diff options
author | Rémy Coutable <remy@rymai.me> | 2019-08-05 08:55:16 +0000 |
---|---|---|
committer | Rémy Coutable <remy@rymai.me> | 2019-08-05 08:55:16 +0000 |
commit | f74387d2982845b0fb5219ccf3fd128d75400472 (patch) | |
tree | 3cfbc60f1a62a1d308f1d1c98ad4a969721b873b /app/models | |
parent | e6a05e5a63b3b336179a4ed67df76ba7ad08fadb (diff) | |
parent | 260225eb5753a18e9e33ec2bb9c1bfc76d613448 (diff) | |
download | gitlab-ce-f74387d2982845b0fb5219ccf3fd128d75400472.tar.gz |
Merge branch 'georgekoltsov/55474-outbound-setting-system-hooks' into 'master'
Add outbound setting for system hooks
See merge request gitlab-org/gitlab-ce!31177
Diffstat (limited to 'app/models')
-rw-r--r-- | app/models/application_setting_implementation.rb | 3 | ||||
-rw-r--r-- | app/models/hooks/system_hook.rb | 4 | ||||
-rw-r--r-- | app/models/hooks/web_hook.rb | 6 |
3 files changed, 8 insertions, 5 deletions
diff --git a/app/models/application_setting_implementation.rb b/app/models/application_setting_implementation.rb index 4bb09bf3b53..b7a4d7aa803 100644 --- a/app/models/application_setting_implementation.rb +++ b/app/models/application_setting_implementation.rb @@ -21,7 +21,8 @@ module ApplicationSettingImplementation { after_sign_up_text: nil, akismet_enabled: false, - allow_local_requests_from_hooks_and_services: false, + allow_local_requests_from_web_hooks_and_services: false, + allow_local_requests_from_system_hooks: true, dns_rebinding_protection_enabled: true, authorized_keys_enabled: true, # TODO default to false if the instance is configured to use AuthorizedKeysCommand container_registry_token_expire_delay: 5, diff --git a/app/models/hooks/system_hook.rb b/app/models/hooks/system_hook.rb index 90b4588a325..3d54d17e787 100644 --- a/app/models/hooks/system_hook.rb +++ b/app/models/hooks/system_hook.rb @@ -14,8 +14,10 @@ class SystemHook < WebHook default_value_for :repository_update_events, true default_value_for :merge_requests_events, false + validates :url, system_hook_url: true + # Allow urls pointing localhost and the local network def allow_local_requests? - true + Gitlab::CurrentSettings.allow_local_requests_from_system_hooks? end end diff --git a/app/models/hooks/web_hook.rb b/app/models/hooks/web_hook.rb index daf7ff4b771..16fc7fdbd48 100644 --- a/app/models/hooks/web_hook.rb +++ b/app/models/hooks/web_hook.rb @@ -15,8 +15,8 @@ class WebHook < ApplicationRecord has_many :web_hook_logs, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent - validates :url, presence: true, public_url: { allow_localhost: lambda(&:allow_local_requests?), - allow_local_network: lambda(&:allow_local_requests?) } + validates :url, presence: true + validates :url, public_url: true, unless: ->(hook) { hook.is_a?(SystemHook) } validates :token, format: { without: /\n/ } validates :push_events_branch_filter, branch_filter: true @@ -35,6 +35,6 @@ class WebHook < ApplicationRecord # Allow urls pointing localhost and the local network def allow_local_requests? - false + Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services? end end |