Commit bd8a7767 authored by James Lopez's avatar James Lopez

fixed few issues with the migration

parent 030b1394
...@@ -406,6 +406,7 @@ class Project < ActiveRecord::Base ...@@ -406,6 +406,7 @@ class Project < ActiveRecord::Base
def import_url=(value) def import_url=(value)
import_url = Gitlab::ImportUrl.new(value) import_url = Gitlab::ImportUrl.new(value)
# deletes any existing import_data
create_import_data(credentials: import_url.credentials) create_import_data(credentials: import_url.credentials)
super(import_url.sanitized_url) super(import_url.sanitized_url)
end end
...@@ -450,7 +451,7 @@ class Project < ActiveRecord::Base ...@@ -450,7 +451,7 @@ class Project < ActiveRecord::Base
def safe_import_url def safe_import_url
result = URI.parse(self.import_url) result = URI.parse(self.import_url)
result.password = '*****' unless result.password.nil? result.password = '*****' unless result.password.nil?
result.user = '*****' unless result.user.nil? #tokens or other data may be saved as user result.user = '*****' unless result.user.nil? || result.user == "git" #tokens or other data may be saved as user
result.to_s result.to_s
rescue rescue
self.import_url self.import_url
......
...@@ -12,7 +12,7 @@ require 'file_size_validator' ...@@ -12,7 +12,7 @@ require 'file_size_validator'
class ProjectImportData < ActiveRecord::Base class ProjectImportData < ActiveRecord::Base
belongs_to :project belongs_to :project
attr_encrypted :credentials, key: Gitlab::Application.secrets.db_key_base, marshal: true, encode: true attr_encrypted :credentials, key: Gitlab::Application.secrets.db_key_base, marshal: true, encode: true, :mode => :per_attribute_iv_and_salt
serialize :data, JSON serialize :data, JSON
......
...@@ -6,25 +6,43 @@ class RemoveWrongImportUrlFromProjects < ActiveRecord::Migration ...@@ -6,25 +6,43 @@ class RemoveWrongImportUrlFromProjects < ActiveRecord::Migration
class FakeProjectImportData class FakeProjectImportData
extend AttrEncrypted extend AttrEncrypted
attr_accessor :credentials attr_accessor :credentials
attr_encrypted :credentials, key: Gitlab::Application.secrets.db_key_base, marshal: true, encode: true attr_encrypted :credentials, key: Gitlab::Application.secrets.db_key_base, marshal: true, encode: true, :mode => :per_attribute_iv_and_salt
end end
def up def up
byebug
projects_with_wrong_import_url do |project| projects_with_wrong_import_url do |project|
import_url = Gitlab::ImportUrl.new(project["import_url"]) import_url = Gitlab::ImportUrl.new(project["import_url"])
ActiveRecord::Base.transaction do ActiveRecord::Base.transaction do
execute("UPDATE projects SET import_url = '#{quote(import_url.sanitized_url)}' WHERE id = #{project['id']}") execute("UPDATE projects SET import_url = #{quote(import_url.sanitized_url)} WHERE id = #{project['id']}")
fake_import_data = FakeProjectImportData.new fake_import_data = FakeProjectImportData.new
fake_import_data.credentials = import_url.credentials fake_import_data.credentials = import_url.credentials
execute("UPDATE project_import_data SET encrypted_credentials = '#{quote(fake_import_data.encrypted_credentials)}' WHERE project_id = #{project['id']}") project_import_data = project_import_data(project['id'])
if project_import_data
execute(update_import_data_sql(project_import_data['id'], fake_import_data))
else
execute(insert_import_data_sql(project['id'], fake_import_data))
end
end end
end end
end end
def insert_import_data_sql(project_id, fake_import_data)
%( INSERT into project_import_data (encrypted_credentials, project_id, encrypted_credentials_iv, encrypted_credentials_salt) VALUES ( #{quote(fake_import_data.encrypted_credentials)}, '#{project_id}', #{quote(fake_import_data.encrypted_credentials_iv)}, #{quote(fake_import_data.encrypted_credentials_salt)}))
end
def update_import_data_sql(id, fake_import_data)
%( UPDATE project_import_data SET encrypted_credentials = #{quote(fake_import_data.encrypted_credentials)}, encrypted_credentials_iv = #{quote(fake_import_data.encrypted_credentials_iv)}, encrypted_credentials_salt = #{quote(fake_import_data.encrypted_credentials_salt)} WHERE id = '#{id}')
end
def projects_with_wrong_import_url def projects_with_wrong_import_url
# TODO Check live with #operations for possible false positives. Also, consider regex? But may have issues MySQL/PSQL # TODO Check live with #operations for possible false positives. Also, consider regex? But may have issues MySQL/PSQL
select_all("SELECT p.id, p.import_url FROM projects p WHERE p.import_url IS NOT NULL AND (p.import_url LIKE '%//%:%@%' OR p.import_url LIKE '#{"_"*40}@github.com%')") select_all("SELECT p.id, p.import_url FROM projects p WHERE p.import_url IS NOT NULL AND (p.import_url LIKE '%//%:%@%' OR p.import_url LIKE 'https___#{"_"*40}@github.com%')")
end
def project_import_data(project_id)
select_one("SELECT id FROM project_import_data WHERE project_id = '#{project_id}'")
end end
def quote(value) def quote(value)
......
...@@ -20,6 +20,7 @@ module Gitlab ...@@ -20,6 +20,7 @@ module Gitlab
private private
def generate_full_url def generate_full_url
return @url unless @credentials
@full_url = @url.dup @full_url = @url.dup
@full_url.user = @credentials[:user] @full_url.user = @credentials[:user]
@full_url.password = @credentials[:password] @full_url.password = @credentials[:password]
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment