diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-11-19 06:06:07 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-11-19 06:06:07 +0000 |
| commit | 3209c1a49c14cab93eb347bfca59bace30879440 (patch) | |
| tree | c9f931b477fefc1e5056380eb3370c689c2fa732 /app/models | |
| parent | 7f3bff1556594dcdc1beca40d083ba7263965e21 (diff) | |
| download | gitlab-ce-3209c1a49c14cab93eb347bfca59bace30879440.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/models')
| -rw-r--r-- | app/models/project_snippet.rb | 1 | ||||
| -rw-r--r-- | app/models/snippet.rb | 29 |
2 files changed, 23 insertions, 7 deletions
diff --git a/app/models/project_snippet.rb b/app/models/project_snippet.rb index e732c1bd86f..ffb08e10f1f 100644 --- a/app/models/project_snippet.rb +++ b/app/models/project_snippet.rb @@ -4,4 +4,5 @@ class ProjectSnippet < Snippet belongs_to :project validates :project, presence: true + validates :secret, inclusion: { in: [false] } end diff --git a/app/models/snippet.rb b/app/models/snippet.rb index 4010a3e2167..51ab94e6f4a 100644 --- a/app/models/snippet.rb +++ b/app/models/snippet.rb @@ -51,8 +51,8 @@ class Snippet < ApplicationRecord # Scopes scope :are_internal, -> { where(visibility_level: Snippet::INTERNAL) } scope :are_private, -> { where(visibility_level: Snippet::PRIVATE) } - scope :are_public, -> { where(visibility_level: Snippet::PUBLIC) } - scope :public_and_internal, -> { where(visibility_level: [Snippet::PUBLIC, Snippet::INTERNAL]) } + scope :are_public, -> { public_only } + scope :are_secret, -> { public_only.where(secret: true) } scope :fresh, -> { order("created_at DESC") } scope :inc_author, -> { includes(:author) } scope :inc_relations_for_view, -> { includes(author: :status) } @@ -63,6 +63,11 @@ class Snippet < ApplicationRecord attr_spammable :title, spam_title: true attr_spammable :content, spam_description: true + attr_encrypted :secret_token, + key: Settings.attr_encrypted_db_key_base_truncated, + mode: :per_attribute_iv, + algorithm: 'aes-256-cbc' + def self.with_optional_visibility(value = nil) if value where(visibility_level: value) @@ -112,11 +117,8 @@ class Snippet < ApplicationRecord end def self.visible_to_or_authored_by(user) - where( - 'snippets.visibility_level IN (?) OR snippets.author_id = ?', - Gitlab::VisibilityLevel.levels_for_user(user), - user.id - ) + query = where(visibility_level: Gitlab::VisibilityLevel.levels_for_user(user)) + query.or(where(author_id: user.id)) end def self.reference_prefix @@ -222,6 +224,19 @@ class Snippet < ApplicationRecord model_name.singular end + def valid_secret_token?(token) + return false unless token && secret_token + + ActiveSupport::SecurityUtils.secure_compare(token.to_s, secret_token.to_s) + end + + def as_json(options = {}) + options[:except] = Array.wrap(options[:except]) + options[:except] << :secret_token + + super + end + class << self # Searches for snippets with a matching title or file name. # |