diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-09-28 22:05:38 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-09-28 22:05:52 +0000 |
commit | 971a9e4f0237edf1c38da536318fabd808eee367 (patch) | |
tree | cdf10ce4e0a8438cbe23e4e4ec6a3d4c9c788109 | |
parent | 0510888324c34f587db7fcbade95c536fd9065ae (diff) | |
download | gitlab-ce-971a9e4f0237edf1c38da536318fabd808eee367.tar.gz |
Add latest changes from gitlab-org/security/gitlab@15-2-stable-ee
-rw-r--r-- | app/models/user.rb | 4 | ||||
-rw-r--r-- | lib/gitlab/hook_data/group_member_builder.rb | 2 | ||||
-rw-r--r-- | spec/lib/gitlab/hook_data/group_member_builder_spec.rb | 2 | ||||
-rw-r--r-- | spec/models/user_spec.rb | 19 |
4 files changed, 25 insertions, 2 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 188b27383f9..f643c01d77a 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -2160,6 +2160,10 @@ class User < ApplicationRecord Feature.enabled?(:mr_attention_requests, self) end + def webhook_email + public_email.presence || _('[REDACTED]') + end + protected # override, from Devise::Validatable diff --git a/lib/gitlab/hook_data/group_member_builder.rb b/lib/gitlab/hook_data/group_member_builder.rb index 2998550a4b5..d70885018e9 100644 --- a/lib/gitlab/hook_data/group_member_builder.rb +++ b/lib/gitlab/hook_data/group_member_builder.rb @@ -39,7 +39,7 @@ module Gitlab group_id: group_member.group.id, user_username: group_member.user.username, user_name: group_member.user.name, - user_email: group_member.user.email, + user_email: group_member.user.webhook_email, user_id: group_member.user.id, group_access: group_member.human_access, expires_at: group_member.expires_at&.xmlschema diff --git a/spec/lib/gitlab/hook_data/group_member_builder_spec.rb b/spec/lib/gitlab/hook_data/group_member_builder_spec.rb index 78c62fd23c7..4d8ef96bcd7 100644 --- a/spec/lib/gitlab/hook_data/group_member_builder_spec.rb +++ b/spec/lib/gitlab/hook_data/group_member_builder_spec.rb @@ -26,7 +26,7 @@ RSpec.describe Gitlab::HookData::GroupMemberBuilder do expect(data[:group_id]).to eq(group.id) expect(data[:user_username]).to eq(group_member.user.username) expect(data[:user_name]).to eq(group_member.user.name) - expect(data[:user_email]).to eq(group_member.user.email) + expect(data[:user_email]).to eq(group_member.user.webhook_email) expect(data[:user_id]).to eq(group_member.user.id) expect(data[:group_access]).to eq('Developer') expect(data[:created_at]).to eq(group_member.created_at&.xmlschema) diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index ae6ebdbc6fd..b1ca6911d4c 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -6772,6 +6772,25 @@ RSpec.describe User do end end + describe '#webhook_email' do + let(:user) { build(:user, public_email: nil) } + + context 'when public email is present' do + before do + user.public_email = "hello@hello.com" + end + it 'returns public email' do + expect(user.webhook_email).to eq(user.public_email) + end + end + + context 'when public email is nil' do + it 'returns [REDACTED]' do + expect(user.webhook_email).to eq(_('[REDACTED]')) + end + end + end + describe 'user credit card validation' do context 'when user is initialized' do let(:user) { build(:user) } |