From 311b0269b4eb9839fa63f80c8d7a58f32b8138a0 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Thu, 18 Nov 2021 13:16:36 +0000 Subject: Add latest changes from gitlab-org/gitlab@14-5-stable-ee --- app/controllers/jira_connect/app_descriptor_controller.rb | 2 +- app/controllers/jira_connect/application_controller.rb | 4 ---- app/controllers/jira_connect/events_controller.rb | 7 +------ app/controllers/jira_connect/subscriptions_controller.rb | 4 ++-- 4 files changed, 4 insertions(+), 13 deletions(-) (limited to 'app/controllers/jira_connect') diff --git a/app/controllers/jira_connect/app_descriptor_controller.rb b/app/controllers/jira_connect/app_descriptor_controller.rb index e96242c7052..16bd73f5ab6 100644 --- a/app/controllers/jira_connect/app_descriptor_controller.rb +++ b/app/controllers/jira_connect/app_descriptor_controller.rb @@ -32,7 +32,7 @@ class JiraConnect::AppDescriptorController < JiraConnect::ApplicationController apiVersion: 1, apiMigrations: { 'context-qsh': true, - 'signed-install': signed_install_active?, + 'signed-install': true, gdpr: true } } diff --git a/app/controllers/jira_connect/application_controller.rb b/app/controllers/jira_connect/application_controller.rb index ecb23c326fe..352e78d6255 100644 --- a/app/controllers/jira_connect/application_controller.rb +++ b/app/controllers/jira_connect/application_controller.rb @@ -74,8 +74,4 @@ class JiraConnect::ApplicationController < ApplicationController params[:jwt] || request.headers['Authorization']&.split(' ', 2)&.last end end - - def signed_install_active? - Feature.enabled?(:jira_connect_asymmetric_jwt) - end end diff --git a/app/controllers/jira_connect/events_controller.rb b/app/controllers/jira_connect/events_controller.rb index 76ac15f7631..1ea0a92662b 100644 --- a/app/controllers/jira_connect/events_controller.rb +++ b/app/controllers/jira_connect/events_controller.rb @@ -4,14 +4,9 @@ class JiraConnect::EventsController < JiraConnect::ApplicationController # See https://developer.atlassian.com/cloud/jira/software/app-descriptor/#lifecycle skip_before_action :verify_atlassian_jwt! - before_action :verify_asymmetric_atlassian_jwt!, if: :signed_install_active? - - before_action :verify_atlassian_jwt!, only: :uninstalled, unless: :signed_install_active? - before_action :verify_qsh_claim!, only: :uninstalled, unless: :signed_install_active? + before_action :verify_asymmetric_atlassian_jwt! def installed - return head :ok if !signed_install_active? && atlassian_jwt_valid? - return head :ok if current_jira_installation installation = JiraConnectInstallation.new(event_params) diff --git a/app/controllers/jira_connect/subscriptions_controller.rb b/app/controllers/jira_connect/subscriptions_controller.rb index 903ad395e44..fcd95c7942c 100644 --- a/app/controllers/jira_connect/subscriptions_controller.rb +++ b/app/controllers/jira_connect/subscriptions_controller.rb @@ -7,8 +7,8 @@ class JiraConnect::SubscriptionsController < JiraConnect::ApplicationController next if p.directives.blank? # rubocop: disable Lint/PercentStringArray - script_src_values = Array.wrap(p.directives['script-src']) | %w('self' https://connect-cdn.atl-paas.net https://unpkg.com/jquery@3.3.1/) - style_src_values = Array.wrap(p.directives['style-src']) | %w('self' 'unsafe-inline' https://unpkg.com/@atlaskit/) + script_src_values = Array.wrap(p.directives['script-src']) | %w('self' https://connect-cdn.atl-paas.net) + style_src_values = Array.wrap(p.directives['style-src']) | %w('self' 'unsafe-inline') # rubocop: enable Lint/PercentStringArray p.frame_ancestors :self, 'https://*.atlassian.net' -- cgit v1.2.1