Commit b7f35e89 authored by Grzegorz Bizon's avatar Grzegorz Bizon

Expire application settings after encrypting tokens

parent 7d2b37bc
...@@ -25,6 +25,9 @@ module TokenAuthenticatableStrategies ...@@ -25,6 +25,9 @@ module TokenAuthenticatableStrategies
# #
# In that case we are using insecure strategy, but this should only happen # In that case we are using insecure strategy, but this should only happen
# in tests, because otherwise `encrypted_field` is going to exist. # in tests, because otherwise `encrypted_field` is going to exist.
#
# Another use case is when we are caching resources / columns, like we do
# in case of ApplicationSetting.
return super if instance.has_attribute?(encrypted_field) return super if instance.has_attribute?(encrypted_field)
......
...@@ -9,10 +9,15 @@ module Gitlab ...@@ -9,10 +9,15 @@ module Gitlab
# #
class Settings < ActiveRecord::Base class Settings < ActiveRecord::Base
include ::EachBatch include ::EachBatch
include ::CacheableAttributes
self.table_name = 'application_settings' self.table_name = 'application_settings'
self.inheritance_column = :_type_disabled self.inheritance_column = :_type_disabled
after_commit do
ApplicationSetting.expire
end
def runners_registration_token=(value) def runners_registration_token=(value)
self.runners_registration_token_encrypted = self.runners_registration_token_encrypted =
::Gitlab::CryptoHelper.aes256_gcm_encrypt(value) ::Gitlab::CryptoHelper.aes256_gcm_encrypt(value)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment