diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-28 15:14:48 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-28 15:14:48 +0300 |
commit | 6ac06a5d4453d79dc901bbbed579132201043c54 (patch) | |
tree | 17e4cb89f5ae57e991f14136464969b679d64e9e | |
parent | 09a311fedb1410b343996ee025aba18fca95c09b (diff) |
Add latest changes from gitlab-org/security/gitlab@15-11-stable-ee
-rw-r--r-- | .rubocop_todo/gitlab/strong_memoize_attr.yml | 1 | ||||
-rw-r--r-- | .rubocop_todo/rspec/missing_feature_category.yml | 1 | ||||
-rw-r--r-- | app/models/hooks/web_hook.rb | 1 | ||||
-rw-r--r-- | spec/controllers/admin/hooks_controller_spec.rb | 9 | ||||
-rw-r--r-- | spec/models/hooks/web_hook_spec.rb | 7 |
5 files changed, 13 insertions, 6 deletions
diff --git a/.rubocop_todo/gitlab/strong_memoize_attr.yml b/.rubocop_todo/gitlab/strong_memoize_attr.yml index 21b8a2c9dec..c9ed5041ab8 100644 --- a/.rubocop_todo/gitlab/strong_memoize_attr.yml +++ b/.rubocop_todo/gitlab/strong_memoize_attr.yml @@ -363,7 +363,6 @@ Gitlab/StrongMemoizeAttr: - 'ee/app/models/vulnerabilities/finding.rb' - 'ee/app/presenters/approval_rule_presenter.rb' - 'ee/app/presenters/ci/minutes/usage_presenter.rb' - - 'ee/app/presenters/merge_request_approver_presenter.rb' - 'ee/app/serializers/dashboard_operations_project_entity.rb' - 'ee/app/serializers/ee/member_user_entity.rb' - 'ee/app/services/app_sec/dast/pipelines/find_latest_service.rb' diff --git a/.rubocop_todo/rspec/missing_feature_category.yml b/.rubocop_todo/rspec/missing_feature_category.yml index c94541ad8a2..8018d9ab050 100644 --- a/.rubocop_todo/rspec/missing_feature_category.yml +++ b/.rubocop_todo/rspec/missing_feature_category.yml @@ -1069,7 +1069,6 @@ RSpec/MissingFeatureCategory: - 'ee/spec/models/approval_merge_request_rule_spec.rb' - 'ee/spec/models/approval_state_spec.rb' - 'ee/spec/models/approval_wrapped_any_approver_rule_spec.rb' - - 'ee/spec/models/approval_wrapped_code_owner_rule_spec.rb' - 'ee/spec/models/approval_wrapped_rule_spec.rb' - 'ee/spec/models/approvals/scan_finding_wrapped_rule_set_spec.rb' - 'ee/spec/models/approvals/wrapped_rule_set_spec.rb' diff --git a/app/models/hooks/web_hook.rb b/app/models/hooks/web_hook.rb index 5ccbc926a71..1ee47bc63cc 100644 --- a/app/models/hooks/web_hook.rb +++ b/app/models/hooks/web_hook.rb @@ -135,6 +135,7 @@ class WebHook < ApplicationRecord return if url_variables_were.blank? || interpolated_url_was == interpolated_url + self.url_variables = {} if url_variables_were.keys.intersection(url_variables.keys).any? self.url_variables = {} if url_changed? && url_variables_were.to_a.intersection(url_variables.to_a).any? end diff --git a/spec/controllers/admin/hooks_controller_spec.rb b/spec/controllers/admin/hooks_controller_spec.rb index 4e68ffdda2a..86c3405863a 100644 --- a/spec/controllers/admin/hooks_controller_spec.rb +++ b/spec/controllers/admin/hooks_controller_spec.rb @@ -55,12 +55,13 @@ RSpec.describe Admin::HooksController do hook.update!(url_variables: { 'foo' => 'bar', 'baz' => 'woo' }) hook_params = { - url: 'http://example.com/{baz}?token={token}', + url: 'http://example.com/{bar}?token={token}', enable_ssl_verification: false, url_variables: [ { key: 'token', value: 'some secret value' }, - { key: 'baz', value: 'qux' }, - { key: 'foo', value: nil } + { key: 'baz', value: nil }, + { key: 'foo', value: nil }, + { key: 'bar', value: 'qux' } ] } @@ -72,7 +73,7 @@ RSpec.describe Admin::HooksController do expect(flash[:notice]).to include('was updated') expect(hook).to have_attributes(hook_params.except(:url_variables)) expect(hook).to have_attributes( - url_variables: { 'token' => 'some secret value', 'baz' => 'qux' } + url_variables: { 'token' => 'some secret value', 'bar' => 'qux' } ) end end diff --git a/spec/models/hooks/web_hook_spec.rb b/spec/models/hooks/web_hook_spec.rb index 254b8c2520b..4c7317de903 100644 --- a/spec/models/hooks/web_hook_spec.rb +++ b/spec/models/hooks/web_hook_spec.rb @@ -258,6 +258,13 @@ RSpec.describe WebHook, feature_category: :integrations do expect(hook.url_variables).to eq({}) end + it 'resets url variables if url variables are overwritten' do + hook.url_variables = hook.url_variables.merge('abc' => 'baz') + + expect(hook).not_to be_valid + expect(hook.url_variables).to eq({}) + end + it 'does not reset url variables if both url and url variables are changed' do hook.url = 'http://example.com/{one}/{two}' hook.url_variables = { 'one' => 'foo', 'two' => 'bar' } |