Graceful degradation for unauthenticated routes
What does this MR do and why?
Contributes to https://gitlab.com/gitlab-com/gl-infra/production-engineering/-/issues/27625
Optimize usage of endpoints for unauthenticated requests:
- Projects::NetworkController#show
- Projects::CommitsController#show
- Projects::CommitsController#signatures
- Projects::RefsController#logs_tree
References
https://gitlab.com/gitlab-com/gl-infra/production-engineering/-/issues/27625
Projects::NetworkController#show
- Repository graph data is available only for default branch. It won't be loaded for other references if users are not authenticated.
Projects::CommitsController#show, Projects::CommitsController#signatures
Commits history is allowed only for requesting the whole repository. Commits history for specific file or directory will require authentication.
| Before clicking on History | After |
|---|---|
 |
 |
 |
 |
Projects::RefsController#logs_tree
Information about last commit for each file in the repository tree is available only for default branch. It won't be loaded for other references if users are not authenticated.
| Default branch | Other reference |
|---|---|
 |
 |
How to set up and validate locally
Feature.enable(:require_login_for_commit_tree)- Visit repository page as an unauthorized user
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Edited by Vasilii Iakliushin