diff options
-rw-r--r-- | .rubocop.yml | 8 | ||||
-rw-r--r-- | .rubocop_todo.yml | 6 | ||||
-rw-r--r-- | lib/gitlab/o_auth/user.rb | 9 | ||||
-rw-r--r-- | lib/gitlab/seeder.rb | 2 |
4 files changed, 9 insertions, 16 deletions
diff --git a/.rubocop.yml b/.rubocop.yml index 4515bc431f1..77c4d2c3ea1 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -630,10 +630,6 @@ Lint/EndInMethod: Lint/EnsureReturn: Enabled: true -# The use of eval represents a serious security risk. -Lint/Eval: - Enabled: true - # Catches floating-point literals too large or small for Ruby to represent. Lint/FloatOutOfRange: Enabled: true @@ -810,6 +806,10 @@ Performance/TimesMap: Security/JSONLoad: Enabled: true +# This cop checks for the use of *Kernel#eval*. +Security/Eval: + Enabled: true + # Rails ####################################################################### # Enables Rails cops. diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 5b7a35493f8..6cd4e606382 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,6 +1,6 @@ # This configuration was generated by # `rubocop --auto-gen-config --exclude-limit 0` -# on 2017-02-22 12:40:11 -0600 using RuboCop version 0.47.1. +# on 2017-02-22 13:02:35 -0600 using RuboCop version 0.47.1. # The point is for the user to remove these configuration records # one by one as the offenses are removed from the code base. # Note that changes in the inspected code, or installation of new @@ -105,10 +105,6 @@ Style/FormatString: Style/GuardClause: Enabled: false -# Offense count: 2 -Style/IdenticalConditionalBranches: - Enabled: false - # Offense count: 14 Style/IfInsideElse: Enabled: false diff --git a/lib/gitlab/o_auth/user.rb b/lib/gitlab/o_auth/user.rb index 96ed20af918..87af76cc122 100644 --- a/lib/gitlab/o_auth/user.rb +++ b/lib/gitlab/o_auth/user.rb @@ -29,12 +29,9 @@ module Gitlab def save(provider = 'OAuth') unauthorized_to_create unless gl_user - if needs_blocking? - gl_user.save! - gl_user.block - else - gl_user.save! - end + gl_user.save! + + gl_user.block if needs_blocking? log.info "(#{provider}) saving user #{auth_hash.email} from login with extern_uid => #{auth_hash.uid}" gl_user diff --git a/lib/gitlab/seeder.rb b/lib/gitlab/seeder.rb index 6fb0be493e8..b7f825e8284 100644 --- a/lib/gitlab/seeder.rb +++ b/lib/gitlab/seeder.rb @@ -18,7 +18,7 @@ def Notify.deliver_later self end eos - eval(code) # rubocop:disable Lint/Eval + eval(code) # rubocop:disable Security/Eval end end end |