diff options
author | Jan Beckmann <king-jan1999@hotmail.de> | 2018-06-25 14:44:29 +0000 |
---|---|---|
committer | Rémy Coutable <remy@rymai.me> | 2018-06-25 14:44:29 +0000 |
commit | 1345968ea6bda903670959b248175a0f42a0b3a0 (patch) | |
tree | 674856cbed9b20a8355874158e3fb744ca976a3d | |
parent | 7da7af3a22058a6fb4e22cbf2b659e910cc92d54 (diff) | |
download | gitlab-ce-1345968ea6bda903670959b248175a0f42a0b3a0.tar.gz |
Resolve "WebHookService doesn't handle user info with nil passwords"
-rw-r--r-- | app/services/web_hook_service.rb | 2 | ||||
-rw-r--r-- | changelogs/unreleased/46571-webhooks-nil-password.yml | 5 | ||||
-rw-r--r-- | spec/services/web_hook_service_spec.rb | 30 |
3 files changed, 36 insertions, 1 deletions
diff --git a/app/services/web_hook_service.rb b/app/services/web_hook_service.rb index 7ec52b6ce2b..8a86e47f0ea 100644 --- a/app/services/web_hook_service.rb +++ b/app/services/web_hook_service.rb @@ -82,7 +82,7 @@ class WebHookService post_url = hook.url.gsub("#{parsed_url.userinfo}@", '') basic_auth = { username: CGI.unescape(parsed_url.user), - password: CGI.unescape(parsed_url.password) + password: CGI.unescape(parsed_url.password.presence || '') } make_request(post_url, basic_auth) end diff --git a/changelogs/unreleased/46571-webhooks-nil-password.yml b/changelogs/unreleased/46571-webhooks-nil-password.yml new file mode 100644 index 00000000000..34c5f09478f --- /dev/null +++ b/changelogs/unreleased/46571-webhooks-nil-password.yml @@ -0,0 +1,5 @@ +--- +title: Fix webhook error when password is not present +merge_request: 19945 +author: Jan Beckmann +type: fixed diff --git a/spec/services/web_hook_service_spec.rb b/spec/services/web_hook_service_spec.rb index 7995f2c9ae7..622e56e1da5 100644 --- a/spec/services/web_hook_service_spec.rb +++ b/spec/services/web_hook_service_spec.rb @@ -60,6 +60,36 @@ describe WebHookService do ).once end + context 'when auth credentials are present' do + let(:url) {'https://example.org'} + let(:project_hook) { create(:project_hook, url: 'https://demo:demo@example.org/') } + + it 'uses the credentials' do + WebMock.stub_request(:post, url) + + service_instance.execute + + expect(WebMock).to have_requested(:post, url).with( + headers: headers.merge('Authorization' => 'Basic ZGVtbzpkZW1v') + ).once + end + end + + context 'when auth credentials are partial present' do + let(:url) {'https://example.org'} + let(:project_hook) { create(:project_hook, url: 'https://demo@example.org/') } + + it 'uses the credentials anyways' do + WebMock.stub_request(:post, url) + + service_instance.execute + + expect(WebMock).to have_requested(:post, url).with( + headers: headers.merge('Authorization' => 'Basic ZGVtbzo=') + ).once + end + end + it 'catches exceptions' do WebMock.stub_request(:post, project_hook.url).to_raise(StandardError.new('Some error')) |