diff options
Diffstat (limited to 'app/graphql/types/untrusted_regexp.rb')
-rw-r--r-- | app/graphql/types/untrusted_regexp.rb | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/app/graphql/types/untrusted_regexp.rb b/app/graphql/types/untrusted_regexp.rb new file mode 100644 index 00000000000..2c715ab4967 --- /dev/null +++ b/app/graphql/types/untrusted_regexp.rb @@ -0,0 +1,22 @@ +# frozen_string_literal: true + +module Types + class UntrustedRegexp < Types::BaseScalar + description 'A regexp containing patterns sourced from user input' + + def self.coerce_input(input_value, _) + return unless input_value + + Gitlab::UntrustedRegexp.new(input_value) + + input_value + rescue RegexpError => e + message = "#{input_value} is an invalid regexp: #{e.message}" + raise GraphQL::CoercionError, message + end + + def self.coerce_result(ruby_value, _) + ruby_value.to_s + end + end +end |