diff options
Diffstat (limited to 'app/validators')
-rw-r--r-- | app/validators/namespace_validator.rb | 22 | ||||
-rw-r--r-- | app/validators/project_path_validator.rb | 36 |
2 files changed, 51 insertions, 7 deletions
diff --git a/app/validators/namespace_validator.rb b/app/validators/namespace_validator.rb index 2821ecf0a88..eb3ed31b65b 100644 --- a/app/validators/namespace_validator.rb +++ b/app/validators/namespace_validator.rb @@ -35,8 +35,22 @@ class NamespaceValidator < ActiveModel::EachValidator users ].freeze + def self.valid?(value) + !reserved?(value) && follow_format?(value) + end + + def self.reserved?(value) + RESERVED.include?(value) + end + + def self.follow_format?(value) + value =~ Gitlab::Regex.namespace_regex + end + + delegate :reserved?, :follow_format?, to: :class + def validate_each(record, attribute, value) - unless value =~ Gitlab::Regex.namespace_regex + unless follow_format?(value) record.errors.add(attribute, Gitlab::Regex.namespace_regex_message) end @@ -44,10 +58,4 @@ class NamespaceValidator < ActiveModel::EachValidator record.errors.add(attribute, "#{value} is a reserved name") end end - - private - - def reserved?(value) - RESERVED.include?(value) - end end diff --git a/app/validators/project_path_validator.rb b/app/validators/project_path_validator.rb new file mode 100644 index 00000000000..927c67b65b0 --- /dev/null +++ b/app/validators/project_path_validator.rb @@ -0,0 +1,36 @@ +# ProjectPathValidator +# +# Custom validator for GitLab project path values. +# +# Values are checked for formatting and exclusion from a list of reserved path +# names. +class ProjectPathValidator < ActiveModel::EachValidator + # All project routes with wildcard argument must be listed here. + # Otherwise it can lead to routing issues when route considered as project name. + # + # Example: + # /group/project/tree/deploy_keys + # + # without tree as reserved name routing can match 'group/project' as group name, + # 'tree' as project name and 'deploy_keys' as route. + # + RESERVED = (NamespaceValidator::RESERVED + + %w[tree commits wikis new edit create update logs_tree + preview blob blame raw files create_dir find_file]).freeze + + def self.valid?(value) + !reserved?(value) + end + + def self.reserved?(value) + RESERVED.include?(value) + end + + delegate :reserved?, to: :class + + def validate_each(record, attribute, value) + if reserved?(value) + record.errors.add(attribute, "#{value} is a reserved name") + end + end +end |