summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.rubocop.yml8
-rw-r--r--.rubocop_todo.yml6
-rw-r--r--lib/gitlab/o_auth/user.rb9
-rw-r--r--lib/gitlab/seeder.rb2
4 files changed, 9 insertions, 16 deletions
diff --git a/.rubocop.yml b/.rubocop.yml
index 4515bc431f1..77c4d2c3ea1 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -630,10 +630,6 @@ Lint/EndInMethod:
Lint/EnsureReturn:
Enabled: true
-# The use of eval represents a serious security risk.
-Lint/Eval:
- Enabled: true
-
# Catches floating-point literals too large or small for Ruby to represent.
Lint/FloatOutOfRange:
Enabled: true
@@ -810,6 +806,10 @@ Performance/TimesMap:
Security/JSONLoad:
Enabled: true
+# This cop checks for the use of *Kernel#eval*.
+Security/Eval:
+ Enabled: true
+
# Rails #######################################################################
# Enables Rails cops.
diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
index 5b7a35493f8..6cd4e606382 100644
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@@ -1,6 +1,6 @@
# This configuration was generated by
# `rubocop --auto-gen-config --exclude-limit 0`
-# on 2017-02-22 12:40:11 -0600 using RuboCop version 0.47.1.
+# on 2017-02-22 13:02:35 -0600 using RuboCop version 0.47.1.
# The point is for the user to remove these configuration records
# one by one as the offenses are removed from the code base.
# Note that changes in the inspected code, or installation of new
@@ -105,10 +105,6 @@ Style/FormatString:
Style/GuardClause:
Enabled: false
-# Offense count: 2
-Style/IdenticalConditionalBranches:
- Enabled: false
-
# Offense count: 14
Style/IfInsideElse:
Enabled: false
diff --git a/lib/gitlab/o_auth/user.rb b/lib/gitlab/o_auth/user.rb
index 96ed20af918..87af76cc122 100644
--- a/lib/gitlab/o_auth/user.rb
+++ b/lib/gitlab/o_auth/user.rb
@@ -29,12 +29,9 @@ module Gitlab
def save(provider = 'OAuth')
unauthorized_to_create unless gl_user
- if needs_blocking?
- gl_user.save!
- gl_user.block
- else
- gl_user.save!
- end
+ gl_user.save!
+
+ gl_user.block if needs_blocking?
log.info "(#{provider}) saving user #{auth_hash.email} from login with extern_uid => #{auth_hash.uid}"
gl_user
diff --git a/lib/gitlab/seeder.rb b/lib/gitlab/seeder.rb
index 6fb0be493e8..b7f825e8284 100644
--- a/lib/gitlab/seeder.rb
+++ b/lib/gitlab/seeder.rb
@@ -18,7 +18,7 @@ def Notify.deliver_later
self
end
eos
- eval(code) # rubocop:disable Lint/Eval
+ eval(code) # rubocop:disable Security/Eval
end
end
end