diff options
| author | James Edwards-Jones <jedwardsjones@gitlab.com> | 2018-03-27 23:24:02 +0100 |
|---|---|---|
| committer | James Edwards-Jones <jedwardsjones@gitlab.com> | 2018-03-28 00:24:50 +0100 |
| commit | 66ca6d7049fd809d6f75b2466853185427a4a43d (patch) | |
| tree | f16071a0561f62dfc180cf9ca6d3ed4a6e0c01c2 | |
| parent | 092445a4025bc1033e2028655ba739961f5e4ebb (diff) | |
| download | gitlab-ce-ce-jej/settings-for-saml-sso-per-group.tar.gz | |
Adds validators and rack cookie helperce-jej/settings-for-saml-sso-per-group
These changes are backported from EE, related to SAML settings in
https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/4549
| -rw-r--r-- | app/validators/certificate_fingerprint_validator.rb | 9 | ||||
| -rw-r--r-- | app/validators/top_level_group_validator.rb | 7 | ||||
| -rw-r--r-- | spec/support/cookie_helper.rb | 14 | ||||
| -rw-r--r-- | spec/support/login_helpers.rb | 4 |
4 files changed, 34 insertions, 0 deletions
diff --git a/app/validators/certificate_fingerprint_validator.rb b/app/validators/certificate_fingerprint_validator.rb new file mode 100644 index 00000000000..17df756183a --- /dev/null +++ b/app/validators/certificate_fingerprint_validator.rb @@ -0,0 +1,9 @@ +class CertificateFingerprintValidator < ActiveModel::EachValidator + FINGERPRINT_PATTERN = /\A([a-zA-Z0-9]{2}[\s\-:]?){16,}\z/.freeze + + def validate_each(record, attribute, value) + unless value.try(:match, FINGERPRINT_PATTERN) + record.errors.add(attribute, "must be a hash containing only letters, numbers, spaces, : and -") + end + end +end diff --git a/app/validators/top_level_group_validator.rb b/app/validators/top_level_group_validator.rb new file mode 100644 index 00000000000..7e2e735e0cf --- /dev/null +++ b/app/validators/top_level_group_validator.rb @@ -0,0 +1,7 @@ +class TopLevelGroupValidator < ActiveModel::EachValidator + def validate_each(record, attribute, value) + if value&.subgroup? + record.errors.add(attribute, "must be a top level Group") + end + end +end diff --git a/spec/support/cookie_helper.rb b/spec/support/cookie_helper.rb index d72925e1838..e74b27c1315 100644 --- a/spec/support/cookie_helper.rb +++ b/spec/support/cookie_helper.rb @@ -2,12 +2,26 @@ # module CookieHelper def set_cookie(name, value, options = {}) + case page.driver + when Capybara::RackTest::Driver + rack_set_cookie(name, value) + when Capybara::Selenium::Driver # rubocop:disable Lint/EmptyWhen + else + selenium_set_cookie(name, value, options) + end + end + + def selenium_set_cookie(name, value, options = {}) # Selenium driver will not set cookies for a given domain when the browser is at `about:blank`. # It also doesn't appear to allow overriding the cookie path. loading `/` is the most inclusive. visit options.fetch(:path, '/') unless on_a_page? page.driver.browser.manage.add_cookie(name: name, value: value, **options) end + def rack_set_cookie(name, value) + page.driver.browser.set_cookie("#{name}=#{value}") + end + def get_cookie(name) page.driver.browser.manage.cookie_named(name) end diff --git a/spec/support/login_helpers.rb b/spec/support/login_helpers.rb index d08183846a0..db34090e971 100644 --- a/spec/support/login_helpers.rb +++ b/spec/support/login_helpers.rb @@ -140,6 +140,10 @@ module LoginHelpers end allow(Gitlab::Auth::OAuth::Provider).to receive_messages(providers: [:saml], config_for: mock_saml_config) stub_omniauth_setting(messages) + stub_saml_authorize_path_helpers + end + + def stub_saml_authorize_path_helpers allow_any_instance_of(Object).to receive(:user_saml_omniauth_authorize_path).and_return('/users/auth/saml') allow_any_instance_of(Object).to receive(:omniauth_authorize_path).with(:user, "saml").and_return('/users/auth/saml') end |