Remove UploadedFile.from_params in Repositories::LfsStorageController
What does this MR do?
This part is part of the solution for #213289
With gitlab-workhorse!490 (merged), body uploads will now have the JWT header set properly by workhorse. With this header set, multipart.rb
will get triggered: an UploadedFile
object will get attached with the request (under params[:file]
).
This MR:
- Replaces the
UploadedFile.from_params
call with simplyparams[:file]
inRepositories::LfsStorageController
- Adds a rspec file for the
Repositories::LfsStorageController
- It was probably not created because of the extensive request rspec suite. I still find it valuable to have it, so that we can test the controller action under several conditions that don't need a request spec.
- To keep this MR changes small, I didn't added examples for all actions. Only
#upload_finalize
(where the business code is) is tested.
This MR has been tested under those conditions:
- Object Storage off. (configuration used by self-managed)
- Object Storage on and Direct Upload on. (gitlab.com config)
- Object Storage on and Direct Upload off. (configuration used by self-managed)
Screenshots
Git LFS should be working as usual:
git clone git@gitlab.example.com:group/project.git
cd project
git lfs install
git lfs track "*.jpg"
cp /dummy/image.jpg ./
git add .
git commit -am "Bananas"
git push
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
- [-] Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
- [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Mayra Cabrera