Merge branch 'url-masking-insights-url' into 'master'

Add case for insights page handler for url mask See merge request gitlab-org/gitlab!72864

Merge branch 'url-masking-insights-url' into 'master'
Add case for insights page handler for url mask See merge request gitlab-org/gitlab!72864
573f25ae · Mikołaj Wawrzyniak · 09930f5c · 7df113e9 · 573f25ae · 573f25ae
Commit 573f25ae authored Nov 03, 2021 by Mikołaj Wawrzyniak
Showing with 85 additions and 4 deletions

app/helpers/routing/pseudonymization_helper.rb app/helpers/routing/pseudonymization_helper.rb +20 -4

ee/spec/helpers/routing/pseudonymization_helper_spec.rb ee/spec/helpers/routing/pseudonymization_helper_spec.rb +65 -0

No files found.
--- a/app/helpers/routing/pseudonymization_helper.rb
+++ b/app/helpers/routing/pseudonymization_helper.rb
@@ -21,7 +21,7 @@ module Routing
          case key
          when :project_id
            [key, "project#{@project&.id}"]
-          when :namespace_id
+          when :namespace_id, :group_id
            namespace = @group || @project&.namespace
            [key, "namespace#{namespace&.id}"]
          when :id
@@ -31,11 +31,24 @@ module Routing
          end
        end
-        Gitlab::Routing.url_helpers.url_for(masked_params.merge(masked_query_params))
+        generate_url(masked_params.merge(masked_query_params))
      end
      private
+      def generate_url(masked_params)
+        # The below check is added since `project/insights` route does not
+        # work with Rails router `url_for` method.
+        # See https://gitlab.com/gitlab-org/gitlab/-/issues/343551
+        if @request.path_parameters[:controller] == 'projects/insights'
+          default_root_url + "#{Gitlab::Routing.url_helpers.namespace_project_insights_path(masked_params)}"
+        elsif @request.path_parameters[:controller] == 'groups/insights'
+          default_root_url + "#{Gitlab::Routing.url_helpers.group_insights_path(masked_params)}"
+        else
+          Gitlab::Routing.url_helpers.url_for(masked_params.merge(masked_query_params))
+        end
+      end
      def mask_id(value)
        if @request.path_parameters[:controller] == 'projects/blob'
          ':repository_path'
@@ -50,7 +63,7 @@ module Routing
      def has_maskable_params?
        request_params = @request.path_parameters.to_h
-        request_params.has_key?(:namespace_id) || request_params.has_key?(:project_id) || request_params.has_key?(:id) || @request.query_string.present?
+        request_params.key?(:namespace_id) || request_params.key?(:group_id) || request_params.key?(:project_id) || request_params.key?(:id) || @request.query_string.present?
      end
      def masked_query_params
@@ -79,7 +92,10 @@ module Routing
      current_project = project if defined?(project)
      mask_helper = MaskHelper.new(request, current_group, current_project)
      mask_helper.mask_params
-    rescue ActionController::RoutingError, URI::InvalidURIError => e
+    # We rescue all exception for time being till we test this helper extensively.
+    # Check https://gitlab.com/gitlab-org/gitlab/-/merge_requests/72864#note_711515501
+    rescue => e # rubocop:disable Style/RescueStandardError
      Gitlab::ErrorTracking.track_exception(e, url: request.original_fullpath)
      nil
    end

--- a/ee/spec/helpers/routing/pseudonymization_helper_spec.rb
+++ b/ee/spec/helpers/routing/pseudonymization_helper_spec.rb
+# frozen_string_literal: true
+require 'spec_helper'
+RSpec.describe ::Routing::PseudonymizationHelper do
+  let_it_be(:group) { create(:group) }
+  let_it_be(:project) { create(:project, group: group) }
+  before do
+    stub_feature_flags(mask_page_urls: true)
+    allow(helper).to receive(:group).and_return(group)
+    allow(helper).to receive(:project).and_return(project)
+  end
+  shared_examples 'masked url' do
+    it 'generates masked page url' do
+      expect(helper.masked_page_url).to eq(masked_url)
+    end
+  end
+  describe 'when url has params to mask' do
+    context 'when project/insights page is loaded' do
+      let(:masked_url) { "http://localhost//namespace#{group.id}/project#{project.id}/insights/" }
+      let(:request) do
+        double(:Request,
+          path_parameters: {
+                controller: 'projects/insights',
+                action: 'show',
+                namespace_id: group.name,
+                project_id: project.name
+               },
+               protocol: 'http',
+               host: 'localhost',
+               query_string: '')
+      end
+      before do
+        allow(helper).to receive(:request).and_return(request)
+      end
+      it_behaves_like 'masked url'
+    end
+    context 'when groups/insights page is loaded' do
+      let(:masked_url) { "http://localhost//groups/namespace#{group.id}/-/insights/" }
+      let(:request) do
+        double(:Request,
+          path_parameters: {
+                controller: 'groups/insights',
+                action: 'show',
+                group_id: group.name
+               },
+               protocol: 'http',
+               host: 'localhost',
+               query_string: '')
+      end
+      before do
+        allow(helper).to receive(:request).and_return(request)
+      end
+      it_behaves_like 'masked url'
+    end
+  end
+end