diff options
author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2015-07-17 16:25:03 +0000 |
---|---|---|
committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2015-07-17 16:25:03 +0000 |
commit | c413a5507db2063fbb01e5a81e8c5c52889f7ffe (patch) | |
tree | 40ce3573d8728f6bc3c50711d4c7e8fd2782a512 /app | |
parent | 67fb9ef2668d4cb23cd39f43d2c128c89881f274 (diff) | |
parent | 77f325a49fd955f73197a6270c82d28053e2c19e (diff) | |
download | gitlab-ce-c413a5507db2063fbb01e5a81e8c5c52889f7ffe.tar.gz |
Merge branch 'validate_token_and_url_format_for_gitlab_ci' into 'master'
Validate format of project_url and token for GitLab CI service.
If `project_url` and `token` for are invalid, [service_hook creation](https://gitlab.com/gitlab-org/gitlab-ce/blob/7-13-stable/app/models/project_services/gitlab_ci_service.rb#L30-34) will silently fail due to validation of URL in `WebHook`.
Given that token is a sequence of numbers and letters for GitLab CI making sure that there are no unexpected characters should be enough to prevent service_hook being nil.
Fixes #1997
See merge request !987
Diffstat (limited to 'app')
-rw-r--r-- | app/models/project_services/gitlab_ci_service.rb | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/app/models/project_services/gitlab_ci_service.rb b/app/models/project_services/gitlab_ci_service.rb index c284e19fe50..5aaa4e85cbc 100644 --- a/app/models/project_services/gitlab_ci_service.rb +++ b/app/models/project_services/gitlab_ci_service.rb @@ -22,8 +22,12 @@ class GitlabCiService < CiService API_PREFIX = "api/v1" prop_accessor :project_url, :token - validates :project_url, presence: true, if: :activated? - validates :token, presence: true, if: :activated? + validates :project_url, + presence: true, + format: { with: /\A#{URI.regexp(%w(http https))}\z/, message: "should be a valid url" }, if: :activated? + validates :token, + presence: true, + format: { with: /\A([A-Za-z0-9]+)\z/ }, if: :activated? after_save :compose_service_hook, if: :activated? |