Merge branch 'revert-92a25640' into 'master'

Revert "Merge branch 'authorize_uploads' into 'master'" See merge request gitlab-org/gitlab-workhorse!267

Merge branch 'revert-92a25640' into 'master'
Revert "Merge branch 'authorize_uploads' into 'master'" See merge request gitlab-org/gitlab-workhorse!267
db93eb91 · Nick Thomas · 92a25640 · 27f44d73 · db93eb91 · 92a25640
Commit db93eb91 authored Jun 22, 2018 by Nick Thomas
Showing with 7 additions and 35 deletions

internal/upload/accelerate.go internal/upload/accelerate.go +6 -8

internal/upload/skip_rails_authorizer.go internal/upload/skip_rails_authorizer.go +0 -22

internal/upstream/routes.go internal/upstream/routes.go +1 -5

No files found.
--- a/internal/upload/accelerate.go
+++ b/internal/upload/accelerate.go
@@ -25,15 +25,13 @@ type MultipartClaims struct {
 	jwt.StandardClaims
 }

-type PreAuthorizer interface {
-	PreAuthorizeHandler(next api.HandleFunc, suffix string) http.Handler
-}
-
-func Accelerate(rails PreAuthorizer, h http.Handler) http.Handler {
-	return rails.PreAuthorizeHandler(func(w http.ResponseWriter, r *http.Request, a *api.Response) {
+func Accelerate(tempDir string, h http.Handler) http.Handler {
+	// TODO: for Object Store this will need a authorize call
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		localOnlyPreAuth := &api.Response{TempPath: tempDir}
 		s := &savedFileTracker{request: r}
-		HandleFileUploads(w, r, h, a, s)
-	}, "/authorize")
+		HandleFileUploads(w, r, h, localOnlyPreAuth, s)
+	})
 }

 func (s *savedFileTracker) ProcessFile(_ context.Context, fieldName string, file *filestore.FileHandler, _ *multipart.Writer) error {

--- a/internal/upload/skip_rails_authorizer.go
+++ b/internal/upload/skip_rails_authorizer.go
-package upload
-
-import (
-	"net/http"
-
-	"gitlab.com/gitlab-org/gitlab-workhorse/internal/api"
-)
-
-// SkipRailsAuthorizer implements a fake PreAuthorizer that do not calls rails API and
-// authorize each call as a local only upload to TempPath
-type SkipRailsAuthorizer struct {
-	// TempPath is the temporary path for a local only upload
-	TempPath string
-}
-
-// PreAuthorizeHandler implements PreAuthorizer. It always grant the upload.
-// The fake API response contains only TempPath
-func (l *SkipRailsAuthorizer) PreAuthorizeHandler(next api.HandleFunc, _ string) http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		next(w, r, &api.Response{TempPath: l.TempPath})
-	})
-}
--- a/internal/upstream/routes.go
+++ b/internal/upstream/routes.go
@@ -145,8 +145,7 @@ func (u *Upstream) configureRoutes() {
 		sendurl.SendURL,
 	)

-	uploadPath := path.Join(u.DocumentRoot, "uploads/tmp")
-	uploadAccelerateProxy := upload.Accelerate(&upload.SkipRailsAuthorizer{TempPath: uploadPath}, proxy)
+	uploadAccelerateProxy := upload.Accelerate(path.Join(u.DocumentRoot, "uploads/tmp"), proxy)
 	ciAPIProxyQueue := queueing.QueueRequests("ci_api_job_requests", uploadAccelerateProxy, u.APILimit, u.APIQueueLimit, u.APIQueueTimeout)
 	ciAPILongPolling := builds.RegisterHandler(ciAPIProxyQueue, redis.WatchKey, u.APICILongPollingDuration)

@@ -183,9 +182,6 @@ func (u *Upstream) configureRoutes() {
 			),
 		),

-		// Uploads
-		route("POST", projectPattern+`uploads\z`, upload.Accelerate(api, proxy)),
-
 		// For legacy reasons, user uploads are stored under the document root.
 		// To prevent anybody who knows/guesses the URL of a user-uploaded file
 		// from downloading it we make sure requests to /uploads/ do _not_ pass