summaryrefslogtreecommitdiff
path: root/app/validators
Commit message (Collapse)AuthorAgeFilesLines
* Fix color validation regexHeinrich Lee Yu2019-06-251-1/+1
| | | | Also prevents ReDoS vulnerability
* Align UrlValidator to validate_url gem implementation.Thong Kuah2019-04-113-112/+123
| | | | | | | Renamed UrlValidator to AddressableUrlValidator to avoid 'url:' naming collision with ActiveModel::Validations::UrlValidator in 'validates' statement. Make use of the options attribute of the parent class ActiveModel::EachValidator. Add more options: allow_nil, allow_blank, message. Renamed 'protocols' option to 'schemes' to match the option naming from UrlValidator.
* Move Contribution Analytics related spec in ↵Imre Farkas2019-04-091-0/+86
| | | | spec/features/groups/group_page_with_external_authorization_service_spec to EE
* Revert "Merge branch 'if-57131-external_auth_to_ce' into 'master'"Andreas Brandl2019-04-051-86/+0
| | | This reverts merge request !26823
* Move Contribution Analytics related spec in ↵Imre Farkas2019-04-051-0/+86
| | | | spec/features/groups/group_page_with_external_authorization_service_spec to EE
* Renames Cluster#managed? to provided_by_user?Mayra Cabrera2019-03-291-5/+3
| | | | | | This will allow to user the term managed? on https://gitlab.com/gitlab-org/gitlab-ce/issues/56557. Managed? will be used to distinct clusters that are automatically managed by GitLab
* Fix Bitbucket importFrancisco Javier López2019-03-141-1/+1
| | | | | | | | | | | | In https://gitlab.com/gitlab-org/gitlab-ce/commit/ebf16ada856efb85424a98848c141f21e609886a we introduced a SHA validator, to ensure that the data provided in merge request diffs, was legit. Nevertheless, the validator assumed that the SHA should be 40 chars long. When we import a project from BitBucket, the retrieved SHA is shorter (12 chars long). Therefore, this validator prevented to create a valid MergeRequestDiff for ever MergeRequest (triggering an exception).
* Merge branch 'fix/email_validator' into 'master'Stan Hu2019-03-092-7/+36
|\ | | | | | | | | | | | | Align EmailValidator to validate_email gem implementation. Closes #57352 See merge request gitlab-org/gitlab-ce!24971
| * Align EmailValidator to validate_email gem implementation.Horatiu Eugen Vlad2019-03-052-7/+36
| | | | | | | | | | | | Renamed EmailValidator to DeviseEmailValidator to avoid 'email:' naming collision with ActiveModel::Validations::EmailValidator in 'validates' statement. Make use of the options attribute of the parent class ActiveModel::EachValidator. Add more options: regex.
* | Arbitrary file read via MergeRequestDiffFrancisco Javier López2019-03-041-0/+9
| |
* | Comment why we can't use Gitlab::CurrentSettingsThong Kuah2019-02-201-0/+6
| | | | | | | | See https://gitlab.com/gitlab-org/gitlab-ee/issues/9833
* | Revert "Merge branch 'use_gitlab_current_settings' into 'master'"Bob Van Landuyt2019-02-191-1/+1
| | | | | | This reverts merge request !25370
* | Use Gitlab::CurrentSettings in UrlValidatorThong Kuah2019-02-191-1/+1
|/ | | | | | Gitlab::CurrentSettings will create ApplicationSetting.current if not present which means we don't have to use `&.`. We can also more easily use stub_application_setting in specs
* Add table and model for error tracking settingsReuben Pereira2019-01-071-1/+3
|
* Merge branch 'ce-jej/group-saml-sso-button-link-description' into 'master'Clement Ho2018-12-081-0/+1
|\ | | | | | | | | [CE] Backport SAML unlink changes: UrlBlocker#ascii_only See merge request gitlab-org/gitlab-ce!23627
| * Allow URLs to be validated as ascii_onlyJames Edwards-Jones2018-12-061-0/+1
| | | | | | | | | | Restricts unicode characters and IDNA deviations which could be used in a phishing attack
* | Add custom validation message for chronic duration attributeGrzegorz Bizon2018-12-051-1/+5
|/
* Allow UrlValidator to work with attr_encryptedNick Thomas2018-09-171-3/+11
|
* Merge branch 'rubocop-code-reuse' into 'master'Robert Speicher2018-09-131-0/+2
|\ | | | | | | | | Add RuboCop cops to enforce code reusing rules See merge request gitlab-org/gitlab-ce!21391
| * Disable existing offenses for the CodeReuse copsYorick Peterse2018-09-111-0/+2
| | | | | | | | | | This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop.
* | Enable frozen string in vestigial filesgfyoung2018-09-112-0/+4
|/ | | | Partially addresses #47424.
* Merge branch 'filter-web-hooks-by-branch' into 'master'Dmitriy Zaporozhets2018-09-051-0/+35
|\ | | | | | | | | Filter web hooks by branch See merge request gitlab-org/gitlab-ce!19513
| * Refactor: move active hook filter to TriggerableHooksDuana Saskia2018-09-051-0/+1
| |
| * Filter project hooks by branchDuana Saskia2018-08-131-0/+34
| | | | | | | | | | | | Allow specificying a branch filter for a project hook and only trigger a project hook if either the branch filter is blank or the branch matches. Only supported for push_events for now.
* | Allow whitelisting for "external collaborator by default" settingRoger Rüttimann2018-08-301-0/+15
|/
* Enable frozen string in apps/validators/*.rbgfyoung2018-06-2719-2/+40
| | | | Partially addresses #47424.
* Avoid checking the user format in every url validationFrancisco Javier López2018-06-111-3/+11
|
* Add validation to webhook and service URLs to ensure they are not blocked ↵Francisco Javier López2018-06-015-95/+71
| | | | because of SSRF
* Rename allow_private_networks to allow_local_networkDouwe Maan2018-04-021-5/+3
|
* Raise more descriptive errors when URLs are blockedDouwe Maan2018-04-021-2/+4
|
* Adds validators and rack cookie helperJames Edwards-Jones2018-04-022-0/+16
| | | | | These changes are backported from EE, related to SAML settings in https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/4549
* Add HTTPS-only pagesRob Watson2018-03-221-2/+0
| | | | Closes #28857
* Merge branch 'fj-15329-services-callbacks-ssrf' into 'security-10-6'Douwe Maan2018-03-211-1/+1
| | | | | Server Side Request Forgery in Services and Web Hooks See merge request gitlab/gitlabhq!2337
* Projects and groups badges APIFrancisco Javier López2018-03-051-0/+32
|
* Skip variables duplicates validator if variable is already a duplicateMatija Čupić2018-02-221-0/+2
|
* Improve validation message and add changelogmc/fix/project-variables-scopeKamil Trzciński2018-02-141-1/+1
|
* Refactor variable duplicates error messageMatija Čupić2018-02-141-1/+1
|
* Add more information in variable_duplicates validator error messageMatija Čupić2018-02-131-1/+3
|
* Refactor outer anonymous function into a do blockMatija Čupić2018-02-131-1/+3
|
* Disable public send cop in variables duplicates validatorMatija Čupić2018-02-131-1/+1
|
* Extend variables_duplicates validator with scope handlingMatija Čupić2018-02-131-2/+13
|
* Validate User username only on Namespace, and bubble up appropriatelyDouwe Maan2018-02-064-28/+1
|
* Second iteration of Move Kubernetes from service to Cluster pageFilipa Lacerda2017-12-051-5/+5
|
* Adds Rubocop rule for line break after guard clauseJacopo2017-11-162-0/+2
| | | | Adds a rubocop rule (with autocorrect) to ensure line break after guard clauses.
* Merge branch 'refactor-clusters' into 'master'Grzegorz Bizon2017-11-061-0/+24
|\ | | | | | | | | Refactor Clusters to be consisted from GcpProvider and KubernetesPlatform See merge request gitlab-org/gitlab-ce!14879
| * specs for models. Improved details.Shinya Maeda2017-10-301-1/+1
| |
| * This worksShinya Maeda2017-10-231-0/+24
| |
* | Reallow project paths ending in periodsdm-reallow-project-path-ending-in-periodDouwe Maan2017-11-065-53/+91
|/
* Move the key restriction validation to its own classNick Thomas2017-08-301-0/+29
|
* Implement ayufan validator2Shinya Maeda2017-07-061-0/+13
|
View Lorry Controller Status