diff options
author | Douwe Maan <douwe@gitlab.com> | 2016-08-15 19:55:02 +0000 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2016-08-16 12:26:22 -0500 |
commit | 4389f09e668c043c8a347c4c63f06795110dfbb3 (patch) | |
tree | 999dcea9a5e79a93ae09f826ee0e11ca6a528ea5 | |
parent | 1f6136b700d7421d47ca63d5694622e87a237757 (diff) | |
download | gitlab-ce-4389f09e668c043c8a347c4c63f06795110dfbb3.tar.gz |
Merge branch 'fix/export-att-inclusion' into 'master'
Fix attribute inclusion import/export config ignored in some cases
In the `import_export.yml` file we define the inclusion of some of the attributes. For some reason, this isn't working in certain cases - very unfortunate this includes `user`. This has been introduced in 8.10.3.
Related https://gitlab.com/gitlab-org/gitlab-ce/issues/20802
See merge request !1982
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | lib/gitlab/import_export/json_hash_builder.rb | 9 | ||||
-rw-r--r-- | spec/lib/gitlab/import_export/reader_spec.rb | 3 | ||||
-rw-r--r-- | spec/support/import_export/import_export.yml | 4 |
4 files changed, 10 insertions, 7 deletions
diff --git a/CHANGELOG b/CHANGELOG index c5c06b3e396..91d830c0169 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -2,6 +2,7 @@ Please view this file on the master branch, on stable branches it's out of date. v 8.10.6 - Upgrade Rails to 4.2.7.1 for security fixes. !5781 + - Fix privilege escalation via project export. v 8.10.5 - Add a data migration to fix some missing timestamps in the members table. !5670 diff --git a/lib/gitlab/import_export/json_hash_builder.rb b/lib/gitlab/import_export/json_hash_builder.rb index 008300bde45..0cc10f40087 100644 --- a/lib/gitlab/import_export/json_hash_builder.rb +++ b/lib/gitlab/import_export/json_hash_builder.rb @@ -57,19 +57,16 @@ module Gitlab # +value+ existing model to be included in the hash # +json_config_hash+ the original hash containing the root model def create_model_value(current_key, value, json_config_hash) - parsed_hash = { include: value } - parse_hash(value, parsed_hash) - - json_config_hash[current_key] = parsed_hash + json_config_hash[current_key] = parse_hash(value) || { include: value } end # Calls attributes finder to parse the hash and add any attributes to it # # +value+ existing model to be included in the hash # +parsed_hash+ the original hash - def parse_hash(value, parsed_hash) + def parse_hash(value) @attributes_finder.parse(value) do |hash| - parsed_hash = { include: hash_or_merge(value, hash) } + { include: hash_or_merge(value, hash) } end end diff --git a/spec/lib/gitlab/import_export/reader_spec.rb b/spec/lib/gitlab/import_export/reader_spec.rb index b76e14deca1..b6dec41d218 100644 --- a/spec/lib/gitlab/import_export/reader_spec.rb +++ b/spec/lib/gitlab/import_export/reader_spec.rb @@ -12,7 +12,8 @@ describe Gitlab::ImportExport::Reader, lib: true do except: [:iid], include: [:merge_request_diff, :merge_request_test] } }, - { commit_statuses: { include: :commit } }] + { commit_statuses: { include: :commit } }, + { project_members: { include: { user: { only: [:email] } } } }] } end diff --git a/spec/support/import_export/import_export.yml b/spec/support/import_export/import_export.yml index 3ceec506401..17136dee000 100644 --- a/spec/support/import_export/import_export.yml +++ b/spec/support/import_export/import_export.yml @@ -7,6 +7,8 @@ project_tree: - :merge_request_test - commit_statuses: - :commit + - project_members: + - :user included_attributes: project: @@ -14,6 +16,8 @@ included_attributes: - :path merge_requests: - :id + user: + - :email excluded_attributes: merge_requests: |