diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-20 06:08:57 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-20 06:08:57 +0300 |
| commit | 852f4a85dd199751e4652748461163de85ecda53 (patch) | |
| tree | b4160aa19c23582b5ab5ac02f9860b5498007c43 /app/models | |
| parent | 82cd20acf9f4cceecf222abe718a9e23cef55687 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/models')
| -rw-r--r-- | app/models/application_setting.rb | 10 | ||||
| -rw-r--r-- | app/models/application_setting_implementation.rb | 2 | ||||
| -rw-r--r-- | app/models/user.rb | 13 |
3 files changed, 25 insertions, 0 deletions
diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb index ddd43311d9b..2f7d6164b9a 100644 --- a/app/models/application_setting.rb +++ b/app/models/application_setting.rb @@ -243,6 +243,8 @@ class ApplicationSetting < ApplicationRecord validates :snippet_size_limit, numericality: { only_integer: true, greater_than: 0 } + validate :email_restrictions_regex_valid? + SUPPORTED_KEY_TYPES.each do |type| validates :"#{type}_key_restriction", presence: true, key_restriction: { type: type } end @@ -381,6 +383,14 @@ class ApplicationSetting < ApplicationRecord def recaptcha_or_login_protection_enabled recaptcha_enabled || login_recaptcha_protection_enabled end + + def email_restrictions_regex_valid? + return if email_restrictions.blank? + + Gitlab::UntrustedRegexp.new(email_restrictions) + rescue RegexpError + errors.add(:email_restrictions, _('is not a valid regular expression')) + end end ApplicationSetting.prepend_if_ee('EE::ApplicationSetting') diff --git a/app/models/application_setting_implementation.rb b/app/models/application_setting_implementation.rb index 98d8bb43b93..a9856203cc0 100644 --- a/app/models/application_setting_implementation.rb +++ b/app/models/application_setting_implementation.rb @@ -62,6 +62,8 @@ module ApplicationSettingImplementation eks_account_id: nil, eks_access_key_id: nil, eks_secret_access_key: nil, + email_restrictions_enabled: false, + email_restrictions: nil, first_day_of_week: 0, gitaly_timeout_default: 55, gitaly_timeout_fast: 10, diff --git a/app/models/user.rb b/app/models/user.rb index 2c577fc9696..f3db0522edc 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -189,6 +189,7 @@ class User < ApplicationRecord validate :owns_public_email, if: :public_email_changed? validate :owns_commit_email, if: :commit_email_changed? validate :signup_domain_valid?, on: :create, if: ->(user) { !user.created_by_id } + validate :check_email_restrictions, on: :create, if: ->(user) { !user.created_by_id } validates :theme_id, allow_nil: true, inclusion: { in: Gitlab::Themes.valid_ids, message: _("%{placeholder} is not a valid theme") % { placeholder: '%{value}' } } @@ -1751,6 +1752,18 @@ class User < ApplicationRecord end end + def check_email_restrictions + return unless Feature.enabled?(:email_restrictions) + return unless Gitlab::CurrentSettings.email_restrictions_enabled? + + restrictions = Gitlab::CurrentSettings.email_restrictions + return if restrictions.blank? + + if Gitlab::UntrustedRegexp.new(restrictions).match?(email) + errors.add(:email, _('is not allowed for sign-up')) + end + end + def self.unique_internal(scope, username, email_pattern, &block) scope.first || create_unique_internal(scope, username, email_pattern, &block) end |