summaryrefslogtreecommitdiff
path: root/app/models
diff options
context:
space:
mode:
authorStan Hu <stan@gitlab.com>2018-01-06 06:18:13 +0000
committerStan Hu <stanhu@gmail.com>2018-01-16 17:04:38 -0800
commit0424801ec8854167d17c76b68e6ae8c5b5a6a52a (patch)
tree460bdd4d717df4dc8b08106d0f48a00cbf0ec4f1 /app/models
parent3228ac06a019c9126b965ff32e354d10011a4f76 (diff)
downloadgitlab-ce-0424801ec8854167d17c76b68e6ae8c5b5a6a52a.tar.gz
Merge branch 'security-10-3-do-not-expose-passwords-or-tokens-in-service-integrations-api' into 'security-10-3'
Filter out sensitive fields from the project services API See merge request gitlab/gitlabhq!2281 (cherry picked from commit 476f2576444632f2a9a61b4cead9c1077f2c81d7) 2bcbbda0 Filter out sensitive fields from the project services API
Diffstat (limited to 'app/models')
-rw-r--r--app/models/service.rb5
1 files changed, 5 insertions, 0 deletions
diff --git a/app/models/service.rb b/app/models/service.rb
index 7f260f7a96b..96a064697f0 100644
--- a/app/models/service.rb
+++ b/app/models/service.rb
@@ -118,6 +118,11 @@ class Service < ActiveRecord::Base
nil
end
+ def api_field_names
+ fields.map { |field| field[:name] }
+ .reject { |field_name| field_name =~ /(password|token|key)/ }
+ end
+
def global_fields
fields
end