diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-11-29 19:28:43 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-11-29 19:28:43 +0300 |
commit | 706c0db2fcea38033a4b23e9434461127deb87e1 (patch) | |
tree | 64c4edf52bc17a5fca557e252ede46b7032e9bc6 /app | |
parent | 925780caf1f669002af72d5a6be6a3a6551308cc (diff) |
Add latest changes from gitlab-org/security/gitlab@16-6-stable-ee
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/projects/tags_controller.rb | 2 | ||||
-rw-r--r-- | app/models/pages_domain.rb | 5 | ||||
-rw-r--r-- | app/policies/issue_policy.rb | 1 |
3 files changed, 5 insertions, 3 deletions
diff --git a/app/controllers/projects/tags_controller.rb b/app/controllers/projects/tags_controller.rb index 3c1735c728c..d3e38774aaa 100644 --- a/app/controllers/projects/tags_controller.rb +++ b/app/controllers/projects/tags_controller.rb @@ -29,7 +29,7 @@ class Projects::TagsController < Projects::ApplicationController tag_names = @tags.map(&:name) @tags_pipelines = @project.ci_pipelines.latest_successful_for_refs(tag_names) - @releases = project.releases.where(tag: tag_names) + @releases = ReleasesFinder.new(project, current_user, tag: tag_names).execute @tag_pipeline_statuses = Ci::CommitStatusesFinder.new(@project, @repository, current_user, @tags).execute rescue Gitlab::Git::CommandError => e diff --git a/app/models/pages_domain.rb b/app/models/pages_domain.rb index cabd3924fd6..33de5aa21aa 100644 --- a/app/models/pages_domain.rb +++ b/app/models/pages_domain.rb @@ -35,10 +35,11 @@ class PagesDomain < ApplicationRecord validates :verification_code, presence: true, allow_blank: false validate :validate_pages_domain + validate :max_certificate_key_length, if: ->(domain) { domain.key.present? } validate :validate_matching_key, if: ->(domain) { domain.certificate.present? || domain.key.present? } - validate :validate_intermediates, if: ->(domain) { domain.certificate.present? && domain.certificate_changed? } + # validate_intermediates must run after key validations to skip expensive SSL validation when there is a key error + validate :validate_intermediates, if: ->(domain) { domain.certificate.present? && domain.certificate_changed? && errors[:key].blank? } validate :validate_custom_domain_count_per_project, on: :create - validate :max_certificate_key_length, if: ->(domain) { domain.key.present? } attribute :auto_ssl_enabled, default: -> { ::Gitlab::LetsEncrypt.enabled? } attribute :wildcard, default: false diff --git a/app/policies/issue_policy.rb b/app/policies/issue_policy.rb index 683c53d8d78..c95cde86e38 100644 --- a/app/policies/issue_policy.rb +++ b/app/policies/issue_policy.rb @@ -60,6 +60,7 @@ class IssuePolicy < IssuablePolicy rule { ~can?(:read_issue) }.policy do prevent :create_note prevent :read_note + prevent :award_emoji end rule { locked }.policy do |