Merge branch 'georgekoltsov/55474-outbound-setting-system-hooks' into 'master'

Add outbound setting for system hooks See merge request gitlab-org/gitlab-ce!31177
author: Rémy Coutable <remy@rymai.me> 2019-08-05 08:55:16 +0000
committer: Rémy Coutable <remy@rymai.me> 2019-08-05 08:55:16 +0000
commit: f74387d2982845b0fb5219ccf3fd128d75400472 (patch)
tree: 3cfbc60f1a62a1d308f1d1c98ad4a969721b873b /app/models
parent: e6a05e5a63b3b336179a4ed67df76ba7ad08fadb (diff)
parent: 260225eb5753a18e9e33ec2bb9c1bfc76d613448 (diff)
download: gitlab-ce-f74387d2982845b0fb5219ccf3fd128d75400472.tar.gz
3 files changed, 8 insertions, 5 deletions
diff --git a/app/models/application_setting_implementation.rb b/app/models/application_setting_implementation.rb
index 4bb09bf3b53..b7a4d7aa803 100644
--- a/app/models/application_setting_implementation.rb
+++ b/app/models/application_setting_implementation.rb
@@ -21,7 +21,8 @@ module ApplicationSettingImplementation
       {
         after_sign_up_text: nil,
         akismet_enabled: false,
-        allow_local_requests_from_hooks_and_services: false,
+        allow_local_requests_from_web_hooks_and_services: false,
+        allow_local_requests_from_system_hooks: true,
         dns_rebinding_protection_enabled: true,
         authorized_keys_enabled: true, # TODO default to false if the instance is configured to use AuthorizedKeysCommand
         container_registry_token_expire_delay: 5,
diff --git a/app/models/hooks/system_hook.rb b/app/models/hooks/system_hook.rb
index 90b4588a325..3d54d17e787 100644
--- a/app/models/hooks/system_hook.rb
+++ b/app/models/hooks/system_hook.rb
@@ -14,8 +14,10 @@ class SystemHook < WebHook
   default_value_for :repository_update_events, true
   default_value_for :merge_requests_events, false
 
+  validates :url, system_hook_url: true
+
   # Allow urls pointing localhost and the local network
   def allow_local_requests?
-    true
+    Gitlab::CurrentSettings.allow_local_requests_from_system_hooks?
   end
 end
diff --git a/app/models/hooks/web_hook.rb b/app/models/hooks/web_hook.rb
index daf7ff4b771..16fc7fdbd48 100644
--- a/app/models/hooks/web_hook.rb
+++ b/app/models/hooks/web_hook.rb
@@ -15,8 +15,8 @@ class WebHook < ApplicationRecord
 
   has_many :web_hook_logs, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
 
-  validates :url, presence: true, public_url: { allow_localhost: lambda(&:allow_local_requests?),
-                                                allow_local_network: lambda(&:allow_local_requests?) }
+  validates :url, presence: true
+  validates :url, public_url: true, unless: ->(hook) { hook.is_a?(SystemHook) }
 
   validates :token, format: { without: /\n/ }
   validates :push_events_branch_filter, branch_filter: true
@@ -35,6 +35,6 @@ class WebHook < ApplicationRecord
 
   # Allow urls pointing localhost and the local network
   def allow_local_requests?
-    false
+    Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services?
   end
 end
author	Rémy Coutable <remy@rymai.me>	2019-08-05 08:55:16 +0000
committer	Rémy Coutable <remy@rymai.me>	2019-08-05 08:55:16 +0000
commit	f74387d2982845b0fb5219ccf3fd128d75400472 (patch)
tree	3cfbc60f1a62a1d308f1d1c98ad4a969721b873b /app/models
parent	e6a05e5a63b3b336179a4ed67df76ba7ad08fadb (diff)
parent	260225eb5753a18e9e33ec2bb9c1bfc76d613448 (diff)
download	gitlab-ce-f74387d2982845b0fb5219ccf3fd128d75400472.tar.gz