Add HTTPS-only pages

Closes #28857
author: Rob Watson <rob@mixlr.com> 2018-01-03 08:07:03 +0000
committer: Rob Watson <rob@mixlr.com> 2018-03-22 19:58:36 +0100
commit: 9d45951fcaeda4f01a2e4be2480d980a3e7cd37e (patch)
tree: 536b456729edad79ba718d987a39f235587d4dfb /app/models/project.rb
parent: 53d352aaf4ce7f0d2bcaf04cce5252b753ef7938 (diff)
download: gitlab-ce-9d45951fcaeda4f01a2e4be2480d980a3e7cd37e.tar.gz
1 files changed, 21 insertions, 0 deletions
diff --git a/app/models/project.rb b/app/models/project.rb
index 250680e2a2c..48a81ddb82e 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -267,6 +267,7 @@ class Project < ActiveRecord::Base
   validate :visibility_level_allowed_by_group
   validate :visibility_level_allowed_as_fork
   validate :check_wiki_path_conflict
+  validate :validate_pages_https_only, if: -> { changes.has_key?(:pages_https_only) }
   validates :repository_storage,
     presence: true,
     inclusion: { in: ->(_object) { Gitlab.config.repositories.storages.keys } }
@@ -737,6 +738,26 @@ class Project < ActiveRecord::Base
     end
   end
 
+  def pages_https_only
+    return false unless Gitlab.config.pages.external_https
+
+    super
+  end
+
+  def pages_https_only?
+    return false unless Gitlab.config.pages.external_https
+
+    super
+  end
+
+  def validate_pages_https_only
+    return unless pages_https_only?
+
+    unless pages_domains.all?(&:https?)
+      errors.add(:pages_https_only, "cannot be enabled unless all domains have TLS certificates")
+    end
+  end
+
   def to_param
     if persisted? && errors.include?(:path)
       path_was
author	Rob Watson <rob@mixlr.com>	2018-01-03 08:07:03 +0000
committer	Rob Watson <rob@mixlr.com>	2018-03-22 19:58:36 +0100
commit	9d45951fcaeda4f01a2e4be2480d980a3e7cd37e (patch)
tree	536b456729edad79ba718d987a39f235587d4dfb /app/models/project.rb
parent	53d352aaf4ce7f0d2bcaf04cce5252b753ef7938 (diff)
download	gitlab-ce-9d45951fcaeda4f01a2e4be2480d980a3e7cd37e.tar.gz