diff options
author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-11-26 12:01:17 +0000 |
---|---|---|
committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-11-26 12:01:17 +0000 |
commit | 677e38f74023ede729736dbbd4be5d414b5491af (patch) | |
tree | 667ebe12c5da452aba461a9b29fae9e8847414cd /app | |
parent | ad018a60d9a3022c61b5a0a541c8798d1e015785 (diff) | |
parent | 9d8ed5a993c427544c0143b89f0dc81d49ae25ee (diff) | |
download | gitlab-ce-677e38f74023ede729736dbbd4be5d414b5491af.tar.gz |
Merge branch 'security-dns-rebind-ssrf-in-slack-notifications-12-3-ce' into '12-3-stable'
Use Gitlab::HTTP for all chat notifications
See merge request gitlab/gitlabhq!3515
Diffstat (limited to 'app')
-rw-r--r-- | app/models/project_services/chat_notification_service.rb | 7 | ||||
-rw-r--r-- | app/models/project_services/mattermost_service.rb | 2 | ||||
-rw-r--r-- | app/models/project_services/slack_service.rb | 24 |
3 files changed, 28 insertions, 5 deletions
diff --git a/app/models/project_services/chat_notification_service.rb b/app/models/project_services/chat_notification_service.rb index ecea1a5b630..b84a79453c1 100644 --- a/app/models/project_services/chat_notification_service.rb +++ b/app/models/project_services/chat_notification_service.rb @@ -113,12 +113,9 @@ class ChatNotificationService < Service private + # every notifier must implement this independently def notify(message, opts) - Slack::Notifier.new(webhook, opts).ping( - message.pretext, - attachments: message.attachments, - fallback: message.fallback - ) + raise NotImplementedError end def custom_data(data) diff --git a/app/models/project_services/mattermost_service.rb b/app/models/project_services/mattermost_service.rb index b8bc83b870e..c1055db78e5 100644 --- a/app/models/project_services/mattermost_service.rb +++ b/app/models/project_services/mattermost_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class MattermostService < ChatNotificationService + include ::SlackService::Notifier + def title 'Mattermost notifications' end diff --git a/app/models/project_services/slack_service.rb b/app/models/project_services/slack_service.rb index 482808255f9..7290964f442 100644 --- a/app/models/project_services/slack_service.rb +++ b/app/models/project_services/slack_service.rb @@ -30,4 +30,28 @@ class SlackService < ChatNotificationService def webhook_placeholder 'https://hooks.slack.com/services/…' end + + module Notifier + private + + def notify(message, opts) + # See https://github.com/stevenosloan/slack-notifier#custom-http-client + notifier = Slack::Notifier.new(webhook, opts.merge(http_client: HTTPClient)) + + notifier.ping( + message.pretext, + attachments: message.attachments, + fallback: message.fallback + ) + end + + class HTTPClient + def self.post(uri, params = {}) + params.delete(:http_options) # these are internal to the client and we do not want them + Gitlab::HTTP.post(uri, body: params) + end + end + end + + include Notifier end |