Commit 6054c855 authored by Lin Jen-Shin's avatar Lin Jen-Shin

Only allow branches/tags, disallow SHA:

Feedback:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5347#note_13170854
parent 87604ed6
...@@ -20,12 +20,9 @@ module Ci ...@@ -20,12 +20,9 @@ module Ci
after_touch :update_state after_touch :update_state
after_save :keep_around_commits after_save :keep_around_commits
# ref can't be HEAD, can only be branch/tag name or SHA # ref can't be HEAD or SHA, can only be branch/tag name
scope :latest_successful_for, ->(ref) do scope :latest_successful_for, ->(ref) do
table = quoted_table_name where(ref: ref).success.order(id: :desc)
# TODO: Use `where(ref: ref).or(sha: ref)` in Rails 5
where("#{table}.ref = ? OR #{table}.sha = ?", ref, ref).
success.order(id: :desc)
end end
def self.truncate_sha(sha) def self.truncate_sha(sha)
......
...@@ -255,14 +255,6 @@ describe API::API, api: true do ...@@ -255,14 +255,6 @@ describe API::API, api: true do
create(:ci_build, status, :artifacts, pipeline: new_pipeline) create(:ci_build, status, :artifacts, pipeline: new_pipeline)
end end
context 'with sha' do
before do
get path_from_ref(pipeline.sha)
end
it('gives the file') { verify }
end
context 'with regular branch' do context 'with regular branch' do
before do before do
pipeline.update(ref: 'master', pipeline.update(ref: 'master',
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment