diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-30 11:42:13 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-30 11:42:37 +0000 |
commit | 33e4d44c11427a31ada41e7a0757d35f03d62ce7 (patch) | |
tree | e098358958160304d5896eb4e145fe8728d1866f /app/models | |
parent | 814aa80c3a0af2b1eaa402116cff49dd14fda2dd (diff) | |
download | gitlab-ce-33e4d44c11427a31ada41e7a0757d35f03d62ce7.tar.gz |
Add latest changes from gitlab-org/security/gitlab@14-0-stable-ee
Diffstat (limited to 'app/models')
-rw-r--r-- | app/models/audit_event.rb | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/app/models/audit_event.rb b/app/models/audit_event.rb index aff7eef4622..11036b76fc1 100644 --- a/app/models/audit_event.rb +++ b/app/models/audit_event.rb @@ -32,6 +32,9 @@ class AuditEvent < ApplicationRecord scope :by_author_id, -> (author_id) { where(author_id: author_id) } after_initialize :initialize_details + + before_validation :sanitize_message + # Note: The intention is to remove this once refactoring of AuditEvent # has proceeded further. # @@ -83,6 +86,14 @@ class AuditEvent < ApplicationRecord private + def sanitize_message + message = details[:custom_message] + + return unless message + + self.details = details.merge(custom_message: Sanitize.clean(message)) + end + def default_author_value ::Gitlab::Audit::NullAuthor.for(author_id, (self[:author_name] || details[:author_name])) end |