Commit 5bc58bac authored by Mayra Cabrera's avatar Mayra Cabrera

Handle limit for datetime attributes on MySQL

The TIMESTAMP data type is used for values that contain both date and
time parts. TIMESTAMP has a range of '1970-01-01 00:00:01' UTC to
'2038-01-19 03:14:07' UTC.

A Forever lib class was included to handle future dates for PostgreSQL
and MySQL, also changes were made to DeployToken to enforce Forever.date

Also removes extra conditional from JwtController
parent d6450717
......@@ -25,8 +25,7 @@ class JwtController < ApplicationController
authenticate_with_http_basic do |login, password|
@authentication_result = Gitlab::Auth.find_for_git_client(login, password, project: nil, ip: request.ip)
if @authentication_result.failed? ||
(@authentication_result.actor.present? && !user_or_deploy_token)
if @authentication_result.failed?
render_unauthorized
end
end
......@@ -57,8 +56,4 @@ class JwtController < ApplicationController
def auth_params
params.permit(:service, :scope, :account, :client_id)
end
def user_or_deploy_token
@authentication_result.actor.is_a?(User) || @authentication_result.actor.is_a?(DeployToken)
end
end
......@@ -7,10 +7,4 @@ class Projects::DeployTokensController < Projects::ApplicationController
redirect_to project_settings_repository_path(project)
end
private
def deploy_token_params
params.require(:deploy_token).permit(:name, :expires_at, :read_repository, :read_registry)
end
end
......@@ -9,12 +9,4 @@ module DeployTokensHelper
Gitlab.config.registry.enabled &&
can?(current_user, :read_container_image, project)
end
def expires_at_value(expires_at)
expires_at unless expires_at >= DeployToken::FOREVER
end
def show_expire_at?(token)
token.expires? && token.expires_at != DeployToken::FOREVER
end
end
......@@ -4,9 +4,8 @@ class DeployToken < ActiveRecord::Base
add_authentication_token_field :token
AVAILABLE_SCOPES = %i(read_repository read_registry).freeze
FOREVER = DateTime.new(3000, 1, 1)
default_value_for :expires_at, FOREVER
default_value_for(:expires_at) { Forever.date }
has_many :project_deploy_tokens, inverse_of: :deploy_token
has_many :projects, through: :project_deploy_tokens
......@@ -45,6 +44,15 @@ class DeployToken < ActiveRecord::Base
projects.first
end
def expires_at
expires_at = read_attribute(:expires_at)
expires_at != Forever.date ? expires_at : nil
end
def expires_at=(value)
write_attribute(:expires_at, value.presence || Forever.date)
end
private
def ensure_at_least_one_scope
......
module DeployTokens
class CreateService < BaseService
def execute
@project.deploy_tokens.create(deploy_token_params)
end
private
def deploy_token_params
params[:expires_at] = expires_at_date
params
end
def expires_at_date
params[:expires_at].presence || default_expires_at
end
def default_expires_at
DeployToken::FOREVER
@project.deploy_tokens.create(params)
end
end
end
......@@ -10,7 +10,7 @@
.form-group
= f.label :expires_at, class: 'label-light'
= f.text_field :expires_at, class: 'datepicker form-control', value: expires_at_value(token.expires_at)
= f.text_field :expires_at, class: 'datepicker form-control', value: f.object.expires_at
.form-group
= f.label :scopes, class: 'label-light'
......
......@@ -18,7 +18,7 @@
%td= token.username
%td= token.created_at.to_date.to_s(:medium)
%td
- if show_expire_at?(token)
- if token.expires?
%span{ class: ('text-warning' if token.expires_soon?) }
In #{distance_of_time_in_words_to_now(token.expires_at)}
- else
......
class Forever
POSTGRESQL_DATE = DateTime.new(3000, 1, 1)
MYSQL_DATE = DateTime.new(2038, 01, 19)
# MySQL timestamp has a range of '1970-01-01 00:00:01' UTC to '2038-01-19 03:14:07' UTC
def self.date
if Gitlab::Database.postgresql?
POSTGRESQL_DATE
else
MYSQL_DATE
end
end
end
......@@ -90,8 +90,7 @@ feature 'Repository settings' do
end
context 'Deploy tokens' do
let(:deploy_token_project) { create(:project_deploy_token, project: project) }
let!(:deploy_token) { deploy_token_project.deploy_token }
let!(:deploy_token) { create(:deploy_token, projects: [project]) }
before do
stub_container_registry_config(enabled: true)
......@@ -115,17 +114,6 @@ feature 'Repository settings' do
expect(page).to have_content('Your new project deploy token has been created')
end
scenario 'revoke a deploy token', :js do
within('.deploy-tokens') do
click_link 'Revoke'
click_link "Revoke #{deploy_token.name}"
expect(page).not_to have_content(deploy_token.name)
expect(page).not_to have_content('read_repository')
expect(page).not_to have_content('read_registry')
end
end
end
end
end
require 'spec_helper'
describe Forever do
describe '.date' do
subject { described_class.date }
context 'when using PostgreSQL' do
it 'should return Postgresql future date' do
allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
expect(subject).to eq(described_class::POSTGRESQL_DATE)
end
end
context 'when using MySQL' do
it 'should return MySQL future date' do
allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
expect(subject).to eq(described_class::MYSQL_DATE)
end
end
end
end
......@@ -93,4 +93,42 @@ describe DeployToken do
end
end
end
describe '#expires_at' do
context 'when using Forever.date' do
let(:deploy_token) { create(:deploy_token, expires_at: nil) }
it 'should return nil' do
expect(deploy_token.expires_at).to be_nil
end
end
context 'when using a personalized date' do
let(:expires_at) { Date.today + 5.months }
let(:deploy_token) { create(:deploy_token, expires_at: expires_at) }
it 'should return the personalized date' do
expect(deploy_token.expires_at).to eq(expires_at)
end
end
end
describe '#expires_at=' do
context 'when passing nil' do
let(:deploy_token) { create(:deploy_token, expires_at: nil) }
it 'should assign Forever.date' do
expect(deploy_token.read_attribute(:expires_at)).to eq(Forever.date)
end
end
context 'when passign a value' do
let(:expires_at) { Date.today + 5.months }
let(:deploy_token) { create(:deploy_token, expires_at: expires_at) }
it 'should respect the value' do
expect(deploy_token.read_attribute(:expires_at)).to eq(expires_at)
end
end
end
end
......@@ -25,8 +25,8 @@ describe DeployTokens::CreateService do
context 'when expires at date is not passed' do
let(:deploy_token_params) { attributes_for(:deploy_token, expires_at: '') }
it 'should set FOREVER date' do
expect(subject.expires_at).to eq(DeployToken::FOREVER)
it 'should set Forever.date' do
expect(subject.read_attribute(:expires_at)).to eq(Forever.date)
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment