Add :authorize action to GitlabProjectsController

02e66fc3 · Aleksei Lipniagov · 8c6cba5b · 02e66fc3
Commit 02e66fc3 authored Mar 02, 2020 by Aleksei Lipniagov
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 0 deletions

app/controllers/import/gitlab_projects_controller.rb app/controllers/import/gitlab_projects_controller.rb +18 -0

No files found.
--- a/app/controllers/import/gitlab_projects_controller.rb
+++ b/app/controllers/import/gitlab_projects_controller.rb
 # frozen_string_literal: true

 class Import::GitlabProjectsController < Import::BaseController
+  include WorkhorseRequest
+
  before_action :whitelist_query_limiting, only: [:create]
  before_action :verify_gitlab_project_import_enabled

+  skip_before_action :authenticate_user!, only: [:authorize, :create]
+  before_action :verify_workhorse_api!, only: [:authorize]
+
  def new
    @namespace = Namespace.find(project_params[:namespace_id])
    return render_404 unless current_user.can?(:create_projects, @namespace)
@@ -28,6 +33,19 @@ class Import::GitlabProjectsController < Import::BaseController
    end
  end

+  # TODO: include UploadsActions?
+  def authorize
+    set_workhorse_internal_api_content_type
+
+    authorized = ImportExportUploader.workhorse_authorize(
+      has_length: false,
+      maximum_size: Gitlab::CurrentSettings.max_attachment_size.megabytes.to_i)
+
+    render json: authorized
+  rescue SocketError
+    render json: _("Error uploading file"), status: :internal_server_error
+  end
+
  private

  def file_is_valid?