summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Beckmann <king-jan1999@hotmail.de>2018-06-25 14:44:29 +0000
committerRémy Coutable <remy@rymai.me>2018-06-25 14:44:29 +0000
commit1345968ea6bda903670959b248175a0f42a0b3a0 (patch)
tree674856cbed9b20a8355874158e3fb744ca976a3d
parent7da7af3a22058a6fb4e22cbf2b659e910cc92d54 (diff)
downloadgitlab-ce-1345968ea6bda903670959b248175a0f42a0b3a0.tar.gz
Resolve "WebHookService doesn't handle user info with nil passwords"
Diffstat
-rw-r--r--app/services/web_hook_service.rb2
-rw-r--r--changelogs/unreleased/46571-webhooks-nil-password.yml5
-rw-r--r--spec/services/web_hook_service_spec.rb30
3 files changed, 36 insertions, 1 deletions
diff --git a/app/services/web_hook_service.rb b/app/services/web_hook_service.rb
index 7ec52b6ce2b..8a86e47f0ea 100644
--- a/app/services/web_hook_service.rb
+++ b/app/services/web_hook_service.rb
@@ -82,7 +82,7 @@ class WebHookService
post_url = hook.url.gsub("#{parsed_url.userinfo}@", '')
basic_auth = {
username: CGI.unescape(parsed_url.user),
- password: CGI.unescape(parsed_url.password)
+ password: CGI.unescape(parsed_url.password.presence || '')
}
make_request(post_url, basic_auth)
end
diff --git a/changelogs/unreleased/46571-webhooks-nil-password.yml b/changelogs/unreleased/46571-webhooks-nil-password.yml
new file mode 100644
index 00000000000..34c5f09478f
--- /dev/null
+++ b/changelogs/unreleased/46571-webhooks-nil-password.yml
@@ -0,0 +1,5 @@
+---
+title: Fix webhook error when password is not present
+merge_request: 19945
+author: Jan Beckmann
+type: fixed
diff --git a/spec/services/web_hook_service_spec.rb b/spec/services/web_hook_service_spec.rb
index 7995f2c9ae7..622e56e1da5 100644
--- a/spec/services/web_hook_service_spec.rb
+++ b/spec/services/web_hook_service_spec.rb
@@ -60,6 +60,36 @@ describe WebHookService do
).once
end
+ context 'when auth credentials are present' do
+ let(:url) {'https://example.org'}
+ let(:project_hook) { create(:project_hook, url: 'https://demo:demo@example.org/') }
+
+ it 'uses the credentials' do
+ WebMock.stub_request(:post, url)
+
+ service_instance.execute
+
+ expect(WebMock).to have_requested(:post, url).with(
+ headers: headers.merge('Authorization' => 'Basic ZGVtbzpkZW1v')
+ ).once
+ end
+ end
+
+ context 'when auth credentials are partial present' do
+ let(:url) {'https://example.org'}
+ let(:project_hook) { create(:project_hook, url: 'https://demo@example.org/') }
+
+ it 'uses the credentials anyways' do
+ WebMock.stub_request(:post, url)
+
+ service_instance.execute
+
+ expect(WebMock).to have_requested(:post, url).with(
+ headers: headers.merge('Authorization' => 'Basic ZGVtbzo=')
+ ).once
+ end
+ end
+
it 'catches exceptions' do
WebMock.stub_request(:post, project_hook.url).to_raise(StandardError.new('Some error'))
View Lorry Controller Status