diff options
| author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-06-27 00:40:25 +0300 |
|---|---|---|
| committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-06-27 00:40:25 +0300 |
| commit | 55bb6eed16f293318ba2684de42fb4299e622d61 (patch) | |
| tree | 97515c2601ff51fb6b303902766b501bea877314 | |
| parent | 25d523099a438f9ca1bb87022a9944a975c4d163 (diff) | |
| parent | 103f2243c897d3ad46b137a153e909e76fde4573 (diff) | |
Merge branch 'security-fix-issue-59379-11-11' into '11-11-stable'
Disable Rails SQL query cache when applying service templates
See merge request gitlab/gitlabhq!3180
| -rw-r--r-- | app/services/projects/propagate_service_template.rb | 2 | ||||
| -rw-r--r-- | changelogs/unreleased/sh-service-template-bug.yml | 5 | ||||
| -rw-r--r-- | spec/services/projects/propagate_service_template_spec.rb | 2 | ||||
| -rw-r--r-- | spec/spec_helper.rb | 6 |
4 files changed, 13 insertions, 2 deletions
diff --git a/app/services/projects/propagate_service_template.rb b/app/services/projects/propagate_service_template.rb index a2f36d2bd1b..a25c985585b 100644 --- a/app/services/projects/propagate_service_template.rb +++ b/app/services/projects/propagate_service_template.rb @@ -24,7 +24,7 @@ module Projects def propagate_projects_with_template loop do - batch = project_ids_batch + batch = Project.uncached { project_ids_batch } bulk_create_from_template(batch) unless batch.empty? diff --git a/changelogs/unreleased/sh-service-template-bug.yml b/changelogs/unreleased/sh-service-template-bug.yml new file mode 100644 index 00000000000..be5d719c6b2 --- /dev/null +++ b/changelogs/unreleased/sh-service-template-bug.yml @@ -0,0 +1,5 @@ +--- +title: Disable Rails SQL query cache when applying service templates +merge_request: 30060 +author: +type: security diff --git a/spec/services/projects/propagate_service_template_spec.rb b/spec/services/projects/propagate_service_template_spec.rb index f93e5aae82a..2c3effec617 100644 --- a/spec/services/projects/propagate_service_template_spec.rb +++ b/spec/services/projects/propagate_service_template_spec.rb @@ -72,7 +72,7 @@ describe Projects::PropagateServiceTemplate do expect(project.pushover_service.properties).to eq(service_template.properties) end - describe 'bulk update' do + describe 'bulk update', :use_sql_query_cache do let(:project_total) { 5 } before do diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 9266bee34d6..ec17bee640d 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -215,6 +215,12 @@ RSpec.configure do |config| ActionController::Base.cache_store = caching_store end + config.around(:each, :use_sql_query_cache) do |example| + ActiveRecord::Base.cache do + example.run + end + end + # The :each scope runs "inside" the example, so this hook ensures the DB is in the # correct state before any examples' before hooks are called. This prevents a # problem where `ScheduleIssuesClosedAtTypeChange` (or any migration that depends |