Commit 0e222f02 authored by James Lopez's avatar James Lopez

fixing URL validation for import_url on projects

parent 077e3274
...@@ -153,9 +153,7 @@ class Project < ActiveRecord::Base ...@@ -153,9 +153,7 @@ class Project < ActiveRecord::Base
validates :namespace, presence: true validates :namespace, presence: true
validates_uniqueness_of :name, scope: :namespace_id validates_uniqueness_of :name, scope: :namespace_id
validates_uniqueness_of :path, scope: :namespace_id validates_uniqueness_of :path, scope: :namespace_id
validates :import_url, validates :import_url, addressable_url: true, if: :external_import?
url: { protocols: %w(ssh git http https) },
if: :external_import?
validates :star_count, numericality: { greater_than_or_equal_to: 0 } validates :star_count, numericality: { greater_than_or_equal_to: 0 }
validate :check_limit, on: :create validate :check_limit, on: :create
validate :avatar_type, validate :avatar_type,
......
# UrlValidator
#
# Custom validator for URLs.
#
# By default, only URLs for the HTTP(S) protocols will be considered valid.
# Provide a `:protocols` option to configure accepted protocols.
#
# Example:
#
# class User < ActiveRecord::Base
# validates :personal_url, url: true
#
# validates :ftp_url, url: { protocols: %w(ftp) }
#
# validates :git_url, url: { protocols: %w(http https ssh git) }
# end
#
class AddressableUrlValidator < ActiveModel::EachValidator
def validate_each(record, attribute, value)
unless valid_url?(value)
record.errors.add(attribute, "must be a valid URL")
end
end
private
def default_options
@default_options ||= { protocols: %w(http https ssh git) }
end
def valid_url?(value)
return false unless value
value.strip!
valid_uri?(value) && valid_protocol?(value)
rescue Addressable::URI::InvalidURIError
false
end
def valid_uri?(value)
Addressable::URI.parse(strip).is_a?(Addressable::URI)
end
def valid_protocol?(value)
options = default_options.merge(self.options)
value =~ /\A#{URI.regexp(options[:protocols])}\z/
end
end
...@@ -63,6 +63,11 @@ describe Project, models: true do ...@@ -63,6 +63,11 @@ describe Project, models: true do
expect(project2).not_to be_valid expect(project2).not_to be_valid
expect(project2.errors[:limit_reached].first).to match(/Personal project creation is not allowed/) expect(project2.errors[:limit_reached].first).to match(/Personal project creation is not allowed/)
end end
it 'should not allow an invalid URI as import_url' do
project2 = build(:project)
expect(project2).to be_valid
end
end end
describe 'default_scope' do describe 'default_scope' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment