From 1ebdda69d61ae26379f8fac27671103374031944 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Mon, 31 Jul 2023 14:35:12 +0000
Subject: Add latest changes from gitlab-org/security/gitlab@16-2-stable-ee

---
 app/models/project.rb         | 11 +++++++++++
 app/models/project_setting.rb | 11 +++++++++++
 2 files changed, 22 insertions(+)

(limited to 'app/models')

diff --git a/app/models/project.rb b/app/models/project.rb
index 931f4db3a54..8959eccbd1f 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -579,6 +579,8 @@ class Project < ApplicationRecord
   validates :max_artifacts_size, numericality: { only_integer: true, greater_than: 0, allow_nil: true }
   validates :suggestion_commit_message, length: { maximum: MAX_SUGGESTIONS_TEMPLATE_LENGTH }
 
+  validate :path_availability, if: :path_changed?
+
   # Scopes
   scope :pending_delete, -> { where(pending_delete: true) }
   scope :without_deleted, -> { where(pending_delete: false) }
@@ -3221,6 +3223,15 @@ class Project < ApplicationRecord
     group.crm_enabled?
   end
 
+  def path_availability
+    base, _, host = path.partition('.')
+
+    return unless host == Gitlab.config.pages&.dig('host')
+    return unless ProjectSetting.where(pages_unique_domain: base).exists?
+
+    errors.add(:path, s_('Project|already in use'))
+  end
+
   private
 
   # overridden in EE
diff --git a/app/models/project_setting.rb b/app/models/project_setting.rb
index 7ca74d4e970..aeefa5c8dcd 100644
--- a/app/models/project_setting.rb
+++ b/app/models/project_setting.rb
@@ -59,6 +59,8 @@ class ProjectSetting < ApplicationRecord
 
   validate :validates_mr_default_target_self
 
+  validate :pages_unique_domain_availability, if: :pages_unique_domain_changed?
+
   attribute :legacy_open_source_license_available, default: -> do
     Feature.enabled?(:legacy_open_source_license_available, type: :ops)
   end
@@ -109,6 +111,15 @@ class ProjectSetting < ApplicationRecord
     pages_unique_domain_enabled ||
       pages_unique_domain_in_database.present?
   end
+
+  def pages_unique_domain_availability
+    host = Gitlab.config.pages&.dig('host')
+
+    return if host.blank?
+    return unless Project.where(path: "#{pages_unique_domain}.#{host}").exists?
+
+    errors.add(:pages_unique_domain, s_('ProjectSetting|already in use'))
+  end
 end
 
 ProjectSetting.prepend_mod
-- 
cgit v1.2.3