Use more specific regexes.

dfe0f9ee · Douwe Maan · 3f7531d6 · dfe0f9ee · dfe0f9ee · dfe0f9ee
Commit dfe0f9ee authored Mar 24, 2015 by Douwe Maan
7 changed files
--- a/app/models/namespace.rb
+++ b/app/models/namespace.rb
@@ -24,8 +24,8 @@ class Namespace < ActiveRecord::Base
  validates :name,
    presence: true, uniqueness: true,
    length: { within: 0..255 },
-    format: { with: Gitlab::Regex.name_regex,
-              message: Gitlab::Regex.name_regex_message }
+    format: { with: Gitlab::Regex.namespace_name_regex,
+              message: Gitlab::Regex.namespace_name_regex_message }

  validates :description, length: { within: 0..255 }
  validates :path,
@@ -33,8 +33,8 @@ class Namespace < ActiveRecord::Base
    presence: true,
    length: { within: 1..255 },
    exclusion: { in: Gitlab::Blacklist.path },
-    format: { with: Gitlab::Regex.path_regex,
-              message: Gitlab::Regex.path_regex_message }
+    format: { with: Gitlab::Regex.namespace_regex,
+              message: Gitlab::Regex.namespace_regex_message }

  delegate :name, to: :owner, allow_nil: true, prefix: true


--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -124,12 +124,12 @@ class Project < ActiveRecord::Base
    presence: true,
    length: { within: 0..255 },
    format: { with: Gitlab::Regex.project_name_regex,
-              message: Gitlab::Regex.project_regex_message }
+              message: Gitlab::Regex.project_name_regex_message }
  validates :path,
    presence: true,
    length: { within: 0..255 },
-    format: { with: Gitlab::Regex.path_regex,
-              message: Gitlab::Regex.path_regex_message }
+    format: { with: Gitlab::Regex.project_path_regex,
+              message: Gitlab::Regex.project_path_regex_message }
  validates :issues_enabled, :merge_requests_enabled,
            :wiki_enabled, inclusion: { in: [true, false] }
  validates :issues_tracker_id, length: { maximum: 255 }, allow_blank: true

--- a/app/models/snippet.rb
+++ b/app/models/snippet.rb
@@ -33,8 +33,8 @@ class Snippet < ActiveRecord::Base
  validates :file_name,
    presence: true,
    length: { within: 0..255 },
-    format: { with: Gitlab::Regex.path_regex,
-              message: Gitlab::Regex.path_regex_message }
+    format: { with: Gitlab::Regex.file_name_regex,
+              message: Gitlab::Regex.file_name_regex_message }
  validates :content, presence: true
  validates :visibility_level, inclusion: { in: Gitlab::VisibilityLevel.values }


--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -129,8 +129,8 @@ class User < ActiveRecord::Base
    presence: true,
    uniqueness: { case_sensitive: false },
    exclusion: { in: Gitlab::Blacklist.path },
-    format: { with: Gitlab::Regex.username_regex,
-              message: Gitlab::Regex.username_regex_message }
+    format: { with: Gitlab::Regex.namespace_regex,
+              message: Gitlab::Regex.namespace_regex_message }

  validates :notification_level, inclusion: { in: Notification.notification_levels }, presence: true
  validate :namespace_uniq, if: ->(user) { user.username_changed? }

--- a/app/services/files/create_service.rb
+++ b/app/services/files/create_service.rb
@@ -12,10 +12,10 @@ module Files
      file_name = File.basename(path)
      file_path = path

-      unless file_name =~ Gitlab::Regex.path_regex
+      unless file_name =~ Gitlab::Regex.file_name_regex
        return error(
          'Your changes could not be committed, because the file name ' +
-          Gitlab::Regex.path_regex_message
+          Gitlab::Regex.file_name_regex_message
        )
      end


--- a/lib/gitlab/regex.rb
+++ b/lib/gitlab/regex.rb
@@ -2,49 +2,64 @@ module Gitlab
  module Regex
    extend self

-    def username_regex
-      default_regex
+    def namespace_regex
+      @namespace_regex ||= /\A[a-zA-Z0-9_.][a-zA-Z0-9_\-\.]*(?<!\.git)\z/.freeze
    end

-    def username_regex_message
-      default_regex_message
+    def namespace_regex_message
+      "can contain only letters, digits, '_', '-' and '.'. " \
+      "Cannot start with '-' or end in '.git'" \
+    end
+
+
+    def namespace_name_regex
+      @namespace_name_regex ||= /\A[a-zA-Z0-9_\-\. ]*\z/.freeze
    end

+    def namespace_name_regex_message
+      "can contain only letters, digits, '_', '-', '.' and space."
+    end
+
+
    def project_name_regex
-      /\A[a-zA-Z0-9_.][a-zA-Z0-9_\-\. ]*\z/
+      @project_name_regex ||= /\A[a-zA-Z0-9_.][a-zA-Z0-9_\-\. ]*\z/.freeze
    end

-    def project_regex_message
-      "can contain only letters, digits, '_', '-' and '.' and space. " \
+    def project_name_regex_message
+      "can contain only letters, digits, '_', '-', '.' and space. " \
      "It must start with letter, digit or '_'."
    end

-    def name_regex
-      /\A[a-zA-Z0-9_\-\. ]*\z/
+
+    def project_path_regex
+      @project_path_regex ||= /\A[a-zA-Z0-9_.][a-zA-Z0-9_\-\.]*(?<!\.git)\z/.freeze
    end

-    def name_regex_message
-      "can contain only letters, digits, '_', '-' and '.' and space."
+    def project_path_regex_message
+      "can contain only letters, digits, '_', '-' and '.'. " \
+      "Cannot start with '-' or end in '.git'" \
    end

-    def path_regex
-      default_regex
+
+    def file_name_regex
+      @file_name_regex ||= /\A[a-zA-Z0-9_\-\.]*\z/.freeze
    end

-    def path_regex_message
-      default_regex_message
+    def file_name_regex_message
+      "can contain only letters, digits, '_', '-' and '.'. "
    end

+
    def archive_formats_regex
-      #|zip|tar|    tar.gz    |         tar.bz2         |
-      /(zip|tar|tar\.gz|tgz|gz|tar\.bz2|tbz|tbz2|tb2|bz2)/
+      #                           |zip|tar|    tar.gz    |         tar.bz2         |
+      @archive_formats_regex ||= /(zip|tar|tar\.gz|tgz|gz|tar\.bz2|tbz|tbz2|tb2|bz2)/.freeze
    end

    def git_reference_regex
      # Valid git ref regex, see:
      # https://www.kernel.org/pub/software/scm/git/docs/git-check-ref-format.html

-      %r{
+      @git_reference_regex ||= %r{
        (?!
           (?# doesn't begins with)
           \/|                    (?# rule #6)
@@ -60,18 +75,7 @@ module Gitlab
        (?# doesn't end with)
        (?<!\.lock)               (?# rule #1)
        (?<![\/.])                (?# rule #6-7)
-      }x
-    end
-
-    protected
-
-    def default_regex_message
-      "can contain only letters, digits, '_', '-' and '.'. " \
-      "Cannot start with '-' or end in '.git'" \
-    end
-
-    def default_regex
-      /\A[a-zA-Z0-9_.][a-zA-Z0-9_\-\.]*(?<!\.git)\z/
+      }x.freeze
    end
  end
 end
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -247,7 +247,7 @@ describe API::API, api: true  do
      expect(json_response['message']['name']).to eq([
        'can\'t be blank',
        'is too short (minimum is 0 characters)',
-        Gitlab::Regex.project_regex_message
+        Gitlab::Regex.project_name_regex_message
      ])
      expect(json_response['message']['path']).to eq([
        'can\'t be blank',