Skip to content

G
gitlab-ce
Commit 8b8608df authored by Doug Stull's avatar Doug Stull
Browse files
Options

Change whitelist to allowlist 

- more inclusive language
parent 59297396
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 6 deletions
app/controllers/concerns/workhorse_authorization.rb
View file @ 8b8608df
...@@ -26,7 +26,7 @@ module WorkhorseAuthorization ...@@ -26,7 +26,7 @@ module WorkhorseAuthorization
def file_is_valid?(file) def file_is_valid?(file)
return false unless file.is_a?(::UploadedFile) return false unless file.is_a?(::UploadedFile)
file_extension_whitelist.include?(File.extname(file.original_filename).downcase.delete('.')) file_extension_allowlist.include?(File.extname(file.original_filename).downcase.delete('.'))
end end
def uploader_class def uploader_class
...@@ -37,7 +37,7 @@ module WorkhorseAuthorization ...@@ -37,7 +37,7 @@ module WorkhorseAuthorization
raise NotImplementedError raise NotImplementedError
end end
def file_extension_whitelist def file_extension_allowlist
ImportExportUploader::EXTENSION_ALLOWLIST ImportExportUploader::EXTENSION_ALLOWLIST
end end
end end
ee/app/controllers/projects/requirements_management/requirements_controller.rb
View file @ 8b8608df
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
class Projects::RequirementsManagement::RequirementsController < Projects::ApplicationController class Projects::RequirementsManagement::RequirementsController < Projects::ApplicationController
include WorkhorseAuthorization include WorkhorseAuthorization
EXTENSION_WHITELIST = %w[csv].map(&:downcase).freeze EXTENSION_ALLOWLIST = %w[csv].map(&:downcase).freeze
before_action :authorize_read_requirement! before_action :authorize_read_requirement!
before_action :authorize_import_access!, only: [:import_csv, :authorize] before_action :authorize_import_access!, only: [:import_csv, :authorize]
...@@ -44,7 +44,7 @@ class Projects::RequirementsManagement::RequirementsController < Projects::Appli ...@@ -44,7 +44,7 @@ class Projects::RequirementsManagement::RequirementsController < Projects::Appli
end end
def invalid_file_message def invalid_file_message
supported_file_extensions = ".#{EXTENSION_WHITELIST.join(', .')}" supported_file_extensions = ".#{EXTENSION_ALLOWLIST.join(', .')}"
_("The uploaded file was invalid. Supported file extensions are %{extensions}.") % { extensions: supported_file_extensions } _("The uploaded file was invalid. Supported file extensions are %{extensions}.") % { extensions: supported_file_extensions }
end end
...@@ -56,7 +56,7 @@ class Projects::RequirementsManagement::RequirementsController < Projects::Appli ...@@ -56,7 +56,7 @@ class Projects::RequirementsManagement::RequirementsController < Projects::Appli
Gitlab::CurrentSettings.max_attachment_size.megabytes Gitlab::CurrentSettings.max_attachment_size.megabytes
end end
def file_extension_whitelist def file_extension_allowlist
EXTENSION_WHITELIST EXTENSION_ALLOWLIST
end end
end end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7