Commit 45aef202 authored by Nick Thomas's avatar Nick Thomas

Merge branch 'feature/http-geo-warning' into 'master'

Add warning when Geo is configured insecurely

Closes #3904

See merge request gitlab-org/gitlab-ee!3368
parents a7046b5b 284b6e69
---
title: Add warning when Geo is configured insecurely
merge_request: 3368
author:
type: added
class Admin::GeoNodesController < Admin::ApplicationController class Admin::GeoNodesController < Admin::ApplicationController
before_action :check_license, except: [:index, :destroy] before_action :check_license, except: [:index, :destroy]
before_action :load_node, only: [:edit, :update, :destroy, :repair, :toggle, :status] before_action :load_node, only: [:edit, :update, :destroy, :repair, :toggle, :status]
before_action :check_insecure_nodes
helper EE::GeoHelper helper EE::GeoHelper
...@@ -9,7 +10,7 @@ class Admin::GeoNodesController < Admin::ApplicationController ...@@ -9,7 +10,7 @@ class Admin::GeoNodesController < Admin::ApplicationController
@node = GeoNode.new @node = GeoNode.new
unless Gitlab::Geo.license_allows? unless Gitlab::Geo.license_allows?
flash.now[:alert] = 'You need a different license to enable Geo replication' flash_now(:alert, 'You need a different license to enable Geo replication')
end end
end end
...@@ -101,4 +102,18 @@ class Admin::GeoNodesController < Admin::ApplicationController ...@@ -101,4 +102,18 @@ class Admin::GeoNodesController < Admin::ApplicationController
def load_node def load_node
@node = GeoNode.find(params[:id]) @node = GeoNode.find(params[:id])
end end
def check_insecure_nodes
if has_insecure_nodes?
flash_now(:alert, 'You have configured Geo nodes using an insecure HTTP connection. We recommend the use of HTTPS.')
end
end
def has_insecure_nodes?
GeoNode.where(schema: 'http').any?
end
def flash_now(type, message)
flash.now[type] = flash.now[type].blank? ? message : "#{flash.now[type]}<BR>#{message}".html_safe
end
end end
...@@ -46,7 +46,8 @@ describe Admin::GeoNodesController, :postgresql do ...@@ -46,7 +46,8 @@ describe Admin::GeoNodesController, :postgresql do
it 'displays a flash message' do it 'displays a flash message' do
go go
expect(controller).to set_flash.now[:alert].to('You need a different license to enable Geo replication')
expect(flash[:alert]).to include('You need a different license to enable Geo replication')
end end
it 'does not redirects to the license page' do it 'does not redirects to the license page' do
...@@ -54,6 +55,30 @@ describe Admin::GeoNodesController, :postgresql do ...@@ -54,6 +55,30 @@ describe Admin::GeoNodesController, :postgresql do
expect(response).not_to redirect_to(admin_license_path) expect(response).not_to redirect_to(admin_license_path)
end end
end end
context 'Secured URL' do
let(:alert_message) { 'You have configured Geo nodes using an insecure HTTP connection. We recommend the use of HTTPS.' }
context 'HTTP nodes' do
it 'displays a flash message' do
create(:geo_node, url: 'http://not.safe')
go
expect(flash[:alert]).to include(alert_message)
end
end
context 'with HTTPS nodes' do
it 'does not display a flash message' do
create(:geo_node, url: 'https://much.safer')
go
expect(flash[:alert]).not_to include(alert_message)
end
end
end
end end
describe '#destroy' do describe '#destroy' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment