summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorVladimir Shushlin <vshushlin@gitlab.com>2019-06-21 12:06:12 +0000
committerNick Thomas <nick@gitlab.com>2019-06-21 12:06:12 +0000
commit6119d5ad7518f547af216d3bdc3d1fcffcfc9c71 (patch)
treecc1a1e74efb5e44bd5c5d152da85b7fed4ff2107 /lib
parent176164d37423ffb39d293341799aff757f050d7c (diff)
downloadgitlab-ce-6119d5ad7518f547af216d3bdc3d1fcffcfc9c71.tar.gz
Don't show private keys for letsencrypt certs
Adds enum certificate_source to pages_domains table with default manually_uploaded Mark certificates as 'gitlab_provided' if the were obtained through Let's Encrypt Mark certificates as 'user_provided' if they were uploaded through controller or api Only show private key in domain edit form if it is 'user_provided' Only show LetsEncrypt option if is enabled by application settings (and feature flag) Refactor and fix some specs to match new logic Don't show Let's Encrypt certificates as well
Diffstat (limited to 'lib')
-rw-r--r--lib/api/pages_domains.rb15
1 files changed, 8 insertions, 7 deletions
diff --git a/lib/api/pages_domains.rb b/lib/api/pages_domains.rb
index 78442f465bd..4227a106a95 100644
--- a/lib/api/pages_domains.rb
+++ b/lib/api/pages_domains.rb
@@ -90,14 +90,15 @@ module API
end
params do
requires :domain, type: String, desc: 'The domain'
- optional :certificate, allow_blank: false, types: [File, String], desc: 'The certificate'
- optional :key, allow_blank: false, types: [File, String], desc: 'The key'
- all_or_none_of :certificate, :key
+ optional :certificate, allow_blank: false, types: [File, String], desc: 'The certificate', as: :user_provided_certificate
+ optional :key, allow_blank: false, types: [File, String], desc: 'The key', as: :user_provided_key
+ all_or_none_of :user_provided_certificate, :user_provided_key
end
post ":id/pages/domains" do
authorize! :update_pages, user_project
pages_domain_params = declared(params, include_parent_namespaces: false)
+
pages_domain = user_project.pages_domains.create(pages_domain_params)
if pages_domain.persisted?
@@ -110,8 +111,8 @@ module API
desc 'Updates a pages domain'
params do
requires :domain, type: String, desc: 'The domain'
- optional :certificate, allow_blank: false, types: [File, String], desc: 'The certificate'
- optional :key, allow_blank: false, types: [File, String], desc: 'The key'
+ optional :certificate, allow_blank: false, types: [File, String], desc: 'The certificate', as: :user_provided_certificate
+ optional :key, allow_blank: false, types: [File, String], desc: 'The key', as: :user_provided_key
end
put ":id/pages/domains/:domain", requirements: PAGES_DOMAINS_ENDPOINT_REQUIREMENTS do
authorize! :update_pages, user_project
@@ -119,8 +120,8 @@ module API
pages_domain_params = declared(params, include_parent_namespaces: false)
# Remove empty private key if certificate is not empty.
- if pages_domain_params[:certificate] && !pages_domain_params[:key]
- pages_domain_params.delete(:key)
+ if pages_domain_params[:user_provided_certificate] && !pages_domain_params[:user_provided_key]
+ pages_domain_params.delete(:user_provided_key)
end
if pages_domain.update(pages_domain_params)