diff options
| author | Stan Hu <stanhu@gmail.com> | 2019-06-07 16:15:27 +0300 |
|---|---|---|
| committer | Stan Hu <stanhu@gmail.com> | 2019-06-07 16:15:27 +0300 |
| commit | 25ef3a9687494bea8927d7109f6e684beba2eb95 (patch) | |
| tree | df93c1ce4c1f2ea96918ff6a5f01568de3590bab /app | |
| parent | 2320e4451fa0c0c60326a7d29fa53599559b6484 (diff) | |
| parent | 6a90249b6a9c14391bf1ada9bb4726e8bf1e4ffd (diff) | |
Merge branch 'thomas-nilsson-irfu/gitlab-ce-thomas-nilsson-irfu-master-patch-13137' into 'master'
Allow masking if 8 or more characters in base64
See merge request gitlab-org/gitlab-ce!29143
Diffstat (limited to 'app')
7 files changed, 22 insertions, 7 deletions
diff --git a/app/assets/javascripts/ci_variable_list/ajax_variable_list.js b/app/assets/javascripts/ci_variable_list/ajax_variable_list.js index 592e1fd1c31..0bba2a2e160 100644 --- a/app/assets/javascripts/ci_variable_list/ajax_variable_list.js +++ b/app/assets/javascripts/ci_variable_list/ajax_variable_list.js @@ -27,15 +27,24 @@ function generateErrorBoxContent(errors) { // Used for the variable list on CI/CD projects/groups settings page export default class AjaxVariableList { - constructor({ container, saveButton, errorBox, formField = 'variables', saveEndpoint }) { + constructor({ + container, + saveButton, + errorBox, + formField = 'variables', + saveEndpoint, + maskableRegex, + }) { this.container = container; this.saveButton = saveButton; this.errorBox = errorBox; this.saveEndpoint = saveEndpoint; + this.maskableRegex = maskableRegex; this.variableList = new VariableList({ container: this.container, formField, + maskableRegex, }); this.bindEvents(); diff --git a/app/assets/javascripts/ci_variable_list/ci_variable_list.js b/app/assets/javascripts/ci_variable_list/ci_variable_list.js index 0390a3bf96a..0303e4e51dd 100644 --- a/app/assets/javascripts/ci_variable_list/ci_variable_list.js +++ b/app/assets/javascripts/ci_variable_list/ci_variable_list.js @@ -16,9 +16,10 @@ function createEnvironmentItem(value) { } export default class VariableList { - constructor({ container, formField }) { + constructor({ container, formField, maskableRegex }) { this.$container = $(container); this.formField = formField; + this.maskableRegex = new RegExp(maskableRegex); this.environmentDropdownMap = new WeakMap(); this.inputMap = { @@ -196,9 +197,8 @@ export default class VariableList { validateMaskability($row) { const invalidInputClass = 'gl-field-error-outline'; - const maskableRegex = /^\w{8,}$/; // Eight or more alphanumeric characters plus underscores const variableValue = $row.find(this.inputMap.secret_value.selector).val(); - const isValueMaskable = maskableRegex.test(variableValue) || variableValue === ''; + const isValueMaskable = this.maskableRegex.test(variableValue) || variableValue === ''; const isMaskedChecked = $row.find(this.inputMap.masked.selector).val() === 'true'; // Show a validation error if the user wants to mask an unmaskable variable value diff --git a/app/assets/javascripts/pages/groups/settings/ci_cd/show/index.js b/app/assets/javascripts/pages/groups/settings/ci_cd/show/index.js index ae0a8c74964..8a5300c9266 100644 --- a/app/assets/javascripts/pages/groups/settings/ci_cd/show/index.js +++ b/app/assets/javascripts/pages/groups/settings/ci_cd/show/index.js @@ -12,5 +12,6 @@ document.addEventListener('DOMContentLoaded', () => { saveButton: variableListEl.querySelector('.js-ci-variables-save-button'), errorBox: variableListEl.querySelector('.js-ci-variable-error-box'), saveEndpoint: variableListEl.dataset.saveEndpoint, + maskableRegex: variableListEl.dataset.maskableRegex, }); }); diff --git a/app/assets/javascripts/pages/projects/settings/ci_cd/show/index.js b/app/assets/javascripts/pages/projects/settings/ci_cd/show/index.js index 15c6fb550c1..885247335a4 100644 --- a/app/assets/javascripts/pages/projects/settings/ci_cd/show/index.js +++ b/app/assets/javascripts/pages/projects/settings/ci_cd/show/index.js @@ -21,6 +21,7 @@ document.addEventListener('DOMContentLoaded', () => { saveButton: variableListEl.querySelector('.js-ci-variables-save-button'), errorBox: variableListEl.querySelector('.js-ci-variable-error-box'), saveEndpoint: variableListEl.dataset.saveEndpoint, + maskableRegex: variableListEl.dataset.maskableRegex, }); // hide extra auto devops settings based checkbox state diff --git a/app/helpers/ci_variables_helper.rb b/app/helpers/ci_variables_helper.rb index e313015c937..fc51f00d052 100644 --- a/app/helpers/ci_variables_helper.rb +++ b/app/helpers/ci_variables_helper.rb @@ -27,4 +27,8 @@ module CiVariablesHelper %w(File file) ] end + + def ci_variable_maskable_regex + Maskable::REGEX.inspect.sub('\\A', '^').sub('\\z', '$').sub(/^\//, '').sub(/\/[a-z]*$/, '').gsub('\/', '/') + end end diff --git a/app/models/concerns/maskable.rb b/app/models/concerns/maskable.rb index 2943872ffab..e0f2c41b836 100644 --- a/app/models/concerns/maskable.rb +++ b/app/models/concerns/maskable.rb @@ -7,9 +7,9 @@ module Maskable # * No escape characters # * No variables # * No spaces - # * Minimal length of 8 characters + # * Minimal length of 8 characters from the Base64 alphabets (RFC4648) # * Absolutely no fun is allowed - REGEX = /\A\w{8,}\z/.freeze + REGEX = /\A[a-zA-Z0-9_+=\/-]{8,}\z/.freeze included do validates :masked, inclusion: { in: [true, false] } diff --git a/app/views/ci/variables/_index.html.haml b/app/views/ci/variables/_index.html.haml index 464b9faf282..94102b4dcd0 100644 --- a/app/views/ci/variables/_index.html.haml +++ b/app/views/ci/variables/_index.html.haml @@ -6,7 +6,7 @@ = s_('Environment variables are configured by your administrator to be %{link_start}protected%{link_end} by default').html_safe % { link_start: link_start, link_end: '</a>'.html_safe } .row - .col-lg-12.js-ci-variable-list-section{ data: { save_endpoint: save_endpoint } } + .col-lg-12.js-ci-variable-list-section{ data: { save_endpoint: save_endpoint, maskable_regex: ci_variable_maskable_regex } } .hide.alert.alert-danger.js-ci-variable-error-box %ul.ci-variable-list |