File: uploads.go

package info (click to toggle)
gitlab 17.6.5-19
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 629,368 kB
  • sloc: ruby: 1,915,304; javascript: 557,307; sql: 60,639; xml: 6,509; sh: 4,567; makefile: 1,239; python: 406
file content (116 lines) | stat: -rw-r--r-- 4,101 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
 
/*
Package upload provides functionality for handling file uploads in GitLab Workhorse.

It includes features for processing multipart requests, handling file destinations,
and extracting EXIF data from uploaded images.
*/
package upload

import (
	"bytes"
	"context"
	"errors"
	"fmt"
	"io"
	"mime/multipart"
	"net/http"
	"net/textproto"

	"github.com/golang-jwt/jwt/v5"

	"gitlab.com/gitlab-org/gitlab/workhorse/internal/api"
	"gitlab.com/gitlab-org/gitlab/workhorse/internal/config"
	"gitlab.com/gitlab-org/gitlab/workhorse/internal/helper/fail"
	"gitlab.com/gitlab-org/gitlab/workhorse/internal/upload/destination"
	"gitlab.com/gitlab-org/gitlab/workhorse/internal/upload/exif"
	"gitlab.com/gitlab-org/gitlab/workhorse/internal/zipartifacts"
)

// RewrittenFieldsHeader is the HTTP header used to indicate multipart form fields
// that have been rewritten by GitLab Workhorse.
const RewrittenFieldsHeader = "Gitlab-Workhorse-Multipart-Fields"

// PreAuthorizer provides methods for pre-authorizing multipart requests.
type PreAuthorizer interface {
	PreAuthorizeHandler(next api.HandleFunc, suffix string) http.Handler
}

// MultipartClaims represents the claims included in a JWT token used for multipart requests.
type MultipartClaims struct {
	RewrittenFields map[string]string `json:"rewritten_fields"`
	jwt.RegisteredClaims
}

// MultipartFormProcessor abstracts away implementation differences
// between generic MIME multipart file uploads and CI artifact uploads.
type MultipartFormProcessor interface {
	ProcessFile(ctx context.Context, formName string, file *destination.FileHandler, writer *multipart.Writer, cfg *config.Config) error
	ProcessField(ctx context.Context, formName string, writer *multipart.Writer) error
	Finalize(ctx context.Context) error
	Name() string
	Count() int
	TransformContents(ctx context.Context, filename string, r io.Reader) (io.ReadCloser, error)
}

// interceptMultipartFiles is the core of the implementation of
// Multipart.
func interceptMultipartFiles(w http.ResponseWriter, r *http.Request, h http.Handler, filter MultipartFormProcessor, fa fileAuthorizer, p Preparer, cfg *config.Config) {
	var body bytes.Buffer
	writer := multipart.NewWriter(&body)
	defer func() {
		if writerErr := writer.Close(); writerErr != nil {
			_, _ = fmt.Fprintln(w, writerErr.Error())
		}
	}()

	// Rewrite multipart form data
	err := rewriteFormFilesFromMultipart(r, writer, filter, fa, p, cfg)
	if err != nil {
		switch err {
		case http.ErrNotMultipart:
			h.ServeHTTP(w, r)
		case ErrInjectedClientParam, ErrUnexpectedMultipartEOF, http.ErrMissingBoundary:
			fail.Request(w, r, err, fail.WithStatus(http.StatusBadRequest))
		case ErrTooManyFilesUploaded:
			fail.Request(w, r, err, fail.WithStatus(http.StatusBadRequest), fail.WithBody(err.Error()))
		case destination.ErrEntityTooLarge, zipartifacts.ErrBadMetadata:
			fail.Request(w, r, err, fail.WithStatus(http.StatusRequestEntityTooLarge))
		case exif.ErrRemovingExif:
			fail.Request(w, r, err, fail.WithStatus(http.StatusUnprocessableEntity),
				fail.WithBody("Failed to process image"))
		default:
			if errors.Is(err, context.DeadlineExceeded) {
				fail.Request(w, r, err, fail.WithStatus(http.StatusGatewayTimeout), fail.WithBody("deadline exceeded"))
				return
			}

			switch t := err.(type) {
			case textproto.ProtocolError:
				fail.Request(w, r, err, fail.WithStatus(http.StatusBadRequest))
			case *api.PreAuthorizeFixedPathError:
				fail.Request(w, r, err, fail.WithStatus(t.StatusCode), fail.WithBody(t.Status))
			default:
				fail.Request(w, r, fmt.Errorf("handleFileUploads: extract files from multipart: %v", err))
			}
		}
		return
	}

	// Close writer
	if writerErr := writer.Close(); writerErr != nil {
		_, _ = fmt.Fprintln(w, writerErr.Error())
	}

	// Hijack the request
	r.Body = io.NopCloser(&body)
	r.ContentLength = int64(body.Len())
	r.Header.Set("Content-Type", writer.FormDataContentType())

	if err := filter.Finalize(r.Context()); err != nil {
		fail.Request(w, r, fmt.Errorf("handleFileUploads: Finalize: %v", err))
		return
	}

	// Proxy the request
	h.ServeHTTP(w, r)
}