Add latest changes from gitlab-org/security/gitlab@15-6-stable-ee

1 files changed, 13 insertions, 3 deletions

diff --git a/app/services/error_tracking/list_projects_service.rb b/app/services/error_tracking/list_projects_service.rb
index 625addaf915..4a47b09ae6d 100644
--- a/app/services/error_tracking/list_projects_service.rb
+++ b/app/services/error_tracking/list_projects_service.rb
@@ -2,6 +2,8 @@
 
 module ErrorTracking
   class ListProjectsService < ErrorTracking::BaseService
+    MASKED_TOKEN_REGEX = /\A\*+\z/.freeze
+
     private
 
     def perform
@@ -21,23 +23,31 @@ module ErrorTracking
     def project_error_tracking_setting
       @project_error_tracking_setting ||= begin
         (super || project.build_error_tracking_setting).tap do |setting|
+          url_changed = !setting.api_url&.start_with?(params[:api_host])
+
           setting.api_url = ErrorTracking::ProjectErrorTrackingSetting.build_api_url_from(
             api_host: params[:api_host],
             organization_slug: 'org',
             project_slug: 'proj'
           )
 
-          setting.token = token(setting)
+          setting.token = token(setting, url_changed)
           setting.enabled = true
         end
       end
     end
 
-    def token(setting)
+    def token(setting, url_changed)
+      return if url_changed && masked_token?
+
       # Use param token if not masked, otherwise use database token
-      return params[:token] unless /\A\*+\z/.match?(params[:token])
+      return params[:token] unless masked_token?
 
       setting.token
     end
+
+    def masked_token?
+      MASKED_TOKEN_REGEX.match?(params[:token])
+    end
   end
 end