diff options
author | Grzegorz Bizon <grzesiek.bizon@gmail.com> | 2017-06-13 11:05:48 +0200 |
---|---|---|
committer | Grzegorz Bizon <grzesiek.bizon@gmail.com> | 2017-06-13 11:05:48 +0200 |
commit | b3a1961a43de0f033bb33a8fbcb96c07b3dd598d (patch) | |
tree | 7de923350fc773c35f0659e75fa2ad32bc80addb | |
parent | 6f5a68f528d6c11f3bfd013e30cc71845abe6ef8 (diff) | |
download | gitlab-ce-fix/gb/remove-invalid-build-details-exposure.tar.gz |
Do not expose internal artifacts hash in build entityfix/gb/remove-invalid-build-details-exposure
-rw-r--r-- | app/serializers/build_details_entity.rb | 7 | ||||
-rw-r--r-- | spec/serializers/build_details_entity_spec.rb | 2 |
2 files changed, 3 insertions, 6 deletions
diff --git a/app/serializers/build_details_entity.rb b/app/serializers/build_details_entity.rb index 514c4c2e35f..0eddbaaaebf 100644 --- a/app/serializers/build_details_entity.rb +++ b/app/serializers/build_details_entity.rb @@ -1,18 +1,15 @@ class BuildDetailsEntity < BuildEntity expose :coverage, :erased_at, :duration expose :tag_list, as: :tags - expose :user, using: UserEntity + expose :runner, using: RunnerEntity + expose :pipeline, using: PipelineEntity expose :erased_by, if: -> (*) { build.erased? }, using: UserEntity expose :erase_path, if: -> (*) { build.erasable? && can?(current_user, :update_build, project) } do |build| erase_namespace_project_job_path(project.namespace, project, build) end - expose :artifacts, using: BuildArtifactEntity - expose :runner, using: RunnerEntity - expose :pipeline, using: PipelineEntity - expose :merge_request, if: -> (*) { can?(current_user, :read_merge_request, build.merge_request) } do expose :iid do |build| build.merge_request.iid diff --git a/spec/serializers/build_details_entity_spec.rb b/spec/serializers/build_details_entity_spec.rb index e2511e8968c..396ba96e9b3 100644 --- a/spec/serializers/build_details_entity_spec.rb +++ b/spec/serializers/build_details_entity_spec.rb @@ -29,7 +29,7 @@ describe BuildDetailsEntity do it 'contains the needed key value pairs' do expect(subject).to include(:coverage, :erased_at, :duration) - expect(subject).to include(:artifacts, :runner, :pipeline) + expect(subject).to include(:runner, :pipeline) expect(subject).to include(:raw_path, :merge_request) expect(subject).to include(:new_issue_path) end |