Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
c853dd61
Commit
c853dd61
authored
May 02, 2017
by
Bob Van Landuyt
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Reuse Gitlab::Regex.full_namespace_regex in the DynamicPathValidator
parent
2e2a63c8
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
34 additions
and
28 deletions
+34
-28
app/validators/dynamic_path_validator.rb
app/validators/dynamic_path_validator.rb
+18
-25
lib/gitlab/regex.rb
lib/gitlab/regex.rb
+4
-0
spec/lib/gitlab/regex_spec.rb
spec/lib/gitlab/regex_spec.rb
+2
-2
spec/validators/dynamic_path_validator_spec.rb
spec/validators/dynamic_path_validator_spec.rb
+10
-1
No files found.
app/validators/dynamic_path_validator.rb
View file @
c853dd61
...
...
@@ -15,7 +15,7 @@ class DynamicPathValidator < ActiveModel::EachValidator
#
# the path `api` shouldn't be allowed because it would be masked by `api/*`
#
TOP_LEVEL_ROUTES
=
Set
.
new
(
%w[
TOP_LEVEL_ROUTES
=
%w[
-
.well-known
abuse_reports
...
...
@@ -59,7 +59,7 @@ class DynamicPathValidator < ActiveModel::EachValidator
unsubscribes
uploads
users
]
)
.
freeze
]
.
freeze
# All project routes with wildcard argument must be listed here.
# Otherwise it can lead to routing issues when route considered as project name.
...
...
@@ -70,7 +70,7 @@ class DynamicPathValidator < ActiveModel::EachValidator
# without tree as reserved name routing can match 'group/project' as group name,
# 'tree' as project name and 'deploy_keys' as route.
#
WILDCARD_ROUTES
=
Set
.
new
(
%w[
WILDCARD_ROUTES
=
%w[
badges
blame
blob
...
...
@@ -91,7 +91,7 @@ class DynamicPathValidator < ActiveModel::EachValidator
tree
update
wikis
]
)
.
freeze
]
.
freeze
# These are all the paths that follow `/groups/*id/ or `/groups/*group_id`
# We need to reject these because we have a `/groups/*id` page that is the same
...
...
@@ -100,7 +100,7 @@ class DynamicPathValidator < ActiveModel::EachValidator
# If we would allow a subgroup to be created with the name `activity` then
# this group would not be accessible through `/groups/parent/activity` since
# this would map to the activity-page of it's parent.
GROUP_ROUTES
=
Set
.
new
(
%w[
GROUP_ROUTES
=
%w[
activity
avatar
edit
...
...
@@ -111,16 +111,16 @@ class DynamicPathValidator < ActiveModel::EachValidator
milestones
projects
subgroups
]
)
]
.
freeze
CHILD_ROUTES
=
(
WILDCARD_ROUTES
|
GROUP_ROUTES
).
freeze
def
self
.
without_reserved_wildcard_paths_regex
@
full_path_without_wildcard
_regex
||=
regex_excluding_child_paths
(
WILDCARD_ROUTES
)
@
without_reserved_wildcard_paths
_regex
||=
regex_excluding_child_paths
(
WILDCARD_ROUTES
)
end
def
self
.
without_reserved_child_paths_regex
@
full_path_without_child_route
s_regex
||=
regex_excluding_child_paths
(
CHILD_ROUTES
)
@
without_reserved_child_path
s_regex
||=
regex_excluding_child_paths
(
CHILD_ROUTES
)
end
# This is used to validate a full path.
...
...
@@ -128,22 +128,19 @@ class DynamicPathValidator < ActiveModel::EachValidator
# - Starting with one of the top level words
# - Containing one of the child level words in the middle of a path
def
self
.
regex_excluding_child_paths
(
child_routes
)
reserved_top_level_words
=
Regexp
.
union
(
TOP_LEVEL_ROUTES
.
to_a
)
not_starting_in_reserved_word
=
%r{
^(/?)(?!(
#{
reserved_top_level_words
}
)(/|$
))}
reserved_top_level_words
=
Regexp
.
union
(
TOP_LEVEL_ROUTES
)
not_starting_in_reserved_word
=
%r{
\A
/?(?!(
#{
reserved_top_level_words
}
)(/|
\z
))}
reserved_child_level_words
=
Regexp
.
union
(
child_routes
.
to_a
)
not_containing_reserved_child
=
%r{(?!
(
\S
+)/(
#{
reserved_child_level_words
}
)(/|$
))}
reserved_child_level_words
=
Regexp
.
union
(
child_routes
)
not_containing_reserved_child
=
%r{(?!
\S
+/(
#{
reserved_child_level_words
}
)(/|
\z
))}
@full_path_regex
=
%r{
#{
not_starting_in_reserved_word
}
#{
not_containing_reserved_child
}
#{
Gitlab
::
Regex
::
FULL_NAMESPACE_REGEX_STR
}
}x
%r{
#{
not_starting_in_reserved_word
}
#{
not_containing_reserved_child
}
#{
Gitlab
::
Regex
.
full_namespace_regex
}
}x
end
def
self
.
valid?
(
path
)
path_segments
=
path
.
split
(
'/'
)
!
reserved?
(
path
)
&&
path_segments
.
all?
{
|
value
|
follow_format?
(
value
)
}
path
=~
Gitlab
::
Regex
.
full_namespace_regex
&&
!
reserved?
(
path
)
end
def
self
.
reserved?
(
path
)
...
...
@@ -165,13 +162,9 @@ class DynamicPathValidator < ActiveModel::EachValidator
path
!~
without_reserved_wildcard_paths_regex
end
def
self
.
follow_format?
(
value
)
value
=~
Gitlab
::
Regex
.
namespace_regex
end
delegate
:reserved?
,
:any_reserved?
,
:follow_format?
,
to: :class
to: :class
def
valid_full_path?
(
record
,
value
)
full_path
=
record
.
respond_to?
(
:full_path
)
?
record
.
full_path
:
value
...
...
@@ -185,7 +178,7 @@ class DynamicPathValidator < ActiveModel::EachValidator
end
def
validate_each
(
record
,
attribute
,
value
)
unless
follow_format?
(
value
)
unless
value
=~
Gitlab
::
Regex
.
namespace_regex
record
.
errors
.
add
(
attribute
,
Gitlab
::
Regex
.
namespace_regex_message
)
end
...
...
lib/gitlab/regex.rb
View file @
c853dd61
...
...
@@ -22,6 +22,10 @@ module Gitlab
@namespace_regex
||=
/\A
#{
NAMESPACE_REGEX_STR
}
\z/
.
freeze
end
def
full_namespace_regex
@full_namespace_regex
||=
%r{
\A
#{
FULL_NAMESPACE_REGEX_STR
}
\z
}
end
def
namespace_route_regex
@namespace_route_regex
||=
/
#{
NAMESPACE_REGEX_STR
}
/
.
freeze
end
...
...
spec/lib/gitlab/regex_spec.rb
View file @
c853dd61
...
...
@@ -45,8 +45,8 @@ describe Gitlab::Regex, lib: true do
it
{
is_expected
.
not_to
match
(
'foo-'
)
}
end
describe
'
FULL_NAMESPACE_REGEX_STR
'
do
subject
{
%r{
\A
#{
Gitlab
::
Regex
::
FULL_NAMESPACE_REGEX_STR
}
\z
}
}
describe
'
.full_namespace_regex
'
do
subject
{
described_class
.
full_namespace_regex
}
it
{
is_expected
.
to
match
(
'gitlab.org'
)
}
it
{
is_expected
.
to
match
(
'gitlab.org/gitlab-git'
)
}
...
...
spec/validators/dynamic_path_validator_spec.rb
View file @
c853dd61
...
...
@@ -129,6 +129,10 @@ describe DynamicPathValidator do
expect
(
subject
).
not_to
match
(
'dashboard'
)
end
it
'matches valid paths with a toplevel word in a different place'
do
expect
(
subject
).
to
match
(
'parent/dashboard/project-path'
)
end
it
'rejects paths containing a wildcard reserved word'
do
expect
(
subject
).
not_to
match
(
'hello/edit'
)
expect
(
subject
).
not_to
match
(
'hello/edit/in-the-middle'
)
...
...
@@ -137,7 +141,6 @@ describe DynamicPathValidator do
it
'matches valid paths'
do
expect
(
subject
).
to
match
(
'parent/child/project-path'
)
expect
(
subject
).
to
match
(
'/parent/child/project-path'
)
end
end
...
...
@@ -185,5 +188,11 @@ describe DynamicPathValidator do
expect
(
described_class
.
valid?
(
test_path
)).
to
be_falsey
end
it
'rejects paths that are in an incorrect format'
do
test_path
=
'incorrect/format.git'
expect
(
described_class
.
valid?
(
test_path
)).
to
be_falsey
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment