diff options
| author | Grzegorz Bizon <grzesiek.bizon@gmail.com> | 2018-11-29 12:52:01 +0300 |
|---|---|---|
| committer | Grzegorz Bizon <grzesiek.bizon@gmail.com> | 2018-11-29 12:52:01 +0300 |
| commit | a7fec1779fe32bd2a7a08ca5780f826a58614af0 (patch) | |
| tree | 77488fdc6d8e82a773bd2327d69f634419b62bce /db/post_migrate | |
| parent | 439d22b90fed46d16ebc26fd756f1459da370280 (diff) | |
| parent | 6852680584a1b22788f451457a6042eabf862a73 (diff) | |
Merge commit '6852680584a1b22788f451457a6042eabf862a73' into fix/gb/encrypt-runners-tokens
* commit '6852680584a1b22788f451457a6042eabf862a73': (57 commits)
Diffstat (limited to 'db/post_migrate')
| -rw-r--r-- | db/post_migrate/20181026091631_migrate_forbidden_redirect_uris.rb | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/db/post_migrate/20181026091631_migrate_forbidden_redirect_uris.rb b/db/post_migrate/20181026091631_migrate_forbidden_redirect_uris.rb new file mode 100644 index 00000000000..ff5510e8eb7 --- /dev/null +++ b/db/post_migrate/20181026091631_migrate_forbidden_redirect_uris.rb @@ -0,0 +1,32 @@ +# frozen_string_literal: true + +class MigrateForbiddenRedirectUris < ActiveRecord::Migration + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + FORBIDDEN_SCHEMES = %w[data:// vbscript:// javascript://] + NEW_URI = 'http://forbidden-scheme-has-been-overwritten' + + disable_ddl_transaction! + + def up + update_forbidden_uris(:oauth_applications) + update_forbidden_uris(:oauth_access_grants) + end + + def down + # noop + end + + private + + def update_forbidden_uris(table_name) + update_column_in_batches(table_name, :redirect_uri, NEW_URI) do |table, query| + where_clause = FORBIDDEN_SCHEMES.map do |scheme| + table[:redirect_uri].matches("#{scheme}%") + end.inject(&:or) + + query.where(where_clause) + end + end +end |