diff options
| author | Vladimir Shushlin <vshushlin@gitlab.com> | 2019-06-21 12:06:12 +0000 |
|---|---|---|
| committer | Nick Thomas <nick@gitlab.com> | 2019-06-21 12:06:12 +0000 |
| commit | 6119d5ad7518f547af216d3bdc3d1fcffcfc9c71 (patch) | |
| tree | cc1a1e74efb5e44bd5c5d152da85b7fed4ff2107 /lib | |
| parent | 176164d37423ffb39d293341799aff757f050d7c (diff) | |
| download | gitlab-ce-6119d5ad7518f547af216d3bdc3d1fcffcfc9c71.tar.gz | |
Don't show private keys for letsencrypt certs
Adds enum certificate_source to pages_domains table
with default manually_uploaded
Mark certificates as 'gitlab_provided'
if the were obtained through Let's Encrypt
Mark certificates as 'user_provided' if they were uploaded through
controller or api
Only show private key in domain edit form if it is 'user_provided'
Only show LetsEncrypt option if is enabled by application settings
(and feature flag)
Refactor and fix some specs to match new logic
Don't show Let's Encrypt certificates as well
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/api/pages_domains.rb | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/lib/api/pages_domains.rb b/lib/api/pages_domains.rb index 78442f465bd..4227a106a95 100644 --- a/lib/api/pages_domains.rb +++ b/lib/api/pages_domains.rb @@ -90,14 +90,15 @@ module API end params do requires :domain, type: String, desc: 'The domain' - optional :certificate, allow_blank: false, types: [File, String], desc: 'The certificate' - optional :key, allow_blank: false, types: [File, String], desc: 'The key' - all_or_none_of :certificate, :key + optional :certificate, allow_blank: false, types: [File, String], desc: 'The certificate', as: :user_provided_certificate + optional :key, allow_blank: false, types: [File, String], desc: 'The key', as: :user_provided_key + all_or_none_of :user_provided_certificate, :user_provided_key end post ":id/pages/domains" do authorize! :update_pages, user_project pages_domain_params = declared(params, include_parent_namespaces: false) + pages_domain = user_project.pages_domains.create(pages_domain_params) if pages_domain.persisted? @@ -110,8 +111,8 @@ module API desc 'Updates a pages domain' params do requires :domain, type: String, desc: 'The domain' - optional :certificate, allow_blank: false, types: [File, String], desc: 'The certificate' - optional :key, allow_blank: false, types: [File, String], desc: 'The key' + optional :certificate, allow_blank: false, types: [File, String], desc: 'The certificate', as: :user_provided_certificate + optional :key, allow_blank: false, types: [File, String], desc: 'The key', as: :user_provided_key end put ":id/pages/domains/:domain", requirements: PAGES_DOMAINS_ENDPOINT_REQUIREMENTS do authorize! :update_pages, user_project @@ -119,8 +120,8 @@ module API pages_domain_params = declared(params, include_parent_namespaces: false) # Remove empty private key if certificate is not empty. - if pages_domain_params[:certificate] && !pages_domain_params[:key] - pages_domain_params.delete(:key) + if pages_domain_params[:user_provided_certificate] && !pages_domain_params[:user_provided_key] + pages_domain_params.delete(:user_provided_key) end if pages_domain.update(pages_domain_params) |