Merge branch 'cache-raw-endpoints-for-logged-in-users' into 'master'

Enable caching of Git blobs even when signed in See merge request gitlab-org/gitlab!47430

Merge branch 'cache-raw-endpoints-for-logged-in-users' into 'master'
Enable caching of Git blobs even when signed in See merge request gitlab-org/gitlab!47430
0ce91537 · Sean McGivern · 192b7064 · ed09090b · 0ce91537 · 0ce91537
Commit 0ce91537 authored Nov 16, 2020 by Sean McGivern
7 changed files
--- a/app/controllers/projects/avatars_controller.rb
+++ b/app/controllers/projects/avatars_controller.rb
@@ -3,6 +3,8 @@
 class Projects::AvatarsController < Projects::ApplicationController
  include SendsBlob

+  skip_before_action :default_cache_headers, only: :show
+
  before_action :authorize_admin_project!, only: [:destroy]

  feature_category :projects

--- a/app/controllers/projects/raw_controller.rb
+++ b/app/controllers/projects/raw_controller.rb
@@ -6,6 +6,8 @@ class Projects::RawController < Projects::ApplicationController
  include SendsBlob
  include StaticObjectExternalStorage

+  skip_before_action :default_cache_headers, only: :show
+
  prepend_before_action(only: [:show]) { authenticate_sessionless_user!(:blob) }

  before_action :require_non_empty_project

--- a/app/controllers/projects/repositories_controller.rb
+++ b/app/controllers/projects/repositories_controller.rb
@@ -8,6 +8,8 @@ class Projects::RepositoriesController < Projects::ApplicationController

  prepend_before_action(only: [:archive]) { authenticate_sessionless_user!(:archive) }

+  skip_before_action :default_cache_headers, only: :archive
+
  # Authorize
  before_action :require_non_empty_project, except: :create
  before_action :archive_rate_limit!, only: :archive

--- a/changelogs/unreleased/cache-raw-endpoints-for-logged-in-users.yml
+++ b/changelogs/unreleased/cache-raw-endpoints-for-logged-in-users.yml
+---
+title: Enable HTTP caching of repository raw, archive, and avatar endpoints
+merge_request: 47430
+author:
+type: performance
--- a/spec/controllers/projects/avatars_controller_spec.rb
+++ b/spec/controllers/projects/avatars_controller_spec.rb
@@ -3,14 +3,14 @@
 require 'spec_helper'

 RSpec.describe Projects::AvatarsController do
-  let_it_be(:project) { create(:project, :repository) }
+  describe 'GET #show' do
+    let_it_be(:project) { create(:project, :public, :repository) }

-  before do
-    controller.instance_variable_set(:@project, project)
-  end
+    before do
+      controller.instance_variable_set(:@project, project)
+    end

-  describe 'GET #show' do
-    subject { get :show, params: { namespace_id: project.namespace, project_id: project } }
+    subject { get :show, params: { namespace_id: project.namespace, project_id: project.path } }

    context 'when repository has no avatar' do
      it 'shows 404' do
@@ -37,6 +37,15 @@ RSpec.describe Projects::AvatarsController do
          expect(response.header[Gitlab::Workhorse::DETECT_HEADER]).to eq 'true'
        end

+        it 'sets appropriate caching headers' do
+          sign_in(project.owner)
+          subject
+
+          expect(response.cache_control[:public]).to eq(true)
+          expect(response.cache_control[:max_age]).to eq(60)
+          expect(response.cache_control[:no_store]).to be_nil
+        end
+
        it_behaves_like 'project cache control headers'
      end

@@ -51,9 +60,16 @@ RSpec.describe Projects::AvatarsController do
  end

  describe 'DELETE #destroy' do
+    let(:project) { create(:project, :repository, avatar: fixture_file_upload("spec/fixtures/dk.png", "image/png")) }
+
+    before do
+      sign_in(project.owner)
+    end
+
    it 'removes avatar from DB by calling destroy' do
-      delete :destroy, params: { namespace_id: project.namespace.id, project_id: project.id }
+      delete :destroy, params: { namespace_id: project.namespace.path, project_id: project.path }

+      expect(response).to redirect_to(edit_project_path(project, anchor: 'js-general-project-settings'))
      expect(project.avatar.present?).to be_falsey
      expect(project).to be_valid
    end

--- a/spec/controllers/projects/raw_controller_spec.rb
+++ b/spec/controllers/projects/raw_controller_spec.rb
@@ -226,6 +226,15 @@ RSpec.describe Projects::RawController do
        get(:show, params: { namespace_id: project.namespace, project_id: project, id: 'master/README.md' })
      end

+      it 'sets appropriate caching headers' do
+        sign_in create(:user)
+        request_file
+
+        expect(response.cache_control[:public]).to eq(true)
+        expect(response.cache_control[:max_age]).to eq(60)
+        expect(response.cache_control[:no_store]).to be_nil
+      end
+
      context 'when If-None-Match header is set' do
        it 'returns a 304 status' do
          request_file

--- a/spec/controllers/projects/repositories_controller_spec.rb
+++ b/spec/controllers/projects/repositories_controller_spec.rb
@@ -122,7 +122,9 @@ RSpec.describe Projects::RepositoriesController do

          expect(response).to have_gitlab_http_status(:ok)
          expect(response.header['ETag']).to be_present
-          expect(response.header['Cache-Control']).to include('max-age=60, private')
+          expect(response.cache_control[:public]).to eq(false)
+          expect(response.cache_control[:max_age]).to eq(60)
+          expect(response.cache_control[:no_store]).to be_nil
        end

        context 'when project is public' do