Commit bb4fcb78 authored by Lin Jen-Shin's avatar Lin Jen-Shin

Move constants and update for feedback

parent 6c5a7d53
module Gitlab module Gitlab
module Middleware module Middleware
class ReadOnly class ReadOnly
DISALLOWED_METHODS = %w(POST PATCH PUT DELETE).freeze
APPLICATION_JSON = 'application/json'.freeze
API_VERSIONS = (3..4) API_VERSIONS = (3..4)
def self.internal_routes def self.internal_routes
......
...@@ -2,6 +2,10 @@ module Gitlab ...@@ -2,6 +2,10 @@ module Gitlab
module Middleware module Middleware
class ReadOnly class ReadOnly
class Controller class Controller
DISALLOWED_METHODS = %w(POST PATCH PUT DELETE).freeze
APPLICATION_JSON = 'application/json'.freeze
ERROR_MESSAGE = 'You cannot perform write operations on a read-only instance'.freeze
def initialize(app, env) def initialize(app, env)
@app = app @app = app
@env = env @env = env
...@@ -10,12 +14,11 @@ module Gitlab ...@@ -10,12 +14,11 @@ module Gitlab
def call def call
if disallowed_request? && Gitlab::Database.read_only? if disallowed_request? && Gitlab::Database.read_only?
Rails.logger.debug('GitLab ReadOnly: preventing possible non read-only operation') Rails.logger.debug('GitLab ReadOnly: preventing possible non read-only operation')
error_message = 'You cannot do writing operations on a read-only GitLab instance'
if json_request? if json_request?
return [403, { 'Content-Type' => 'application/json' }, [{ 'message' => error_message }.to_json]] return [403, { 'Content-Type' => APPLICATION_JSON }, [{ 'message' => ERROR_MESSAGE }.to_json]]
else else
rack_flash.alert = error_message rack_flash.alert = ERROR_MESSAGE
rack_session['flash'] = rack_flash.to_session_value rack_session['flash'] = rack_flash.to_session_value
return [301, { 'Location' => last_visited_url }, []] return [301, { 'Location' => last_visited_url }, []]
......
...@@ -14,14 +14,14 @@ describe Gitlab::Middleware::ReadOnly do ...@@ -14,14 +14,14 @@ describe Gitlab::Middleware::ReadOnly do
alert = middleware.env['rack.session'].to_hash alert = middleware.env['rack.session'].to_hash
.dig('flash', 'flashes', 'alert') .dig('flash', 'flashes', 'alert')
alert&.include?('You cannot do writing operations') alert&.include?('You cannot perform write operations')
end end
end end
RSpec::Matchers.define :disallow_request_in_json do RSpec::Matchers.define :disallow_request_in_json do
match do |response| match do |response|
json_response = JSON.parse(response.body) json_response = JSON.parse(response.body)
response.body.include?('You cannot do writing operations') && json_response.key?('message') response.body.include?('You cannot perform write operations') && json_response.key?('message')
end end
end end
...@@ -47,13 +47,13 @@ describe Gitlab::Middleware::ReadOnly do ...@@ -47,13 +47,13 @@ describe Gitlab::Middleware::ReadOnly do
end end
end end
let(:request) { Rack::MockRequest.new(rack_stack) }
subject do subject do
app = described_class.new(fake_app) described_class.new(fake_app).tap do |app|
app.extend(observe_env) app.extend(observe_env)
app
end end
end
let(:request) { Rack::MockRequest.new(rack_stack) }
context 'normal requests to a read-only Gitlab instance' do context 'normal requests to a read-only Gitlab instance' do
let(:fake_app) { lambda { |env| [200, { 'Content-Type' => 'text/plain' }, ['OK']] } } let(:fake_app) { lambda { |env| [200, { 'Content-Type' => 'text/plain' }, ['OK']] } }
......
require 'spec_helper' require 'spec_helper'
describe Gitlab::Middleware::ReleaseEnv do describe Gitlab::Middleware::ReleaseEnv do
let(:inner_app) { double(:app) } let(:inner_app) { double(:app, call: 'yay') }
let(:app) { described_class.new(inner_app) } let(:app) { described_class.new(inner_app) }
let(:env) { { 'action_controller.instance' => 'something' } } let(:env) { { 'action_controller.instance' => 'something' } }
before do
expect(inner_app).to receive(:call).with(env).and_return('yay')
end
describe '#call' do describe '#call' do
it 'calls the app and delete the controller' do it 'calls the app and clears the env' do
result = app.call(env) result = app.call(env)
expect(result).to eq('yay') expect(result).to eq('yay')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment