Commit 79437672 authored by Patricio Cano's avatar Patricio Cano

Refactored the domain separator regex, plus syntax and grammar fixes.

parent e15fa67c
...@@ -4,6 +4,12 @@ class ApplicationSetting < ActiveRecord::Base ...@@ -4,6 +4,12 @@ class ApplicationSetting < ActiveRecord::Base
add_authentication_token_field :health_check_access_token add_authentication_token_field :health_check_access_token
CACHE_KEY = 'application_setting.last' CACHE_KEY = 'application_setting.last'
DOMAIN_LIST_SEPARATOR = %r{\s*[,;]\s* # comma or semicolon, optionally surrounded by whitespace
| # or
\s # any whitespace character
| # or
[\r\n] # any number of newline characters
}x
serialize :restricted_visibility_levels serialize :restricted_visibility_levels
serialize :import_sources serialize :import_sources
...@@ -164,25 +170,18 @@ class ApplicationSetting < ActiveRecord::Base ...@@ -164,25 +170,18 @@ class ApplicationSetting < ActiveRecord::Base
self.domain_blacklist.join("\n") unless self.domain_blacklist.nil? self.domain_blacklist.join("\n") unless self.domain_blacklist.nil?
end end
def splitter
/\s*[,;]\s* # comma or semicolon, optionally surrounded by whitespace
| # or
\s # any whitespace character
| # or
[\r\n] # any number of newline characters
/x
end
def restricted_signup_domains_raw=(values) def restricted_signup_domains_raw=(values)
self.restricted_signup_domains = [] self.restricted_signup_domains = []
self.restricted_signup_domains = values.split(splitter) self.restricted_signup_domains = values.split(DOMAIN_LIST_SEPARATOR)
self.restricted_signup_domains.reject! { |d| d.empty? } self.restricted_signup_domains.reject! { |d| d.empty? }
self.restricted_signup_domains
end end
def domain_blacklist_raw=(values) def domain_blacklist_raw=(values)
self.domain_blacklist = [] self.domain_blacklist = []
self.domain_blacklist = values.split(splitter) self.domain_blacklist = values.split(DOMAIN_LIST_SEPARATOR)
self.domain_blacklist.reject! { |d| d.empty? } self.domain_blacklist.reject! { |d| d.empty? }
self.domain_blacklist
end end
def domain_blacklist_file=(file) def domain_blacklist_file=(file)
......
...@@ -39,7 +39,7 @@ not selected. ...@@ -39,7 +39,7 @@ not selected.
## Blacklist email domains ## Blacklist email domains
With this feature enabled, you can block email addresses of an specific domain With this feature enabled, you can block email addresses of a specific domain
from creating an account on your GitLab server. This is particularly useful to from creating an account on your GitLab server. This is particularly useful to
prevent spam. Disposable email addresses are usually used by malicious users to prevent spam. Disposable email addresses are usually used by malicious users to
create dummy accounts and spam issues. create dummy accounts and spam issues.
......
...@@ -77,27 +77,27 @@ describe ApplicationSetting, models: true do ...@@ -77,27 +77,27 @@ describe ApplicationSetting, models: true do
context 'blacklisted signup domains' do context 'blacklisted signup domains' do
it 'set single domain' do it 'set single domain' do
setting.domain_blacklist_raw = 'example.com' setting.domain_blacklist_raw = 'example.com'
expect(setting.domain_blacklist).to eq(['example.com']) expect(setting.domain_blacklist).to contain_exactly('example.com')
end end
it 'set multiple domains with spaces' do it 'set multiple domains with spaces' do
setting.domain_blacklist_raw = 'example.com *.example.com' setting.domain_blacklist_raw = 'example.com *.example.com'
expect(setting.domain_blacklist).to eq(['example.com', '*.example.com']) expect(setting.domain_blacklist).to contain_exactly('example.com', '*.example.com')
end end
it 'set multiple domains with newlines and a space' do it 'set multiple domains with newlines and a space' do
setting.domain_blacklist_raw = "example.com\n *.example.com" setting.domain_blacklist_raw = "example.com\n *.example.com"
expect(setting.domain_blacklist).to eq(['example.com', '*.example.com']) expect(setting.domain_blacklist).to contain_exactly('example.com', '*.example.com')
end end
it 'set multiple domains with commas' do it 'set multiple domains with commas' do
setting.domain_blacklist_raw = "example.com, *.example.com" setting.domain_blacklist_raw = "example.com, *.example.com"
expect(setting.domain_blacklist).to eq(['example.com', '*.example.com']) expect(setting.domain_blacklist).to contain_exactly('example.com', '*.example.com')
end end
it 'set multiple domain with file' do it 'set multiple domain with file' do
setting.domain_blacklist_file = File.open(Rails.root.join('spec/fixtures/', 'blacklist.txt')) setting.domain_blacklist_file = File.open(Rails.root.join('spec/fixtures/', 'blacklist.txt'))
expect(setting.domain_blacklist).to eq(%w(example.com test.com foo.bar)) expect(setting.domain_blacklist).to contain_exactly('example.com', 'test.com', 'foo.bar')
end end
end end
end end
...@@ -89,7 +89,7 @@ describe User, models: true do ...@@ -89,7 +89,7 @@ describe User, models: true do
end end
describe 'email' do describe 'email' do
context 'when no signup domains white listed' do context 'when no signup domains whitelisted' do
before do before do
allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return([]) allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return([])
end end
...@@ -100,7 +100,7 @@ describe User, models: true do ...@@ -100,7 +100,7 @@ describe User, models: true do
end end
end end
context 'when a signup domain is white listed and subdomains are allowed' do context 'when a signup domain is whitelisted and subdomains are allowed' do
before do before do
allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return(['example.com', '*.example.com']) allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return(['example.com', '*.example.com'])
end end
...@@ -121,7 +121,7 @@ describe User, models: true do ...@@ -121,7 +121,7 @@ describe User, models: true do
end end
end end
context 'when a signup domain is white listed and subdomains are not allowed' do context 'when a signup domain is whitelisted and subdomains are not allowed' do
before do before do
allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return(['example.com']) allow_any_instance_of(ApplicationSetting).to receive(:restricted_signup_domains).and_return(['example.com'])
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment