application_setting.rb 4.89 KB
Newer Older
1
class ApplicationSetting < ActiveRecord::Base
2 3
  include TokenAuthenticatable
  add_authentication_token_field :runners_registration_token
4
  add_authentication_token_field :health_check_access_token
5

6 7
  CACHE_KEY = 'application_setting.last'

8
  serialize :restricted_visibility_levels
9
  serialize :import_sources
10
  serialize :disabled_oauth_sign_in_sources
11 12
  serialize :restricted_signup_domains, Array
  attr_accessor :restricted_signup_domains_raw
13 14

  validates :session_expire_delay,
15 16
            presence: true,
            numericality: { only_integer: true, greater_than_or_equal_to: 0 }
17

18
  validates :home_page_url,
19 20 21
            allow_blank: true,
            url: true,
            if: :home_page_url_column_exist
22

23
  validates :after_sign_out_path,
24 25
            allow_blank: true,
            url: true
26

27
  validates :admin_notification_email,
28
            email: true,
29
            allow_blank: true
30

31
  validates :two_factor_grace_period,
32 33 34 35 36 37 38 39 40
            numericality: { greater_than_or_equal_to: 0 }

  validates :recaptcha_site_key,
            presence: true,
            if: :recaptcha_enabled

  validates :recaptcha_private_key,
            presence: true,
            if: :recaptcha_enabled
41

Jeroen Nijhof's avatar
Jeroen Nijhof committed
42 43 44 45
  validates :sentry_dsn,
            presence: true,
            if: :sentry_enabled

46 47 48 49
  validates :akismet_api_key,
            presence: true,
            if: :akismet_enabled

50 51 52 53
  validates :max_attachment_size,
            presence: true,
            numericality: { only_integer: true, greater_than: 0 }

54
  validates_each :restricted_visibility_levels do |record, attr, value|
55 56 57 58 59
    unless value.nil?
      value.each do |level|
        unless Gitlab::VisibilityLevel.options.has_value?(level)
          record.errors.add(attr, "'#{level}' is not a valid visibility level")
        end
60 61 62 63
      end
    end
  end

64 65 66 67 68 69 70 71 72 73
  validates_each :import_sources do |record, attr, value|
    unless value.nil?
      value.each do |source|
        unless Gitlab::ImportSources.options.has_value?(source)
          record.errors.add(attr, "'#{source}' is not a import source")
        end
      end
    end
  end

74 75 76 77
  validates_each :disabled_oauth_sign_in_sources do |record, attr, value|
    unless value.nil?
      value.each do |source|
        unless Devise.omniauth_providers.include?(source.to_sym)
Andrei Gliga's avatar
typo  
Andrei Gliga committed
78
          record.errors.add(attr, "'#{source}' is not an OAuth sign-in source")
79 80 81 82 83
        end
      end
    end
  end

84
  before_save :ensure_runners_registration_token
85
  before_save :ensure_health_check_access_token
86

87
  after_commit do
88
    Rails.cache.write(CACHE_KEY, self)
89 90
  end

91
  def self.current
92
    Rails.cache.fetch(CACHE_KEY) do
93 94
      ApplicationSetting.last
    end
95
  end
96

97
  def self.expire
98
    Rails.cache.delete(CACHE_KEY)
99 100
  end

101 102 103
  def self.create_from_defaults
    create(
      default_projects_limit: Settings.gitlab['default_projects_limit'],
104
      default_branch_protection: Settings.gitlab['default_branch_protection'],
105 106 107 108
      signup_enabled: Settings.gitlab['signup_enabled'],
      signin_enabled: Settings.gitlab['signin_enabled'],
      gravatar_enabled: Settings.gravatar['enabled'],
      sign_in_text: Settings.extra['sign_in_text'],
109
      restricted_visibility_levels: Settings.gitlab['restricted_visibility_levels'],
Vinnie Okada's avatar
Vinnie Okada committed
110
      max_attachment_size: Settings.gitlab['max_attachment_size'],
111
      session_expire_delay: Settings.gitlab['session_expire_delay'],
Vinnie Okada's avatar
Vinnie Okada committed
112
      default_project_visibility: Settings.gitlab.default_projects_features['visibility_level'],
113
      default_snippet_visibility: Settings.gitlab.default_projects_features['visibility_level'],
114
      restricted_signup_domains: Settings.gitlab['restricted_signup_domains'],
115 116
      import_sources: ['github','bitbucket','gitlab','gitorious','google_code','fogbugz','git'],
      shared_runners_enabled: Settings.gitlab_ci['shared_runners_enabled'],
Kamil Trzcinski's avatar
Kamil Trzcinski committed
117
      max_artifacts_size: Settings.artifacts['max_size'],
118
      require_two_factor_authentication: false,
119 120
      two_factor_grace_period: 48,
      recaptcha_enabled: false,
121 122
      akismet_enabled: false,
      repository_checks_enabled: true,
123 124
      disabled_oauth_sign_in_sources: [],
      send_user_confirmation_email: false
125 126
    )
  end
127 128 129 130

  def home_page_url_column_exist
    ActiveRecord::Base.connection.column_exists?(:application_settings, :home_page_url)
  end
131 132 133 134 135 136 137 138

  def restricted_signup_domains_raw
    self.restricted_signup_domains.join("\n") unless self.restricted_signup_domains.nil?
  end

  def restricted_signup_domains_raw=(values)
    self.restricted_signup_domains = []
    self.restricted_signup_domains = values.split(
Gabriel Mazetto's avatar
Gabriel Mazetto committed
139 140 141 142 143 144
      /\s*[,;]\s*     # comma or semicolon, optionally surrounded by whitespace
      |               # or
      \s              # any whitespace character
      |               # or
      [\r\n]          # any number of newline characters
      /x)
145 146
    self.restricted_signup_domains.reject! { |d| d.empty? }
  end
147 148 149 150

  def runners_registration_token
    ensure_runners_registration_token!
  end
151 152 153 154

  def health_check_access_token
    ensure_health_check_access_token!
  end
155
end