Skip to content

G
gitlab-ce
Commit 0086f377 authored by mbergeron's avatar mbergeron
Browse files
Options

Leverage the ::Gitlab::UrlBlocker in the validation

parent 760a38d6
Hide whitespace changes
Inline Side-by-side
Showing with 7 additions and 9 deletions
ee/app/models/ee/application_setting.rb
View file @ 0086f377
......@@ -60,7 +60,7 @@ module EE
presence: { message: "can't be blank when indexing is enabled" },
if: ->(setting) { setting.elasticsearch_indexing? }
validate :check_elasticsearch_url_scheme
validate :check_elasticsearch_url_scheme, if: :elasticsearch_url_changed?
validates :elasticsearch_aws_region,
presence: { message: "can't be blank when using aws hosted elasticsearch" },
......@@ -295,15 +295,13 @@ module EE
end
def check_elasticsearch_url_scheme
urls = elasticsearch_url.map(&URI.method(:parse))
# ElasticSearch only exposes a RESTful API, hence we need
# to use the HTTP protocol on all URLs.
unless urls.all? { |uri| uri.is_a?(URI::HTTP) && !uri.host.nil? }
errors.add(:elasticsearch_url, "only supports HTTP(S) URLs.")
elasticsearch_url.each do |str|
::Gitlab::UrlBlocker.validate!(str, schemes: %w[http https])
end
rescue URI::InvalidURIError => e
errors.add(:elasticsearch_url, e.message)
rescue ::Gitlab::UrlBlocker::BlockedUrlError
errors.add(:elasticsearch_url, "only supports valid HTTP(S) URLs.")
end
end
end
ee/spec/models/application_setting_spec.rb
View file @ 0086f377
......@@ -122,9 +122,9 @@ describe ApplicationSetting do
with_them do
it do
setting.update_column(:elasticsearch_url, elasticsearch_url)
setting.elasticsearch_url = elasticsearch_url
expect(setting.reload.valid?).to eq(is_valid)
expect(setting.valid?).to eq(is_valid)
end
end
end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7