Commit 0b3c9742 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'rs-issue-1798' into 'master'

Ensure `session_expire_delay` field exists before accessing it

Closes #1798

See merge request !808
parents 89b56c81 567a25b6
...@@ -27,10 +27,10 @@ class ApplicationSetting < ActiveRecord::Base ...@@ -27,10 +27,10 @@ class ApplicationSetting < ActiveRecord::Base
serialize :restricted_visibility_levels serialize :restricted_visibility_levels
serialize :restricted_signup_domains, Array serialize :restricted_signup_domains, Array
attr_accessor :restricted_signup_domains_raw attr_accessor :restricted_signup_domains_raw
validates :session_expire_delay, validates :session_expire_delay,
presence: true, presence: true,
numericality: { only_integer: true, greater_than_or_equal_to: 0 } numericality: { only_integer: true, greater_than_or_equal_to: 0 }
validates :home_page_url, validates :home_page_url,
allow_blank: true, allow_blank: true,
......
# Be sure to restart your server when you modify this file. # Be sure to restart your server when you modify this file.
if ActiveRecord::Base.connection.active? && ActiveRecord::Base.connection.table_exists?('application_settings') require 'gitlab/current_settings'
Settings.gitlab['session_expire_delay'] = ApplicationSetting.current.session_expire_delay include Gitlab::CurrentSettings
end Settings.gitlab['session_expire_delay'] = current_application_settings.session_expire_delay
Gitlab::Application.config.session_store( Gitlab::Application.config.session_store(
:redis_store, # Using the cookie_store would enable session replay attacks. :redis_store, # Using the cookie_store would enable session replay attacks.
...@@ -12,4 +12,4 @@ Gitlab::Application.config.session_store( ...@@ -12,4 +12,4 @@ Gitlab::Application.config.session_store(
httponly: true, httponly: true,
expire_after: Settings.gitlab['session_expire_delay'] * 60, expire_after: Settings.gitlab['session_expire_delay'] * 60,
path: (Rails.application.config.relative_url_root.nil?) ? '/' : Rails.application.config.relative_url_root path: (Rails.application.config.relative_url_root.nil?) ? '/' : Rails.application.config.relative_url_root
) )
\ No newline at end of file
...@@ -11,7 +11,7 @@ ...@@ -11,7 +11,7 @@
# #
# It's strongly recommended that you check this file into your version control system. # It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20150604202921) do ActiveRecord::Schema.define(version: 20150609141121) do
# These are extensions that must be enabled in order to support this database # These are extensions that must be enabled in order to support this database
enable_extension "plpgsql" enable_extension "plpgsql"
...@@ -29,13 +29,13 @@ ActiveRecord::Schema.define(version: 20150604202921) do ...@@ -29,13 +29,13 @@ ActiveRecord::Schema.define(version: 20150604202921) do
t.boolean "twitter_sharing_enabled", default: true t.boolean "twitter_sharing_enabled", default: true
t.text "restricted_visibility_levels" t.text "restricted_visibility_levels"
t.boolean "version_check_enabled", default: true t.boolean "version_check_enabled", default: true
t.integer "max_attachment_size", default: 10, null: false t.integer "max_attachment_size", default: 10, null: false
t.integer "default_project_visibility" t.integer "default_project_visibility"
t.integer "default_snippet_visibility" t.integer "default_snippet_visibility"
t.text "restricted_signup_domains" t.text "restricted_signup_domains"
t.boolean "user_oauth_applications", default: true t.boolean "user_oauth_applications", default: true
t.string "after_sign_out_path" t.string "after_sign_out_path"
t.integer "session_expire_delay", default: 10080, null: false t.integer "session_expire_delay", default: 10080, null: false
end end
create_table "broadcast_messages", force: true do |t| create_table "broadcast_messages", force: true do |t|
...@@ -496,12 +496,12 @@ ActiveRecord::Schema.define(version: 20150604202921) do ...@@ -496,12 +496,12 @@ ActiveRecord::Schema.define(version: 20150604202921) do
t.string "bitbucket_access_token" t.string "bitbucket_access_token"
t.string "bitbucket_access_token_secret" t.string "bitbucket_access_token_secret"
t.string "location" t.string "location"
t.string "public_email", default: "", null: false
t.string "encrypted_otp_secret" t.string "encrypted_otp_secret"
t.string "encrypted_otp_secret_iv" t.string "encrypted_otp_secret_iv"
t.string "encrypted_otp_secret_salt" t.string "encrypted_otp_secret_salt"
t.boolean "otp_required_for_login" t.boolean "otp_required_for_login"
t.text "otp_backup_codes" t.text "otp_backup_codes"
t.string "public_email", default: "", null: false
end end
add_index "users", ["admin"], name: "index_users_on_admin", using: :btree add_index "users", ["admin"], name: "index_users_on_admin", using: :btree
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment