Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2020-04-02 15:08:18 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2020-04-02 15:08:18 +0300
commit: 684d65316ac77c62f47d68b9926eea8af30db227 (patch)
tree: d1f4c4eec399d7772ab4ad6294f98e7505c1cee5 /lib/api/validations/validators/file_path.rb
parent: ade18c9d68d5a2e6c6e28ef7e9d3add3b3491ace (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/lib/api/validations/validators/file_path.rb b/lib/api/validations/validators/file_path.rb
new file mode 100644
index 00000000000..93a20e5bf7d
--- /dev/null
+++ b/lib/api/validations/validators/file_path.rb
@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module API
+  module Validations
+    module Validators
+      class FilePath < Grape::Validations::Base
+        def validate_param!(attr_name, params)
+          path = params[attr_name]
+
+          Gitlab::Utils.check_path_traversal!(path)
+        rescue StandardError
+          raise Grape::Exceptions::Validation, params: [@scope.full_name(attr_name)],
+                                               message: "should be a valid file path"
+        end
+      end
+    end
+  end
+end
author	GitLab Bot <gitlab-bot@gitlab.com>	2020-04-02 15:08:18 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2020-04-02 15:08:18 +0300
commit	684d65316ac77c62f47d68b9926eea8af30db227 (patch)
tree	d1f4c4eec399d7772ab4ad6294f98e7505c1cee5 /lib/api/validations/validators/file_path.rb
parent	ade18c9d68d5a2e6c6e28ef7e9d3add3b3491ace (diff)