diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-08-26 16:30:34 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-08-26 16:30:34 +0000 |
commit | 541e88571b34a58d4a1712c81456a4cf5e3897ac (patch) | |
tree | 561b5099c37124112d1031658cacdcefede68fb3 /config | |
parent | 99144ea64e34b9c9cf91586cba8f3538a5f9e3af (diff) | |
download | gitlab-ce-541e88571b34a58d4a1712c81456a4cf5e3897ac.tar.gz |
Add latest changes from gitlab-org/security/gitlab@15-3-stable-ee
Diffstat (limited to 'config')
-rw-r--r-- | config/initializers/sawyer_patch.rb | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/config/initializers/sawyer_patch.rb b/config/initializers/sawyer_patch.rb new file mode 100644 index 00000000000..08d249645cc --- /dev/null +++ b/config/initializers/sawyer_patch.rb @@ -0,0 +1,44 @@ +# frozen_string_literal: true +# +# This patch updates SawyerResource class to not allow Ruby methods to be overridden and accessed. +# Any attempt to access a Ruby method will result in an exception. +module SawyerClassPatch + def attr_accessor(*attrs) + attrs.each do |attribute| + class_eval do + # rubocop:disable Gitlab/ModuleWithInstanceVariables + if method_defined?(attribute) || method_defined?("#{attribute}=") || method_defined?("#{attribute}?") + define_method attribute do + raise Sawyer::Error, + "Sawyer method \"#{attribute}\" overlaps Ruby method. Convert to a hash to access the attribute." + end + + define_method "#{attribute}=" do |value| + raise Sawyer::Error, + "Sawyer method \"#{attribute}\" overlaps Ruby method. Convert to a hash to access the attribute." + end + + define_method "#{attribute}?" do + raise Sawyer::Error, + "Sawyer method \"#{attribute}\" overlaps Ruby method. Convert to a hash to access the attribute." + end + else + define_method attribute do + @attrs[attribute.to_sym] + end + + define_method "#{attribute}=" do |value| + @attrs[attribute.to_sym] = value + end + + define_method "#{attribute}?" do + !!@attrs[attribute.to_sym] + end + end + end + # rubocop:enable Gitlab/ModuleWithInstanceVariables + end + end +end + +Sawyer::Resource.singleton_class.prepend(SawyerClassPatch) |