diff options
Diffstat (limited to 'lib/api/admin/dictionary.rb')
| -rw-r--r-- | lib/api/admin/dictionary.rb | 22 |
1 files changed, 2 insertions, 20 deletions
diff --git a/lib/api/admin/dictionary.rb b/lib/api/admin/dictionary.rb index 038c122c021..b013d584c1c 100644 --- a/lib/api/admin/dictionary.rb +++ b/lib/api/admin/dictionary.rb @@ -31,30 +31,12 @@ module API desc: 'The table name' end get do - not_found!('Table not found') unless File.exist?(safe_file_path!) + table_dictionary = ::Gitlab::Database::Dictionary.entry(params[:table_name]) + not_found!('Table not found') unless table_dictionary present table_dictionary, with: Entities::Dictionary::Table end end - - helpers do - def table_name - params[:table_name] - end - - def table_dictionary - YAML.load_file(safe_file_path!).with_indifferent_access - end - - def safe_file_path! - dir = Gitlab::Database::GitlabSchema.dictionary_paths.first.to_s - path = Rails.root.join(dir, "#{table_name}.yml").to_s - - Gitlab::PathTraversal.check_allowed_absolute_path_and_path_traversal!(path, [dir]) - - path - end - end end end end |