Skip to content

G
gitlab-ce
Commit 1bbdbd6d authored by Mario de la Ossa's avatar Mario de la Ossa
Browse files
Options

Ensure milestone titles are never empty 

If a milestone title is empty we end up with exceptions when trying to
load legacy migrations. Let's avoid them and also migrate any existing
ones.
parent 0fcf0f0e
Show whitespace changes
Inline Side-by-side
Showing with 36 additions and 1 deletion
app/models/milestone.rb
View file @ 1bbdbd6d
...@@ -60,6 +60,7 @@ class Milestone < ApplicationRecord ...@@ -60,6 +60,7 @@ class Milestone < ApplicationRecord
validates :group, presence: true, unless: :project validates :group, presence: true, unless: :project
validates :project, presence: true, unless: :group validates :project, presence: true, unless: :group
validates :title, presence: true
validate :uniqueness_of_title, if: :title_changed? validate :uniqueness_of_title, if: :title_changed?
validate :milestone_type_check validate :milestone_type_check
......
changelogs/unreleased/12769-milestone-blank-name-causes-issues.yml 0 → 100644
View file @ 1bbdbd6d
---
title: Ensure milestone titles are never empty
merge_request: 19985
author:
type: fixed
db/migrate/20191112232338_ensure_no_empty_milestone_titles.rb 0 → 100644
View file @ 1bbdbd6d
# frozen_string_literal: true
class EnsureNoEmptyMilestoneTitles < ActiveRecord::Migration[5.2]
include Gitlab::Database::MigrationHelpers
DOWNTIME = false
def up
loop do
rows_updated = exec_update <<~SQL
UPDATE milestones SET title = '%BLANK' WHERE id IN (SELECT id FROM milestones WHERE title = '' LIMIT 500)
SQL
break if rows_updated < 500
end
end
def down; end
end
db/schema.rb
View file @ 1bbdbd6d
...@@ -10,7 +10,7 @@ ...@@ -10,7 +10,7 @@
# #
# It's strongly recommended that you check this file into your version control system. # It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 2019_11_12_221821) do ActiveRecord::Schema.define(version: 2019_11_12_232338) do
# These are extensions that must be enabled in order to support this database # These are extensions that must be enabled in order to support this database
enable_extension "pg_trgm" enable_extension "pg_trgm"
......
spec/models/milestone_spec.rb
View file @ 1bbdbd6d
...@@ -55,6 +55,17 @@ describe Milestone do ...@@ -55,6 +55,17 @@ describe Milestone do
end end
end end
describe 'title' do
it { is_expected.to validate_presence_of(:title) }
it 'is invalid if title would be empty after sanitation' do
milestone = build(:milestone, project: project, title: '<img src=x onerror=prompt(1)>')
expect(milestone).not_to be_valid
expect(milestone.errors[:title]).to include("can't be blank")
end
end
describe 'milestone_releases' do describe 'milestone_releases' do
let(:milestone) { build(:milestone, project: project) } let(:milestone) { build(:milestone, project: project) }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7