Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
d455bcf1
Commit
d455bcf1
authored
Mar 30, 2021
by
GitLab Bot
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add latest changes from gitlab-org/security/gitlab@13-10-stable-ee
parent
b8cacd68
Changes
9
Hide whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
33 additions
and
10 deletions
+33
-10
app/services/projects/unlink_fork_service.rb
app/services/projects/unlink_fork_service.rb
+2
-0
changelogs/unreleased/security-id-leave-pool-for-private-forks.yml
...s/unreleased/security-id-leave-pool-for-private-forks.yml
+5
-0
changelogs/unreleased/security-trigger-system-hook-by-post.yml
...elogs/unreleased/security-trigger-system-hook-by-post.yml
+5
-0
doc/api/system_hooks.md
doc/api/system_hooks.md
+2
-2
lib/api/system_hooks.rb
lib/api/system_hooks.rb
+1
-1
spec/factories/pool_repositories.rb
spec/factories/pool_repositories.rb
+1
-1
spec/requests/api/system_hooks_spec.rb
spec/requests/api/system_hooks_spec.rb
+5
-5
spec/services/projects/fork_service_spec.rb
spec/services/projects/fork_service_spec.rb
+1
-1
spec/services/projects/unlink_fork_service_spec.rb
spec/services/projects/unlink_fork_service_spec.rb
+11
-0
No files found.
app/services/projects/unlink_fork_service.rb
View file @
d455bcf1
...
...
@@ -32,6 +32,8 @@ module Projects
if
fork_network
=
@project
.
root_of_fork_network
fork_network
.
update
(
root_project:
nil
,
deleted_root_project_name:
@project
.
full_name
)
end
@project
.
leave_pool_repository
end
# rubocop: disable Cop/InBatches
...
...
changelogs/unreleased/security-id-leave-pool-for-private-forks.yml
0 → 100644
View file @
d455bcf1
---
title
:
Leave pool repository on fork unlinking
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-trigger-system-hook-by-post.yml
0 → 100644
View file @
d455bcf1
---
title
:
Require POST request to trigger system hooks
merge_request
:
author
:
type
:
security
doc/api/system_hooks.md
View file @
d455bcf1
...
...
@@ -88,7 +88,7 @@ Example response:
## Test system hook
```
plaintext
GE
T /hooks/:id
POS
T /hooks/:id
```
| Attribute | Type | Required | Description |
...
...
@@ -98,7 +98,7 @@ GET /hooks/:id
Example request:
```
shell
curl
--
header
"PRIVATE-TOKEN: <your_access_token>"
"https://gitlab.example.com/api/v4/hooks/2
"
curl
--
request
POST
--header
"PRIVATE-TOKEN: <your_access_token>"
"https://gitlab.example.com/api/v4/hooks/1
"
```
Example response:
...
...
lib/api/system_hooks.rb
View file @
d455bcf1
...
...
@@ -47,7 +47,7 @@ module API
params
do
requires
:id
,
type:
Integer
,
desc:
'The ID of the system hook'
end
ge
t
":id"
do
pos
t
":id"
do
hook
=
SystemHook
.
find
(
params
[
:id
])
data
=
{
event_name:
"project_create"
,
...
...
spec/factories/pool_repositories.rb
View file @
d455bcf1
...
...
@@ -6,7 +6,7 @@ FactoryBot.define do
state
{
:none
}
before
(
:create
)
do
|
pool
|
pool
.
source_project
=
create
(
:project
,
:repository
)
pool
.
source_project
||
=
create
(
:project
,
:repository
)
pool
.
source_project
.
update!
(
pool_repository:
pool
)
end
...
...
spec/requests/api/system_hooks_spec.rb
View file @
d455bcf1
...
...
@@ -103,15 +103,15 @@ RSpec.describe API::SystemHooks do
end
end
describe
"GET /hooks/:id"
do
it
"returns hook by id"
do
ge
t
api
(
"/hooks/
#{
hook
.
id
}
"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:
ok
)
describe
'POST /hooks/:id'
do
it
"returns
and trigger
hook by id"
do
pos
t
api
(
"/hooks/
#{
hook
.
id
}
"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:
created
)
expect
(
json_response
[
'event_name'
]).
to
eq
(
'project_create'
)
end
it
"returns 404 on failure"
do
ge
t
api
(
"/hooks/404"
,
admin
)
pos
t
api
(
"/hooks/404"
,
admin
)
expect
(
response
).
to
have_gitlab_http_status
(
:not_found
)
end
end
...
...
spec/services/projects/fork_service_spec.rb
View file @
d455bcf1
...
...
@@ -403,7 +403,7 @@ RSpec.describe Projects::ForkService do
end
context
'when forking with object pools'
do
let
(
:fork_from_project
)
{
create
(
:project
,
:public
)
}
let
(
:fork_from_project
)
{
create
(
:project
,
:
repository
,
:
public
)
}
let
(
:forker
)
{
create
(
:user
)
}
context
'when no pool exists'
do
...
...
spec/services/projects/unlink_fork_service_spec.rb
View file @
d455bcf1
...
...
@@ -207,6 +207,17 @@ RSpec.describe Projects::UnlinkForkService, :use_clean_rails_memory_store_cachin
end
end
context
'a project with pool repository'
do
let
(
:project
)
{
create
(
:project
,
:public
,
:repository
)
}
let!
(
:pool_repository
)
{
create
(
:pool_repository
,
:ready
,
source_project:
project
)
}
subject
{
described_class
.
new
(
project
,
user
)
}
it
'when unlinked leaves pool repository'
do
expect
{
subject
.
execute
}.
to
change
{
project
.
reload
.
has_pool_repository?
}.
from
(
true
).
to
(
false
)
end
end
context
'when given project is not part of a fork network'
do
let!
(
:project_without_forks
)
{
create
(
:project
,
:public
)
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment