File: workhorse_authorization.rb

package info (click to toggle)
gitlab 17.6.5-19
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 629,368 kB
  • sloc: ruby: 1,915,304; javascript: 557,307; sql: 60,639; xml: 6,509; sh: 4,567; makefile: 1,239; python: 406
file content (43 lines) | stat: -rw-r--r-- 980 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
 
# frozen_string_literal: true

module WorkhorseAuthorization
  extend ActiveSupport::Concern
  include WorkhorseRequest

  included do
    skip_before_action :verify_authenticity_token, only: %i[authorize]
    before_action :verify_workhorse_api!, only: %i[authorize]
  end

  def authorize
    set_workhorse_internal_api_content_type

    authorized = uploader_class.workhorse_authorize(
      has_length: false,
      maximum_size: maximum_size.to_i)

    render json: authorized
  rescue SocketError
    render json: _("Error uploading file"), status: :internal_server_error
  end

  private

  def file_is_valid?(file)
    return false unless file.is_a?(::UploadedFile)

    file_extension_allowlist.include?(File.extname(file.original_filename).downcase.delete('.'))
  end

  def uploader_class
    raise NotImplementedError
  end

  def maximum_size
    raise NotImplementedError
  end

  def file_extension_allowlist
    ImportExportUploader::EXTENSION_ALLOWLIST
  end
end