summaryrefslogtreecommitdiff
path: root/app/graphql/resolvers/blobs_resolver.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/graphql/resolvers/blobs_resolver.rb')
-rw-r--r--app/graphql/resolvers/blobs_resolver.rb9
1 files changed, 9 insertions, 0 deletions
diff --git a/app/graphql/resolvers/blobs_resolver.rb b/app/graphql/resolvers/blobs_resolver.rb
index d0eb2deaf48..0704a845bb0 100644
--- a/app/graphql/resolvers/blobs_resolver.rb
+++ b/app/graphql/resolvers/blobs_resolver.rb
@@ -30,8 +30,17 @@ module Resolvers
return [] if repository.empty?
ref ||= repository.root_ref
+ validate_ref(ref)
repository.blobs_at(paths.map { |path| [ref, path] })
end
+
+ private
+
+ def validate_ref(ref)
+ unless Gitlab::GitRefValidator.validate(ref)
+ raise Gitlab::Graphql::Errors::ArgumentError, 'Ref is not valid'
+ end
+ end
end
end
View Lorry Controller Status