diff options
Diffstat (limited to 'app/validators')
-rw-r--r-- | app/validators/cron_freeze_period_timezone_validator.rb | 13 | ||||
-rw-r--r-- | app/validators/cron_validator.rb | 15 |
2 files changed, 23 insertions, 5 deletions
diff --git a/app/validators/cron_freeze_period_timezone_validator.rb b/app/validators/cron_freeze_period_timezone_validator.rb new file mode 100644 index 00000000000..143a0262136 --- /dev/null +++ b/app/validators/cron_freeze_period_timezone_validator.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +# CronTimezoneValidator +# +# Custom validator for CronTimezone. +class CronFreezePeriodTimezoneValidator < ActiveModel::EachValidator + def validate_each(record, attribute, value) + freeze_start_parser = Gitlab::Ci::CronParser.new(record.freeze_start, record.cron_timezone) + freeze_end_parser = Gitlab::Ci::CronParser.new(record.freeze_end, record.cron_timezone) + + record.errors.add(attribute, " is invalid syntax") unless freeze_start_parser.cron_timezone_valid? && freeze_end_parser.cron_timezone_valid? + end +end diff --git a/app/validators/cron_validator.rb b/app/validators/cron_validator.rb index bd48a7a6efb..6f42bdb5f9b 100644 --- a/app/validators/cron_validator.rb +++ b/app/validators/cron_validator.rb @@ -1,11 +1,16 @@ # frozen_string_literal: true -# CronValidator -# -# Custom validator for Cron. class CronValidator < ActiveModel::EachValidator + ATTRIBUTE_WHITELIST = %i[cron freeze_start freeze_end].freeze + + NonWhitelistedAttributeError = Class.new(StandardError) + def validate_each(record, attribute, value) - cron_parser = Gitlab::Ci::CronParser.new(record.cron, record.cron_timezone) - record.errors.add(attribute, " is invalid syntax") unless cron_parser.cron_valid? + if ATTRIBUTE_WHITELIST.include?(attribute) + cron_parser = Gitlab::Ci::CronParser.new(record.public_send(attribute), record.cron_timezone) # rubocop:disable GitlabSecurity/PublicSend + record.errors.add(attribute, " is invalid syntax") unless cron_parser.cron_valid? + else + raise NonWhitelistedAttributeError.new "Non-whitelisted attribute" + end end end |