File: uploads_path_tmp_permission_check.rb

package info (click to toggle)
gitlab 17.6.5-19
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 629,368 kB
  • sloc: ruby: 1,915,304; javascript: 557,307; sql: 60,639; xml: 6,509; sh: 4,567; makefile: 1,239; python: 406
file content (42 lines) | stat: -rw-r--r-- 1,212 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
 
# frozen_string_literal: true

module SystemCheck
  module App
    class UploadsPathTmpPermissionCheck < SystemCheck::BaseCheck
      set_name 'Uploads directory tmp has correct permissions?'
      set_skip_reason 'skipped (no tmp uploads folder yet)'

      def skip?
        !File.directory?(uploads_fullpath) || !Dir.exist?(upload_path_tmp)
      end

      def check?
        # If tmp upload dir has incorrect permissions, assume others do as well
        # Verify drwx------ permissions
        File.stat(upload_path_tmp).mode == 040700 && File.owned?(upload_path_tmp)
      end

      def show_error
        try_fixing_it(
          "sudo chown -R #{gitlab_user} #{uploads_fullpath}",
          "sudo find #{uploads_fullpath} -type f -exec chmod 0644 {} \\;",
          "sudo find #{uploads_fullpath} -type d -not -path #{uploads_fullpath} -exec chmod 0700 {} \\;"
        )
        for_more_information(
          see_installation_guide_section('GitLab')
        )
        fix_and_rerun
      end

      private

      def upload_path_tmp
        File.join(uploads_fullpath, 'tmp')
      end

      def uploads_fullpath
        File.realpath(Rails.root.join('public/uploads'))
      end
    end
  end
end