Adds Group#discovery_token to permit anonymous discoveryce-jej/group-saml-metadata-endpoint

4 files changed, 55 insertions, 1 deletions

diff --git a/app/models/group.rb b/app/models/group.rb
index 8fb77a7869d..127668bfbe1 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -334,6 +334,17 @@ class Group < Namespace
     ensure_runners_token!
   end
 
+  # Helps avoid revealing that a group exists on a given path
+  # The token conveys that the anonymous user is allowed to know of the group
+  def discovery_token
+    super.presence || begin
+      self.discovery_token = Devise.friendly_token(8)
+
+      save if Gitlab::Database.read_write?
+      super
+    end
+  end
+
   private
 
   def update_two_factor_requirement
diff --git a/db/migrate/20180520211048_add_discovery_token_to_namespaces.rb b/db/migrate/20180520211048_add_discovery_token_to_namespaces.rb
new file mode 100644
index 00000000000..416833ac6de
--- /dev/null
+++ b/db/migrate/20180520211048_add_discovery_token_to_namespaces.rb
@@ -0,0 +1,9 @@
+class AddDiscoveryTokenToNamespaces < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def change
+    add_column :namespaces, :discovery_token, :string
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index ed29d202f91..c8079cff773 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20180512061621) do
+ActiveRecord::Schema.define(version: 20180520211048) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -1289,6 +1289,7 @@ ActiveRecord::Schema.define(version: 20180512061621) do
     t.integer "two_factor_grace_period", default: 48, null: false
     t.integer "cached_markdown_version"
     t.string "runners_token"
+    t.string "discovery_token"
   end
 
   add_index "namespaces", ["created_at"], name: "index_namespaces_on_created_at", using: :btree
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index f83b52e8975..e2003b699ca 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -699,4 +699,37 @@ describe Group do
       let(:uploader_class) { AttachmentUploader }
     end
   end
+
+  describe '#discovery_token' do
+    it 'returns existing tokens' do
+      group = create(:group, discovery_token: 'existing')
+
+      expect(group.discovery_token).to eq 'existing'
+    end
+
+    context 'when missing on read' do
+      it 'generates a token' do
+        expect(group.discovery_token.length).to eq 8
+      end
+
+      it 'saves the generated token' do
+        expect { group.discovery_token }.to change { group.reload.read_attribute(:discovery_token) }
+      end
+
+      context 'in read only mode' do
+        before do
+          allow(Gitlab::Database).to receive(:read_only?).and_return(true)
+          allow(group).to receive(:create_or_update).and_raise(ActiveRecord::ReadOnlyRecord)
+        end
+
+        it "doesn't raise an error as that could expose group existance" do
+          expect { group.discovery_token }.not_to raise_error
+        end
+
+        it 'returns a random value to prevent access' do
+          expect(group.discovery_token).not_to be_blank
+        end
+      end
+    end
+  end
 end