diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-02 21:29:18 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-02 21:29:18 +0000 |
commit | c5b336fefba94e02a170abcd627c6dd3d3d4955b (patch) | |
tree | 577fef09aedc0279a55fc593b67f43eb37e64112 | |
parent | 0af96615b6330dcbccc85ecf67eb7578646ed75a (diff) | |
download | gitlab-ce-c5b336fefba94e02a170abcd627c6dd3d3d4955b.tar.gz |
Add latest changes from gitlab-org/security/gitlab@14-0-stable-ee
-rw-r--r-- | Gemfile.lock | 2 | ||||
-rw-r--r-- | app/services/issues/base_service.rb | 3 | ||||
-rw-r--r-- | config/initializers/omniauth.rb | 4 | ||||
-rw-r--r-- | lib/gitlab/omniauth_logging/json_formatter.rb | 13 | ||||
-rw-r--r-- | spec/lib/gitlab/omniauth_logging/json_formatter_spec.rb | 12 | ||||
-rw-r--r-- | spec/services/issues/create_service_spec.rb | 21 | ||||
-rw-r--r-- | spec/services/issues/update_service_spec.rb | 25 |
7 files changed, 51 insertions, 29 deletions
diff --git a/Gemfile.lock b/Gemfile.lock index 0555f933922..a1ff3ddc00f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -809,7 +809,7 @@ GEM nenv (~> 0.1) shellany (~> 0.0) numerizer (0.2.0) - oauth (0.5.4) + oauth (0.5.6) oauth2 (1.4.4) faraday (>= 0.8, < 2.0) jwt (>= 1.0, < 3.0) diff --git a/app/services/issues/base_service.rb b/app/services/issues/base_service.rb index 1c50bb74176..c772f72fc0e 100644 --- a/app/services/issues/base_service.rb +++ b/app/services/issues/base_service.rb @@ -48,6 +48,9 @@ module Issues params.delete(:created_at) unless moved_issue || current_user.can?(:set_issue_created_at, project) params.delete(:updated_at) unless moved_issue || current_user.can?(:set_issue_updated_at, project) + # Only users with permission to handle error data can add it to issues + params.delete(:sentry_issue_attributes) unless current_user.can?(:update_sentry_issue, project) + issue.system_note_timestamp = params[:created_at] || params[:updated_at] end diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb index 85984772d05..478a5828809 100644 --- a/config/initializers/omniauth.rb +++ b/config/initializers/omniauth.rb @@ -19,6 +19,4 @@ OmniAuth.config.before_request_phase do |env| Gitlab::RequestForgeryProtection.call(env) end -# Use json formatter -OmniAuth.config.logger.formatter = Gitlab::OmniauthLogging::JSONFormatter.new -OmniAuth.config.logger.level = Logger::ERROR if Rails.env.production? +OmniAuth.config.logger = Gitlab::AppLogger diff --git a/lib/gitlab/omniauth_logging/json_formatter.rb b/lib/gitlab/omniauth_logging/json_formatter.rb deleted file mode 100644 index cdd4da31803..00000000000 --- a/lib/gitlab/omniauth_logging/json_formatter.rb +++ /dev/null @@ -1,13 +0,0 @@ -# frozen_string_literal: true - -require 'json' - -module Gitlab - module OmniauthLogging - class JSONFormatter - def call(severity, datetime, progname, msg) - { severity: severity, timestamp: datetime.utc.iso8601(3), pid: $$, progname: progname, message: msg }.to_json << "\n" - end - end - end -end diff --git a/spec/lib/gitlab/omniauth_logging/json_formatter_spec.rb b/spec/lib/gitlab/omniauth_logging/json_formatter_spec.rb deleted file mode 100644 index f65b247d5d7..00000000000 --- a/spec/lib/gitlab/omniauth_logging/json_formatter_spec.rb +++ /dev/null @@ -1,12 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -RSpec.describe Gitlab::OmniauthLogging::JSONFormatter do - it "generates log in json format" do - Timecop.freeze(Time.utc(2019, 12, 04, 9, 10, 11, 123456)) do - expect(subject.call(:info, Time.now, 'omniauth', 'log message')) - .to eq %Q({"severity":"info","timestamp":"2019-12-04T09:10:11.123Z","pid":#{Process.pid},"progname":"omniauth","message":"log message"}\n) - end - end -end diff --git a/spec/services/issues/create_service_spec.rb b/spec/services/issues/create_service_spec.rb index 94810d6134a..225f3ccc3e8 100644 --- a/spec/services/issues/create_service_spec.rb +++ b/spec/services/issues/create_service_spec.rb @@ -220,6 +220,27 @@ RSpec.describe Issues::CreateService do end end + context 'when sentry identifier is given' do + before do + sentry_attributes = { sentry_issue_attributes: { sentry_issue_identifier: 42 } } + opts.merge!(sentry_attributes) + end + + it 'does not assign the sentry error' do + expect(issue.sentry_issue).to eq(nil) + end + + context 'user is reporter or above' do + before do + project.add_reporter(user) + end + + it 'assigns the sentry error' do + expect(issue.sentry_issue).to be_kind_of(SentryIssue) + end + end + end + it 'executes issue hooks when issue is not confidential' do opts = { title: 'Title', description: 'Description', confidential: false } diff --git a/spec/services/issues/update_service_spec.rb b/spec/services/issues/update_service_spec.rb index b95d94e3784..ae8ef7f85fc 100644 --- a/spec/services/issues/update_service_spec.rb +++ b/spec/services/issues/update_service_spec.rb @@ -82,6 +82,31 @@ RSpec.describe Issues::UpdateService, :mailer do expect(issue.milestone).to eq milestone end + context 'when sentry identifier is given' do + before do + sentry_attributes = { sentry_issue_attributes: { sentry_issue_identifier: 42 } } + opts.merge!(sentry_attributes) + end + + it 'assigns the sentry error' do + update_issue(opts) + + expect(issue.sentry_issue).to be_kind_of(SentryIssue) + end + + context 'user is a guest' do + before do + project.add_guest(user) + end + + it 'does not assign the sentry error' do + update_issue(opts) + + expect(issue.sentry_issue).to eq(nil) + end + end + end + context 'when issue type is not incident' do it 'returns default severity' do update_issue(opts) |