Merge branch 'check-for-present-runner-token' into 'master'

Fix Error 500 when visiting build page of project with nil runners_token Properly ensure that the token exists and add defensively check for a non-nil value. Closes #4294 See merge request !2294

Merge branch 'check-for-present-runner-token' into 'master'
Fix Error 500 when visiting build page of project with nil runners_token Properly ensure that the token exists and add defensively check for a non-nil value. Closes #4294 See merge request !2294
af9bbadc · Stan Hu · 70cba8e9 · b7aa13a0 · af9bbadc · af9bbadc
Commit af9bbadc authored Jan 11, 2016 by Stan Hu
Showing with 31 additions and 5 deletions

CHANGELOG CHANGELOG +1 -0

app/models/ci/build.rb app/models/ci/build.rb +1 -1

app/models/project.rb app/models/project.rb +7 -4

spec/models/ci/build_spec.rb spec/models/ci/build_spec.rb +22 -0

No files found.
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -39,6 +39,7 @@ v 8.3.3 (unreleased)
  - Fix project transfer e-mail sending incorrect paths in e-mail notification (Stan Hu)
  - Enable "Add key" button when user fills in a proper key (Stan Hu)
  - Fix error in processing reply-by-email messages (Jason Lee)
+  - Fix Error 500 when visiting build page of project with nil runners_token (Stan Hu)
 v 8.3.2
  - Change single user API endpoint to return more detailed data (Michael Potthoff)

--- a/app/models/ci/build.rb
+++ b/app/models/ci/build.rb
@@ -206,7 +206,7 @@ module Ci
    def trace
      trace = raw_trace
-      if project && trace.present?
+      if project && trace.present? && project.runners_token.present?
        trace.gsub(project.runners_token, 'xxxxxx')
      else
        trace

--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -50,6 +50,7 @@ class Project < ActiveRecord::Base
  include Sortable
  include AfterCommitQueue
  include CaseSensitivity
+  include TokenAuthenticatable
  extend Gitlab::ConfigHelper
@@ -193,10 +194,8 @@ class Project < ActiveRecord::Base
    if: ->(project) { project.avatar.present? && project.avatar_changed? }
  validates :avatar, file_size: { maximum: 200.kilobytes.to_i }
-  before_validation :set_runners_token_token
+  add_authentication_token_field :runners_token
-  def set_runners_token_token
+  before_save :ensure_runners_token
-    self.runners_token = SecureRandom.hex(15) if self.runners_token.blank?
-  end
  mount_uploader :avatar, AvatarUploader
@@ -900,4 +899,8 @@ class Project < ActiveRecord::Base
    return true unless forked?
    Gitlab::VisibilityLevel.allowed_fork_levels(forked_from_project.visibility_level).include?(level.to_i)
  end
+  def runners_token
+    ensure_runners_token!
+  end
 end
--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
+require 'spec_helper'
+describe Ci::Build, models: true do
+  let(:build) { create(:ci_build) }
+  let(:test_trace) { 'This is a test' }
+  describe '#trace' do
+    it 'obfuscates project runners token' do
+      allow(build).to receive(:raw_trace).and_return("Test: #{build.project.runners_token}")
+      expect(build.trace).to eq("Test: xxxxxx")
+    end
+    it 'empty project runners token' do
+      allow(build).to receive(:raw_trace).and_return(test_trace)
+      # runners_token can't normally be set to nil
+      allow(build.project).to receive(:runners_token).and_return(nil)
+      expect(build.trace).to eq(test_trace)
+    end
+  end
+end