Remove slow uploads fallback query

This method is not needed and executes a very slow query when run on projects / groups with many uploads Changelog: performance

Remove slow uploads fallback query
4f0c0caf · Heinrich Lee Yu · GitLab Bot · a3d5ec93 · 4f0c0caf · 4f0c0caf
--- a/app/controllers/concerns/uploads_actions.rb
+++ b/app/controllers/concerns/uploads_actions.rb
@@ -110,7 +110,7 @@ def uploader
    if uploader_mounted?
      model.public_send(upload_mount) # rubocop:disable GitlabSecurity/PublicSend
    else
-      build_uploader_from_upload || build_uploader_from_params
+      build_uploader_from_upload
    end
  end
  strong_memoize_attr :uploader
@@ -125,21 +125,6 @@ def build_uploader_from_upload
  end
  # rubocop: enable CodeReuse/ActiveRecord
-  def build_uploader_from_params
-    return unless uploader = build_uploader
-    uploader.retrieve_from_store!(params[:filename])
-    Gitlab::AppJsonLogger.info(
-      message: 'Deprecated usage of build_uploader_from_params',
-      uploader_class: uploader.class.name,
-      path: params[:filename],
-      exists: uploader.exists?
-    )
-    uploader
-  end
  def build_uploader
    return unless params[:secret] && params[:filename]

--- a/spec/controllers/groups/uploads_controller_spec.rb
+++ b/spec/controllers/groups/uploads_controller_spec.rb
@@ -76,31 +76,17 @@
        context 'when uploader class does not match the upload' do
          let(:uploader_class) { FileUploader }
-          it 'responds with status 200 but logs a deprecation message' do
+          it 'responds with status 404' do
-            expect(Gitlab::AppJsonLogger).to receive(:info).with(
-              message: 'Deprecated usage of build_uploader_from_params',
-              uploader_class: uploader_class.name,
-              path: filename,
-              exists: true
-            )
            show_upload
-            expect(response).to have_gitlab_http_status(:ok)
+            expect(response).to have_gitlab_http_status(:not_found)
          end
        end
        context 'when filename does not match' do
          let(:invalid_filename) { 'invalid_filename.jpg' }
-          it 'responds with status 404 and logs a deprecation message' do
+          it 'responds with status 404' do
-            expect(Gitlab::AppJsonLogger).to receive(:info).with(
-              message: 'Deprecated usage of build_uploader_from_params',
-              uploader_class: uploader_class.name,
-              path: invalid_filename,
-              exists: false
-            )
            get :show, params: params.merge(secret: secret, filename: invalid_filename)
            expect(response).to have_gitlab_http_status(:not_found)

--- a/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb
+++ b/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb
@@ -94,14 +94,6 @@
        expect(response).to have_gitlab_http_status(:not_found)
      end
-      it 'is a working exploit without the validation' do
-        allow_any_instance_of(FileUploader).to receive(:secret) { secret }
-        show_upload
-        expect(response).to have_gitlab_http_status(:ok)
-      end
    end
    context 'when accessing a specific upload via different model' do