diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-07-30 13:26:54 +0300 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-07-30 13:26:54 +0300 |
| commit | ecabefba1906526bf4038fa8c642688f93dbeb3e (patch) | |
| tree | ad7d843120ab5b140a1d0f9866f36d2538cc2fba /app/models/label.rb | |
| parent | 4c6859a2dee6da420f33c3b7f9946f3642eb85f7 (diff) | |
| download | gitlab-ce-ecabefba1906526bf4038fa8c642688f93dbeb3e.tar.gz | |
More strict validation for label title
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Diffstat (limited to 'app/models/label.rb')
| -rw-r--r-- | app/models/label.rb | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/app/models/label.rb b/app/models/label.rb index 31f68c31e5c..ea1daa6a204 100644 --- a/app/models/label.rb +++ b/app/models/label.rb @@ -2,9 +2,11 @@ class Label < ActiveRecord::Base belongs_to :project has_many :label_links, dependent: :destroy - validates :color, format: { with: /\A\#[0-9A-Fa-f]{3}{1,2}+\Z/ }, allow_blank: true + validates :color, format: { with: /\A\#[0-9A-Fa-f]{6}+\Z/ }, allow_blank: true validates :project, presence: true - validates :title, presence: true + + # Dont allow '?', '&', and ',' for label titles + validates :title, presence: true, format: { with: /\A[^&\?,&]*\z/ } def name title |