Commit 5bc58bac authored by Mayra Cabrera's avatar Mayra Cabrera

Handle limit for datetime attributes on MySQL

The TIMESTAMP data type is used for values that contain both date and
time parts. TIMESTAMP has a range of '1970-01-01 00:00:01' UTC to
'2038-01-19 03:14:07' UTC.

A Forever lib class was included to handle future dates for PostgreSQL
and MySQL, also changes were made to DeployToken to enforce Forever.date

Also removes extra conditional from JwtController
parent d6450717
...@@ -25,8 +25,7 @@ class JwtController < ApplicationController ...@@ -25,8 +25,7 @@ class JwtController < ApplicationController
authenticate_with_http_basic do |login, password| authenticate_with_http_basic do |login, password|
@authentication_result = Gitlab::Auth.find_for_git_client(login, password, project: nil, ip: request.ip) @authentication_result = Gitlab::Auth.find_for_git_client(login, password, project: nil, ip: request.ip)
if @authentication_result.failed? || if @authentication_result.failed?
(@authentication_result.actor.present? && !user_or_deploy_token)
render_unauthorized render_unauthorized
end end
end end
...@@ -57,8 +56,4 @@ class JwtController < ApplicationController ...@@ -57,8 +56,4 @@ class JwtController < ApplicationController
def auth_params def auth_params
params.permit(:service, :scope, :account, :client_id) params.permit(:service, :scope, :account, :client_id)
end end
def user_or_deploy_token
@authentication_result.actor.is_a?(User) || @authentication_result.actor.is_a?(DeployToken)
end
end end
...@@ -7,10 +7,4 @@ class Projects::DeployTokensController < Projects::ApplicationController ...@@ -7,10 +7,4 @@ class Projects::DeployTokensController < Projects::ApplicationController
redirect_to project_settings_repository_path(project) redirect_to project_settings_repository_path(project)
end end
private
def deploy_token_params
params.require(:deploy_token).permit(:name, :expires_at, :read_repository, :read_registry)
end
end end
...@@ -9,12 +9,4 @@ module DeployTokensHelper ...@@ -9,12 +9,4 @@ module DeployTokensHelper
Gitlab.config.registry.enabled && Gitlab.config.registry.enabled &&
can?(current_user, :read_container_image, project) can?(current_user, :read_container_image, project)
end end
def expires_at_value(expires_at)
expires_at unless expires_at >= DeployToken::FOREVER
end
def show_expire_at?(token)
token.expires? && token.expires_at != DeployToken::FOREVER
end
end end
...@@ -4,9 +4,8 @@ class DeployToken < ActiveRecord::Base ...@@ -4,9 +4,8 @@ class DeployToken < ActiveRecord::Base
add_authentication_token_field :token add_authentication_token_field :token
AVAILABLE_SCOPES = %i(read_repository read_registry).freeze AVAILABLE_SCOPES = %i(read_repository read_registry).freeze
FOREVER = DateTime.new(3000, 1, 1)
default_value_for :expires_at, FOREVER default_value_for(:expires_at) { Forever.date }
has_many :project_deploy_tokens, inverse_of: :deploy_token has_many :project_deploy_tokens, inverse_of: :deploy_token
has_many :projects, through: :project_deploy_tokens has_many :projects, through: :project_deploy_tokens
...@@ -45,6 +44,15 @@ class DeployToken < ActiveRecord::Base ...@@ -45,6 +44,15 @@ class DeployToken < ActiveRecord::Base
projects.first projects.first
end end
def expires_at
expires_at = read_attribute(:expires_at)
expires_at != Forever.date ? expires_at : nil
end
def expires_at=(value)
write_attribute(:expires_at, value.presence || Forever.date)
end
private private
def ensure_at_least_one_scope def ensure_at_least_one_scope
......
module DeployTokens module DeployTokens
class CreateService < BaseService class CreateService < BaseService
def execute def execute
@project.deploy_tokens.create(deploy_token_params) @project.deploy_tokens.create(params)
end
private
def deploy_token_params
params[:expires_at] = expires_at_date
params
end
def expires_at_date
params[:expires_at].presence || default_expires_at
end
def default_expires_at
DeployToken::FOREVER
end end
end end
end end
...@@ -10,7 +10,7 @@ ...@@ -10,7 +10,7 @@
.form-group .form-group
= f.label :expires_at, class: 'label-light' = f.label :expires_at, class: 'label-light'
= f.text_field :expires_at, class: 'datepicker form-control', value: expires_at_value(token.expires_at) = f.text_field :expires_at, class: 'datepicker form-control', value: f.object.expires_at
.form-group .form-group
= f.label :scopes, class: 'label-light' = f.label :scopes, class: 'label-light'
......
...@@ -18,7 +18,7 @@ ...@@ -18,7 +18,7 @@
%td= token.username %td= token.username
%td= token.created_at.to_date.to_s(:medium) %td= token.created_at.to_date.to_s(:medium)
%td %td
- if show_expire_at?(token) - if token.expires?
%span{ class: ('text-warning' if token.expires_soon?) } %span{ class: ('text-warning' if token.expires_soon?) }
In #{distance_of_time_in_words_to_now(token.expires_at)} In #{distance_of_time_in_words_to_now(token.expires_at)}
- else - else
......
class Forever
POSTGRESQL_DATE = DateTime.new(3000, 1, 1)
MYSQL_DATE = DateTime.new(2038, 01, 19)
# MySQL timestamp has a range of '1970-01-01 00:00:01' UTC to '2038-01-19 03:14:07' UTC
def self.date
if Gitlab::Database.postgresql?
POSTGRESQL_DATE
else
MYSQL_DATE
end
end
end
...@@ -90,8 +90,7 @@ feature 'Repository settings' do ...@@ -90,8 +90,7 @@ feature 'Repository settings' do
end end
context 'Deploy tokens' do context 'Deploy tokens' do
let(:deploy_token_project) { create(:project_deploy_token, project: project) } let!(:deploy_token) { create(:deploy_token, projects: [project]) }
let!(:deploy_token) { deploy_token_project.deploy_token }
before do before do
stub_container_registry_config(enabled: true) stub_container_registry_config(enabled: true)
...@@ -115,17 +114,6 @@ feature 'Repository settings' do ...@@ -115,17 +114,6 @@ feature 'Repository settings' do
expect(page).to have_content('Your new project deploy token has been created') expect(page).to have_content('Your new project deploy token has been created')
end end
scenario 'revoke a deploy token', :js do
within('.deploy-tokens') do
click_link 'Revoke'
click_link "Revoke #{deploy_token.name}"
expect(page).not_to have_content(deploy_token.name)
expect(page).not_to have_content('read_repository')
expect(page).not_to have_content('read_registry')
end
end
end end
end end
end end
require 'spec_helper'
describe Forever do
describe '.date' do
subject { described_class.date }
context 'when using PostgreSQL' do
it 'should return Postgresql future date' do
allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
expect(subject).to eq(described_class::POSTGRESQL_DATE)
end
end
context 'when using MySQL' do
it 'should return MySQL future date' do
allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
expect(subject).to eq(described_class::MYSQL_DATE)
end
end
end
end
...@@ -93,4 +93,42 @@ describe DeployToken do ...@@ -93,4 +93,42 @@ describe DeployToken do
end end
end end
end end
describe '#expires_at' do
context 'when using Forever.date' do
let(:deploy_token) { create(:deploy_token, expires_at: nil) }
it 'should return nil' do
expect(deploy_token.expires_at).to be_nil
end
end
context 'when using a personalized date' do
let(:expires_at) { Date.today + 5.months }
let(:deploy_token) { create(:deploy_token, expires_at: expires_at) }
it 'should return the personalized date' do
expect(deploy_token.expires_at).to eq(expires_at)
end
end
end
describe '#expires_at=' do
context 'when passing nil' do
let(:deploy_token) { create(:deploy_token, expires_at: nil) }
it 'should assign Forever.date' do
expect(deploy_token.read_attribute(:expires_at)).to eq(Forever.date)
end
end
context 'when passign a value' do
let(:expires_at) { Date.today + 5.months }
let(:deploy_token) { create(:deploy_token, expires_at: expires_at) }
it 'should respect the value' do
expect(deploy_token.read_attribute(:expires_at)).to eq(expires_at)
end
end
end
end end
...@@ -25,8 +25,8 @@ describe DeployTokens::CreateService do ...@@ -25,8 +25,8 @@ describe DeployTokens::CreateService do
context 'when expires at date is not passed' do context 'when expires at date is not passed' do
let(:deploy_token_params) { attributes_for(:deploy_token, expires_at: '') } let(:deploy_token_params) { attributes_for(:deploy_token, expires_at: '') }
it 'should set FOREVER date' do it 'should set Forever.date' do
expect(subject.expires_at).to eq(DeployToken::FOREVER) expect(subject.read_attribute(:expires_at)).to eq(Forever.date)
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment