Add latest changes from gitlab-org/gitlab@15-11-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-05-05 01:22:57 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-05-05 01:22:57 +0000
commit: 7fa016711e540f9b6dda45aa1f47867737c52940 (patch)
tree: 545fa4ba39a17df75301c6c90d7aef1e77cba98d /db/migrate/20211215182006_update_application_settings_protected_paths.rb
parent: ee3c8d00bd8c17201da0b116a9b3b276804b855f (diff)
download: gitlab-ce-7fa016711e540f9b6dda45aa1f47867737c52940.tar.gz
1 files changed, 58 insertions, 0 deletions
diff --git a/db/migrate/20211215182006_update_application_settings_protected_paths.rb b/db/migrate/20211215182006_update_application_settings_protected_paths.rb
new file mode 100644
index 00000000000..f1c1dde55e0
--- /dev/null
+++ b/db/migrate/20211215182006_update_application_settings_protected_paths.rb
@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+class UpdateApplicationSettingsProtectedPaths < Gitlab::Database::Migration[1.0]
+  REMOVE_PROTECTED_PATHS = [
+    '/oauth/authorize',
+    '/oauth/token'
+  ].freeze
+
+  NEW_DEFAULT_PROTECTED_PATHS = [
+    '/users/password',
+    '/users/sign_in',
+    '/api/v3/session.json',
+    '/api/v3/session',
+    '/api/v4/session.json',
+    '/api/v4/session',
+    '/users',
+    '/users/confirmation',
+    '/unsubscribes/',
+    '/import/github/personal_access_token',
+    '/admin/session'
+  ].freeze
+
+  OLD_DEFAULT_PROTECTED_PATHS = (NEW_DEFAULT_PROTECTED_PATHS + REMOVE_PROTECTED_PATHS).freeze
+
+  class ApplicationSetting < ActiveRecord::Base
+    self.table_name = 'application_settings'
+  end
+
+  def up
+    change_column_default(:application_settings, :protected_paths, NEW_DEFAULT_PROTECTED_PATHS)
+
+    ApplicationSetting.reset_column_information
+
+    ApplicationSetting.where.not(protected_paths: nil).each do |application_setting|
+      paths_to_remove = application_setting.protected_paths & REMOVE_PROTECTED_PATHS
+
+      next if paths_to_remove.empty?
+
+      updated_protected_paths = application_setting.protected_paths - paths_to_remove
+      application_setting.update!(protected_paths: updated_protected_paths)
+    end
+  end
+
+  def down
+    change_column_default(:application_settings, :protected_paths, OLD_DEFAULT_PROTECTED_PATHS)
+
+    ApplicationSetting.reset_column_information
+
+    ApplicationSetting.where.not(protected_paths: nil).each do |application_setting|
+      paths_to_add = REMOVE_PROTECTED_PATHS - application_setting.protected_paths
+
+      next if paths_to_add.empty?
+
+      updated_protected_paths = application_setting.protected_paths + paths_to_add
+      application_setting.update!(protected_paths: updated_protected_paths)
+    end
+  end
+end
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-05-05 01:22:57 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-05-05 01:22:57 +0000
commit	7fa016711e540f9b6dda45aa1f47867737c52940 (patch)
tree	545fa4ba39a17df75301c6c90d7aef1e77cba98d /db/migrate/20211215182006_update_application_settings_protected_paths.rb
parent	ee3c8d00bd8c17201da0b116a9b3b276804b855f (diff)
download	gitlab-ce-7fa016711e540f9b6dda45aa1f47867737c52940.tar.gz