BigW Consortium Gitlab

application_setting.rb 6.32 KB
Newer Older
1
class ApplicationSetting < ActiveRecord::Base
2 3
  include TokenAuthenticatable
  add_authentication_token_field :runners_registration_token
4
  add_authentication_token_field :health_check_access_token
5

6
  CACHE_KEY = 'application_setting.last'
7 8 9 10 11 12
  DOMAIN_LIST_SEPARATOR = %r{\s*[,;]\s*     # comma or semicolon, optionally surrounded by whitespace
                            |               # or
                            \s              # any whitespace character
                            |               # or
                            [\r\n]          # any number of newline characters
                          }x
13

14
  serialize :restricted_visibility_levels
15
  serialize :import_sources
16
  serialize :disabled_oauth_sign_in_sources, Array
17
  serialize :domain_whitelist, Array
18 19
  serialize :domain_blacklist, Array

20
  attr_accessor :domain_whitelist_raw, :domain_blacklist_raw
21 22

  validates :session_expire_delay,
23 24
            presence: true,
            numericality: { only_integer: true, greater_than_or_equal_to: 0 }
25

26
  validates :home_page_url,
27 28 29
            allow_blank: true,
            url: true,
            if: :home_page_url_column_exist
30

31
  validates :after_sign_out_path,
32 33
            allow_blank: true,
            url: true
34

35
  validates :admin_notification_email,
36
            email: true,
37
            allow_blank: true
38

39
  validates :two_factor_grace_period,
40 41 42 43 44 45 46 47 48
            numericality: { greater_than_or_equal_to: 0 }

  validates :recaptcha_site_key,
            presence: true,
            if: :recaptcha_enabled

  validates :recaptcha_private_key,
            presence: true,
            if: :recaptcha_enabled
49

Jeroen Nijhof committed
50 51 52 53
  validates :sentry_dsn,
            presence: true,
            if: :sentry_enabled

54 55 56 57
  validates :akismet_api_key,
            presence: true,
            if: :akismet_enabled

58 59 60 61
  validates :koding_url,
            presence: true,
            if: :koding_enabled

62 63 64 65
  validates :max_attachment_size,
            presence: true,
            numericality: { only_integer: true, greater_than: 0 }

66 67 68 69
  validates :container_registry_token_expire_delay,
            presence: true,
            numericality: { only_integer: true, greater_than: 0 }

70 71 72 73
  validates :repository_storage,
    presence: true,
    inclusion: { in: ->(_object) { Gitlab.config.repositories.storages.keys } }

74
  validates :enabled_git_access_protocol,
75
            inclusion: { in: %w(ssh http), allow_blank: true, allow_nil: true }
76

77
  validates :domain_blacklist,
78
            presence: { message: 'Domain blacklist cannot be empty if Blacklist is enabled.' },
79 80
            if: :domain_blacklist_enabled?

81
  validates_each :restricted_visibility_levels do |record, attr, value|
82 83 84 85 86
    unless value.nil?
      value.each do |level|
        unless Gitlab::VisibilityLevel.options.has_value?(level)
          record.errors.add(attr, "'#{level}' is not a valid visibility level")
        end
87 88 89 90
      end
    end
  end

91 92 93 94 95 96 97 98 99 100
  validates_each :import_sources do |record, attr, value|
    unless value.nil?
      value.each do |source|
        unless Gitlab::ImportSources.options.has_value?(source)
          record.errors.add(attr, "'#{source}' is not a import source")
        end
      end
    end
  end

101 102 103 104
  validates_each :disabled_oauth_sign_in_sources do |record, attr, value|
    unless value.nil?
      value.each do |source|
        unless Devise.omniauth_providers.include?(source.to_sym)
Andrei Gliga committed
105
          record.errors.add(attr, "'#{source}' is not an OAuth sign-in source")
106 107 108 109 110
        end
      end
    end
  end

111
  before_save :ensure_runners_registration_token
112
  before_save :ensure_health_check_access_token
113

114
  after_commit do
115
    Rails.cache.write(CACHE_KEY, self)
116 117
  end

118
  def self.current
119
    Rails.cache.fetch(CACHE_KEY) do
120 121
      ApplicationSetting.last
    end
122
  end
123

124
  def self.expire
125
    Rails.cache.delete(CACHE_KEY)
126 127
  end

128 129 130 131
  def self.cached
    Rails.cache.fetch(CACHE_KEY)
  end

132 133 134
  def self.create_from_defaults
    create(
      default_projects_limit: Settings.gitlab['default_projects_limit'],
135
      default_branch_protection: Settings.gitlab['default_branch_protection'],
136 137 138
      signup_enabled: Settings.gitlab['signup_enabled'],
      signin_enabled: Settings.gitlab['signin_enabled'],
      gravatar_enabled: Settings.gravatar['enabled'],
139 140 141 142
      sign_in_text: nil,
      after_sign_up_text: nil,
      help_page_text: nil,
      shared_runners_text: nil,
143
      restricted_visibility_levels: Settings.gitlab['restricted_visibility_levels'],
Vinnie Okada committed
144
      max_attachment_size: Settings.gitlab['max_attachment_size'],
145
      session_expire_delay: Settings.gitlab['session_expire_delay'],
Vinnie Okada committed
146
      default_project_visibility: Settings.gitlab.default_projects_features['visibility_level'],
147
      default_snippet_visibility: Settings.gitlab.default_projects_features['visibility_level'],
148
      domain_whitelist: Settings.gitlab['domain_whitelist'],
149
      import_sources: Gitlab::ImportSources.values,
150
      shared_runners_enabled: Settings.gitlab_ci['shared_runners_enabled'],
151
      max_artifacts_size: Settings.artifacts['max_size'],
152
      require_two_factor_authentication: false,
153 154
      two_factor_grace_period: 48,
      recaptcha_enabled: false,
155
      akismet_enabled: false,
156 157
      koding_enabled: false,
      koding_url: nil,
158
      repository_checks_enabled: true,
159
      disabled_oauth_sign_in_sources: [],
160 161
      send_user_confirmation_email: false,
      container_registry_token_expire_delay: 5,
162
      repository_storage: 'default',
163
      user_default_external: false,
164 165
    )
  end
166 167 168 169

  def home_page_url_column_exist
    ActiveRecord::Base.connection.column_exists?(:application_settings, :home_page_url)
  end
170

171 172
  def domain_whitelist_raw
    self.domain_whitelist.join("\n") unless self.domain_whitelist.nil?
173 174
  end

175 176 177 178
  def domain_blacklist_raw
    self.domain_blacklist.join("\n") unless self.domain_blacklist.nil?
  end

179 180 181 182 183
  def domain_whitelist_raw=(values)
    self.domain_whitelist = []
    self.domain_whitelist = values.split(DOMAIN_LIST_SEPARATOR)
    self.domain_whitelist.reject! { |d| d.empty? }
    self.domain_whitelist
184
  end
185

186 187
  def domain_blacklist_raw=(values)
    self.domain_blacklist = []
188
    self.domain_blacklist = values.split(DOMAIN_LIST_SEPARATOR)
189
    self.domain_blacklist.reject! { |d| d.empty? }
190
    self.domain_blacklist
191 192 193 194 195 196
  end

  def domain_blacklist_file=(file)
    self.domain_blacklist_raw = file.read
  end

197 198 199
  def runners_registration_token
    ensure_runners_registration_token!
  end
200 201 202 203

  def health_check_access_token
    ensure_health_check_access_token!
  end
204
end