diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-07-31 17:35:12 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-07-31 17:35:24 +0300 |
commit | 1ebdda69d61ae26379f8fac27671103374031944 (patch) | |
tree | 3f91337bb928fa638e02b84a20a7568090d23bcb /app | |
parent | 3c93d74713f5a845429b4c19b046f57cc8ea325c (diff) |
Add latest changes from gitlab-org/security/gitlab@16-2-stable-ee
Diffstat (limited to 'app')
-rw-r--r-- | app/models/project.rb | 11 | ||||
-rw-r--r-- | app/models/project_setting.rb | 11 | ||||
-rw-r--r-- | app/services/bulk_imports/archive_extraction_service.rb | 6 | ||||
-rw-r--r-- | app/services/bulk_imports/file_decompression_service.rb | 2 |
4 files changed, 24 insertions, 6 deletions
diff --git a/app/models/project.rb b/app/models/project.rb index 931f4db3a54..8959eccbd1f 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -579,6 +579,8 @@ class Project < ApplicationRecord validates :max_artifacts_size, numericality: { only_integer: true, greater_than: 0, allow_nil: true } validates :suggestion_commit_message, length: { maximum: MAX_SUGGESTIONS_TEMPLATE_LENGTH } + validate :path_availability, if: :path_changed? + # Scopes scope :pending_delete, -> { where(pending_delete: true) } scope :without_deleted, -> { where(pending_delete: false) } @@ -3221,6 +3223,15 @@ class Project < ApplicationRecord group.crm_enabled? end + def path_availability + base, _, host = path.partition('.') + + return unless host == Gitlab.config.pages&.dig('host') + return unless ProjectSetting.where(pages_unique_domain: base).exists? + + errors.add(:path, s_('Project|already in use')) + end + private # overridden in EE diff --git a/app/models/project_setting.rb b/app/models/project_setting.rb index 7ca74d4e970..aeefa5c8dcd 100644 --- a/app/models/project_setting.rb +++ b/app/models/project_setting.rb @@ -59,6 +59,8 @@ class ProjectSetting < ApplicationRecord validate :validates_mr_default_target_self + validate :pages_unique_domain_availability, if: :pages_unique_domain_changed? + attribute :legacy_open_source_license_available, default: -> do Feature.enabled?(:legacy_open_source_license_available, type: :ops) end @@ -109,6 +111,15 @@ class ProjectSetting < ApplicationRecord pages_unique_domain_enabled || pages_unique_domain_in_database.present? end + + def pages_unique_domain_availability + host = Gitlab.config.pages&.dig('host') + + return if host.blank? + return unless Project.where(path: "#{pages_unique_domain}.#{host}").exists? + + errors.add(:pages_unique_domain, s_('ProjectSetting|already in use')) + end end ProjectSetting.prepend_mod diff --git a/app/services/bulk_imports/archive_extraction_service.rb b/app/services/bulk_imports/archive_extraction_service.rb index 4485b19035b..bce2a67218a 100644 --- a/app/services/bulk_imports/archive_extraction_service.rb +++ b/app/services/bulk_imports/archive_extraction_service.rb @@ -49,11 +49,7 @@ module BulkImports end def validate_symlink - raise(BulkImports::Error, 'Invalid file') if symlink?(filepath) - end - - def symlink?(filepath) - File.lstat(filepath).symlink? + raise(BulkImports::Error, 'Invalid file') if Gitlab::Utils::FileInfo.linked?(filepath) end def extract_archive diff --git a/app/services/bulk_imports/file_decompression_service.rb b/app/services/bulk_imports/file_decompression_service.rb index 94573f6bb13..77638f10f54 100644 --- a/app/services/bulk_imports/file_decompression_service.rb +++ b/app/services/bulk_imports/file_decompression_service.rb @@ -53,7 +53,7 @@ module BulkImports end def validate_symlink(filepath) - raise(ServiceError, 'Invalid file') if File.lstat(filepath).symlink? + raise(ServiceError, 'Invalid file') if Gitlab::Utils::FileInfo.linked?(filepath) end def decompress_file |