Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Boxiang Sun
gitlab-ce
Commits
4b46b530
Commit
4b46b530
authored
May 01, 2019
by
charlieablett
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add `html` to sensitive words
parent
f2bc55d7
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
4 additions
and
3 deletions
+4
-3
lib/gitlab/import_export/attribute_cleaner.rb
lib/gitlab/import_export/attribute_cleaner.rb
+1
-1
spec/features/projects/import_export/export_file_spec.rb
spec/features/projects/import_export/export_file_spec.rb
+1
-1
spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
+2
-1
No files found.
lib/gitlab/import_export/attribute_cleaner.rb
View file @
4b46b530
...
@@ -4,7 +4,7 @@ module Gitlab
...
@@ -4,7 +4,7 @@ module Gitlab
module
ImportExport
module
ImportExport
class
AttributeCleaner
class
AttributeCleaner
ALLOWED_REFERENCES
=
RelationFactory
::
PROJECT_REFERENCES
+
RelationFactory
::
USER_REFERENCES
+
[
'group_id'
]
ALLOWED_REFERENCES
=
RelationFactory
::
PROJECT_REFERENCES
+
RelationFactory
::
USER_REFERENCES
+
[
'group_id'
]
PROHIBITED_SUFFIXES
=
%w
(_id _html)
.
freeze
PROHIBITED_SUFFIXES
=
%w
[_id _html]
.
freeze
def
self
.
clean
(
*
args
)
def
self
.
clean
(
*
args
)
new
(
*
args
).
clean
new
(
*
args
).
clean
...
...
spec/features/projects/import_export/export_file_spec.rb
View file @
4b46b530
...
@@ -12,7 +12,7 @@ describe 'Import/Export - project export integration test', :js do
...
@@ -12,7 +12,7 @@ describe 'Import/Export - project export integration test', :js do
let
(
:export_path
)
{
"
#{
Dir
.
tmpdir
}
/import_file_spec"
}
let
(
:export_path
)
{
"
#{
Dir
.
tmpdir
}
/import_file_spec"
}
let
(
:config_hash
)
{
YAML
.
load_file
(
Gitlab
::
ImportExport
.
config_file
).
deep_stringify_keys
}
let
(
:config_hash
)
{
YAML
.
load_file
(
Gitlab
::
ImportExport
.
config_file
).
deep_stringify_keys
}
let
(
:sensitive_words
)
{
%w[pass secret token key encrypted]
}
let
(
:sensitive_words
)
{
%w[pass secret token key encrypted
html
]
}
let
(
:safe_list
)
do
let
(
:safe_list
)
do
{
{
token:
[
ProjectHook
,
Ci
::
Trigger
,
CommitStatus
],
token:
[
ProjectHook
,
Ci
::
Trigger
,
CommitStatus
],
...
...
spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
View file @
4b46b530
...
@@ -63,6 +63,7 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
...
@@ -63,6 +63,7 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
it
'does not import note_html'
do
it
'does not import note_html'
do
note_content
=
'Quo reprehenderit aliquam qui dicta impedit cupiditate eligendi'
note_content
=
'Quo reprehenderit aliquam qui dicta impedit cupiditate eligendi'
issue_note
=
Issue
.
find_by
(
description:
'Aliquam enim illo et possimus.'
).
notes
.
select
{
|
n
|
n
.
note
.
match
(
/
#{
note_content
}
/
)}.
first
issue_note
=
Issue
.
find_by
(
description:
'Aliquam enim illo et possimus.'
).
notes
.
select
{
|
n
|
n
.
note
.
match
(
/
#{
note_content
}
/
)}.
first
expect
(
issue_note
.
note_html
).
to
match
(
/
#{
note_content
}
/
)
expect
(
issue_note
.
note_html
).
to
match
(
/
#{
note_content
}
/
)
end
end
end
end
...
@@ -71,12 +72,12 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
...
@@ -71,12 +72,12 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
it
'does not import note_html'
do
it
'does not import note_html'
do
note_content
=
'Sit voluptatibus eveniet architecto quidem'
note_content
=
'Sit voluptatibus eveniet architecto quidem'
merge_request_note
=
MergeRequest
.
find_by
(
title:
'MR1'
).
notes
.
select
{
|
n
|
n
.
note
.
match
(
/
#{
note_content
}
/
)}.
first
merge_request_note
=
MergeRequest
.
find_by
(
title:
'MR1'
).
notes
.
select
{
|
n
|
n
.
note
.
match
(
/
#{
note_content
}
/
)}.
first
expect
(
merge_request_note
.
note_html
).
to
match
(
/
#{
note_content
}
/
)
expect
(
merge_request_note
.
note_html
).
to
match
(
/
#{
note_content
}
/
)
end
end
end
end
end
end
it
'creates a valid pipeline note'
do
it
'creates a valid pipeline note'
do
expect
(
Ci
::
Pipeline
.
find_by_sha
(
'sha-notes'
).
notes
).
not_to
be_empty
expect
(
Ci
::
Pipeline
.
find_by_sha
(
'sha-notes'
).
notes
).
not_to
be_empty
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment