validate disabled_oauth_sign_in_sources in ApplicationSe

2 files changed, 13 insertions, 0 deletions

diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb
index a48deccb029..d565dbc71d0 100644
--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -119,6 +119,16 @@ class ApplicationSetting < ActiveRecord::Base
     end
   end
 
+  validates_each :disabled_oauth_sign_in_sources do |record, attr, value|
+    unless value.nil?
+      value.each do |source|
+        unless Devise.omniauth_providers.include?(source.to_sym)
+          record.errors.add(attr, "'#{source}' is not an ouath sign-in source")
+        end
+      end
+    end
+  end
+
   before_save :ensure_runners_registration_token
 
   after_commit do
diff --git a/spec/models/application_setting_spec.rb b/spec/models/application_setting_spec.rb
index 1ce22feed5c..fb3ea491df7 100644
--- a/spec/models/application_setting_spec.rb
+++ b/spec/models/application_setting_spec.rb
@@ -20,6 +20,9 @@ describe ApplicationSetting, models: true do
     it { is_expected.to allow_value(https).for(:after_sign_out_path) }
     it { is_expected.not_to allow_value(ftp).for(:after_sign_out_path) }
 
+    it { is_expected.to allow_value([:github]).for(:disabled_oauth_sign_in_sources) }
+    it { is_expected.not_to allow_value([:test]).for(:disabled_oauth_sign_in_sources) }
+
     it { is_expected.to validate_presence_of(:max_attachment_size) }
 
     it do