Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
dd0691b8
Commit
dd0691b8
authored
Aug 30, 2020
by
Giorgenes Gelatti
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Validate pypi required_python size
Adds validation and specs
parent
4e12f87c
Changes
5
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
41 additions
and
5 deletions
+41
-5
app/models/packages/pypi/metadatum.rb
app/models/packages/pypi/metadatum.rb
+1
-0
app/services/packages/pypi/create_package_service.rb
app/services/packages/pypi/create_package_service.rb
+8
-2
changelogs/unreleased/241492-check-pypi-metadata-size.yml
changelogs/unreleased/241492-check-pypi-metadata-size.yml
+5
-0
spec/requests/api/pypi_packages_spec.rb
spec/requests/api/pypi_packages_spec.rb
+15
-1
spec/services/packages/pypi/create_package_service_spec.rb
spec/services/packages/pypi/create_package_service_spec.rb
+12
-2
No files found.
app/models/packages/pypi/metadatum.rb
View file @
dd0691b8
...
@@ -6,6 +6,7 @@ class Packages::Pypi::Metadatum < ApplicationRecord
...
@@ -6,6 +6,7 @@ class Packages::Pypi::Metadatum < ApplicationRecord
belongs_to
:package
,
->
{
where
(
package_type: :pypi
)
},
inverse_of: :pypi_metadatum
belongs_to
:package
,
->
{
where
(
package_type: :pypi
)
},
inverse_of: :pypi_metadatum
validates
:package
,
presence:
true
validates
:package
,
presence:
true
validates
:required_python
,
length:
{
maximum:
50
},
allow_blank:
true
validate
:pypi_package_type
validate
:pypi_package_type
...
...
app/services/packages/pypi/create_package_service.rb
View file @
dd0691b8
...
@@ -7,11 +7,17 @@ module Packages
...
@@ -7,11 +7,17 @@ module Packages
def
execute
def
execute
::
Packages
::
Package
.
transaction
do
::
Packages
::
Package
.
transaction
do
Packages
::
Pypi
::
Metadatum
.
upsert
(
meta
=
Packages
::
Pypi
::
Metadatum
.
new
(
package
_id:
created_package
.
id
,
package
:
created_package
,
required_python:
params
[
:requires_python
]
required_python:
params
[
:requires_python
]
)
)
unless
meta
.
valid?
raise
ActiveRecord
::
RecordInvalid
.
new
(
meta
)
end
Packages
::
Pypi
::
Metadatum
.
upsert
(
meta
.
attributes
)
::
Packages
::
CreatePackageFileService
.
new
(
created_package
,
file_params
).
execute
::
Packages
::
CreatePackageFileService
.
new
(
created_package
,
file_params
).
execute
end
end
end
end
...
...
changelogs/unreleased/241492-check-pypi-metadata-size.yml
0 → 100644
View file @
dd0691b8
---
title
:
Validates pypi required_python size to avoid 500 error
merge_request
:
40803
author
:
type
:
fixed
spec/requests/api/pypi_packages_spec.rb
View file @
dd0691b8
...
@@ -117,7 +117,8 @@ RSpec.describe API::PypiPackages do
...
@@ -117,7 +117,8 @@ RSpec.describe API::PypiPackages do
let_it_be
(
:file_name
)
{
'package.whl'
}
let_it_be
(
:file_name
)
{
'package.whl'
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/packages/pypi"
}
let
(
:url
)
{
"/projects/
#{
project
.
id
}
/packages/pypi"
}
let
(
:headers
)
{
{}
}
let
(
:headers
)
{
{}
}
let
(
:base_params
)
{
{
requires_python:
'>=3.7'
,
version:
'1.0.0'
,
name:
'sample-project'
,
sha256_digest:
'123'
}
}
let
(
:requires_python
)
{
'>=3.7'
}
let
(
:base_params
)
{
{
requires_python:
requires_python
,
version:
'1.0.0'
,
name:
'sample-project'
,
sha256_digest:
'123'
}
}
let
(
:params
)
{
base_params
.
merge
(
content:
temp_file
(
file_name
))
}
let
(
:params
)
{
base_params
.
merge
(
content:
temp_file
(
file_name
))
}
let
(
:send_rewritten_field
)
{
true
}
let
(
:send_rewritten_field
)
{
true
}
...
@@ -169,6 +170,19 @@ RSpec.describe API::PypiPackages do
...
@@ -169,6 +170,19 @@ RSpec.describe API::PypiPackages do
end
end
end
end
context
'with required_python too big'
do
let
(
:requires_python
)
{
'x'
*
500
}
let
(
:token
)
{
personal_access_token
.
token
}
let
(
:user_headers
)
{
basic_auth_header
(
user
.
username
,
token
)
}
let
(
:headers
)
{
user_headers
.
merge
(
workhorse_header
)
}
before
do
project
.
update!
(
visibility_level:
Gitlab
::
VisibilityLevel
::
PRIVATE
)
end
it_behaves_like
'process PyPi api request'
,
:developer
,
:bad_request
,
true
end
context
'with an invalid package'
do
context
'with an invalid package'
do
let
(
:token
)
{
personal_access_token
.
token
}
let
(
:token
)
{
personal_access_token
.
token
}
let
(
:user_headers
)
{
basic_auth_header
(
user
.
username
,
token
)
}
let
(
:user_headers
)
{
basic_auth_header
(
user
.
username
,
token
)
}
...
...
spec/services/packages/pypi/create_package_service_spec.rb
View file @
dd0691b8
...
@@ -6,12 +6,14 @@ RSpec.describe Packages::Pypi::CreatePackageService do
...
@@ -6,12 +6,14 @@ RSpec.describe Packages::Pypi::CreatePackageService do
let_it_be
(
:project
)
{
create
(
:project
)
}
let_it_be
(
:project
)
{
create
(
:project
)
}
let_it_be
(
:user
)
{
create
(
:user
)
}
let_it_be
(
:user
)
{
create
(
:user
)
}
let_it_be
(
:params
)
do
let
(
:requires_python
)
{
'>=2.7'
}
let
(
:params
)
do
{
{
name:
'foo'
,
name:
'foo'
,
version:
'1.0'
,
version:
'1.0'
,
content:
temp_file
(
'foo.tgz'
),
content:
temp_file
(
'foo.tgz'
),
requires_python:
'>=2.7'
,
requires_python:
requires_python
,
sha256_digest:
'123'
,
sha256_digest:
'123'
,
md5_digest:
'567'
md5_digest:
'567'
}
}
...
@@ -37,6 +39,14 @@ RSpec.describe Packages::Pypi::CreatePackageService do
...
@@ -37,6 +39,14 @@ RSpec.describe Packages::Pypi::CreatePackageService do
end
end
end
end
context
'with an invalid metadata'
do
let
(
:requires_python
)
{
'x'
*
500
}
it
'raises an error'
do
expect
{
subject
}.
to
raise_error
(
ActiveRecord
::
RecordInvalid
)
end
end
context
'with an existing package'
do
context
'with an existing package'
do
before
do
before
do
described_class
.
new
(
project
,
user
,
params
).
execute
described_class
.
new
(
project
,
user
,
params
).
execute
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment