:visibility_level].first).to(
match('restricted by your GitLab administrator')
)
end
it 'should allow a restricted visibility level for admins' do
project = create_project(@admin, @opts)
expect(project.errors.any?).to be(false)
expect(project.saved?).to be(true)
end
end
end end
def create_project(user, opts) def create_project(user, opts)
......
...@@ -47,9 +47,9 @@ describe Projects::UpdateService do ...@@ -47,9 +47,9 @@ describe Projects::UpdateService do
context 'respect configured visibility restrictions setting' do context 'respect configured visibility restrictions setting' do
before(:each) do before(:each) do
@restrictions = double("restrictions") allow_any_instance_of(ApplicationSetting).to(
allow(@restrictions).to receive(:restricted_visibility_levels) { [ "public" ] } receive(:restricted_visibility_levels).and_return([20])
Settings.stub_chain(:gitlab).and_return(@restrictions) )
end end
context 'should be private when updated to private' do context 'should be private when updated to private' do
......
require 'spec_helper'
describe UpdateSnippetService do
before do
@user = create :user
@admin = create :user, admin: true
@opts = {
title: 'Test snippet',
file_name: 'snippet.rb',
content: 'puts "hello world"',
visibility_level: Gitlab::VisibilityLevel::PRIVATE
}
end
context 'When public visibility is restricted' do
before do
allow_any_instance_of(ApplicationSetting).to(
receive(:restricted_visibility_levels).and_return(
[Gitlab::VisibilityLevel::PUBLIC]
)
)
@snippet = create_snippet(@project, @user, @opts)
@opts.merge!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
end
it 'non-admins should not be able to update to public visibility' do
old_visibility = @snippet.visibility_level
update_snippet(@project, @user, @snippet, @opts)
expect(@snippet.errors.messages).to have_key(:visibility_level)
expect(@snippet.errors.messages[:visibility_level].first).to(
match('Public visibility has been restricted')
)
expect(@snippet.visibility_level).to eq(old_visibility)
end
it 'admins should be able to update to pubic visibility' do
old_visibility = @snippet.visibility_level
update_snippet(@project, @admin, @snippet, @opts)
expect(@snippet.visibility_level).not_to eq(old_visibility)
expect(@snippet.visibility_level).to eq(Gitlab::VisibilityLevel::PUBLIC)
end
end
def create_snippet(project, user, opts)
CreateSnippetService.new(project, user, opts).execute
end
def update_snippet(project = nil, user, snippet, opts)
UpdateSnippetService.new(project, user, snippet, opts).execute
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment