Fix incorrect regex used in FileUploader#extract_dynamic_path

In https://gitlab.com/gitlab-org/gitlab/-/merge_requests/3867 we enabled uploads stored in the uploads table to be migrated to object storage, but there are a number of entries in the uploads table with path containing a secret of length 10.

Fix incorrect regex used in FileUploader#extract_dynamic_path
In https://gitlab.com/gitlab-org/gitlab/-/merge_requests/3867 we enabled uploads stored in the uploads table to be migrated to object storage, but there are a number of entries in the uploads table with path containing a secret of length 10.
fd3d50d2 · Douglas Barbosa Alexandre · 4acd1a97 · fd3d50d2 · fd3d50d2
Commit fd3d50d2 authored Apr 02, 2020 by Douglas Barbosa Alexandre
Hide whitespace changes
Inline Side-by-side

Showing with 33 additions and 5 deletions

app/uploaders/file_uploader.rb app/uploaders/file_uploader.rb +1 -1

spec/uploaders/file_uploader_spec.rb spec/uploaders/file_uploader_spec.rb +32 -4

No files found.
--- a/app/uploaders/file_uploader.rb
+++ b/app/uploaders/file_uploader.rb
@@ -15,7 +15,7 @@ class FileUploader < GitlabUploader
  prepend ObjectStorage::Extension::RecordsUploads

  MARKDOWN_PATTERN = %r{\!?\[.*?\]\(/uploads/(?<secret>[0-9a-f]{32})/(?<file>.*?)\)}.freeze
-  DYNAMIC_PATH_PATTERN = %r{.*(?<secret>\h{32})/(?<identifier>.*)}.freeze
+  DYNAMIC_PATH_PATTERN = %r{.*/(?<secret>\h{10,32})/(?<identifier>.*)}.freeze
  VALID_SECRET_PATTERN = %r{\A\h{10,32}\z}.freeze

  InvalidSecret = Class.new(StandardError)

--- a/spec/uploaders/file_uploader_spec.rb
+++ b/spec/uploaders/file_uploader_spec.rb
@@ -145,11 +145,39 @@ describe FileUploader do
  end

  describe '.extract_dynamic_path' do
-    it 'works with hashed storage' do
-      path = 'export/4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a/test/uploads/72a497a02fe3ee09edae2ed06d390038/dummy.txt'
+    context 'with a 32-byte hexadecimal secret in the path' do
+      let(:secret) { SecureRandom.hex }
+      let(:path) { "export/4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a/test/uploads/#{secret}/dummy.txt" }

-      expect(described_class.extract_dynamic_path(path)[:identifier]).to eq('dummy.txt')
-      expect(described_class.extract_dynamic_path(path)[:secret]).to eq('72a497a02fe3ee09edae2ed06d390038')
+      it 'extracts the secret' do
+        expect(described_class.extract_dynamic_path(path)[:secret]).to eq(secret)
+      end
+
+      it 'extracts the identifier' do
+        expect(described_class.extract_dynamic_path(path)[:identifier]).to eq('dummy.txt')
+      end
+    end
+
+    context 'with a 10-byte hexadecimal secret in the path' do
+      let(:secret) { SecureRandom.hex(10) }
+      let(:path) { "export/4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a/test/uploads/#{secret}/dummy.txt" }
+
+      it 'extracts the secret' do
+        expect(described_class.extract_dynamic_path(path)[:secret]).to eq(secret)
+      end
+
+      it 'extracts the identifier' do
+        expect(described_class.extract_dynamic_path(path)[:identifier]).to eq('dummy.txt')
+      end
+    end
+
+    context 'with an invalid secret in the path' do
+      let(:secret) { 'foo' }
+      let(:path) { "export/4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a/test/uploads/#{secret}/dummy.txt" }
+
+      it 'returns nil' do
+        expect(described_class.extract_dynamic_path(path)).to be_nil
+      end
    end
  end