Commit 46d24898 authored by Douwe Maan's avatar Douwe Maan Committed by Robert Speicher

Merge branch 'fix-global-milestones-error-500' into 'master'

Fix Error 500 when creating global milestones with Unicode characters

Two issues:

1. The constraints in the resources were incorrect. Here's what it was before:

```
group_milestone  GET /groups/:group_id/milestones/:id(.:format)  groups/milestones#show {:id=>/[a-zA-Z.0-9_\-]+(?<!\.atom)/, :group_id=>/[a-zA-Z.0-9_\-]+(?<!\.atom)/}
```

In this case, id is actually the title of the milestone, which can be anything at the moment.

After:
```
group_milestone  GET /groups/:group_id/milestones/:id(.:format)  groups/milestones#show {:id=>/[^\/]+/, :group_id=>/[a-zA-Z.0-9_\-]+(?<!\.atom)/}
```

2. `parameterize` would strip all Unicode characters, leaving a blank string. Rails would report something like:

```
ActionView::Template::Error (No route matches {:action=>"show", :controller=>"groups/milestones", :group_id=>#<Group id: 48, name: "ops-dev", path: "ops-dev", owner_id: nil, created_at: "2015-11-15 08:55:30", updated_at: "2015-12-02 06:23:26", type: "Group", description: "", avatar: "sha1.c71e73d51af1865c1bbbf6208e10044d46c9bb93.png", public: false>, :id=>"", :title=>"肯定不是中文的问题"} missing required keys: [:id]):
```

This change uses the babosa library to create a better slug, which surprisingly
isn't actually used by the global milestone controllers. Instead, they use the
title passed as a query string for some reason.

Closes https://github.com/gitlabhq/gitlabhq/issues/9881

See merge request !1983
parent a418f641
......@@ -2,6 +2,7 @@ Please view this file on the master branch, on stable branches it's out of date.
v 8.2.3
- Fix application settings cache not expiring after changes (Stan Hu)
- Fix Error 500s when creating global milestones with Unicode characters (Stan Hu)
v 8.2.2
- Fix 404 in redirection after removing a project (Stan Hu)
......
......@@ -170,6 +170,7 @@ gem "underscore-rails", "~> 1.4.4"
# Sanitize user input
gem "sanitize", '~> 2.0'
gem 'babosa', '~> 1.0.2'
# Protect against bruteforcing
gem "rack-attack", '~> 4.3.0'
......
......@@ -65,6 +65,7 @@ GEM
descendants_tracker (~> 0.0.4)
ice_nine (~> 0.11.0)
thread_safe (~> 0.3, >= 0.3.1)
babosa (1.0.2)
bcrypt (3.1.10)
benchmark-ips (2.3.0)
better_errors (1.0.1)
......@@ -795,6 +796,7 @@ DEPENDENCIES
asciidoctor (~> 1.5.2)
attr_encrypted (~> 1.3.4)
awesome_print (~> 1.2.0)
babosa (~> 1.0.2)
benchmark-ips
better_errors (~> 1.0.1)
binding_of_caller (~> 0.7.2)
......
......@@ -46,7 +46,7 @@ class Groups::MilestonesController < Groups::ApplicationController
end
def milestone_path(title)
group_milestone_path(@group, title.parameterize, title: title)
group_milestone_path(@group, title.to_slug.to_s, title: title)
end
def projects
......
......@@ -16,7 +16,7 @@ class GlobalMilestone
end
def safe_title
@title.parameterize
@title.to_slug.to_s
end
def projects
......
......@@ -368,7 +368,7 @@ Gitlab::Application.routes.draw do
end
resource :avatar, only: [:destroy]
resources :milestones, only: [:index, :show, :update, :new, :create]
resources :milestones, constraints: { id: /[^\/]+/ }, only: [:index, :show, :update, :new, :create]
end
end
......
require 'spec_helper'
describe Groups::MilestonesController do
let(:group) { create(:group) }
let(:project) { create(:project, group: group) }
let(:project2) { create(:empty_project, group: group) }
let(:user) { create(:user) }
let(:title) { '肯定不是中文的问题' }
before do
sign_in(user)
group.add_owner(user)
project.team << [user, :master]
controller.instance_variable_set(:@group, group)
end
describe "#create" do
it "should create group milestone with Chinese title" do
post :create,
group_id: group.id,
milestone: { project_ids: [project.id, project2.id], title: title }
expect(response).to redirect_to(group_milestone_path(group, title.to_slug.to_s, title: title))
expect(Milestone.where(title: title).count).to eq(2)
end
end
end
......@@ -5,7 +5,7 @@ describe Projects::MilestonesController do
let(:user) { create(:user) }
let(:milestone) { create(:milestone, project: project) }
let(:issue) { create(:issue, project: project, milestone: milestone) }
let(:merge_request) { create(:merge_request, source_project: project, target_project: project, milestone: milestone) }
let!(:merge_request) { create(:merge_request, source_project: project, target_project: project, milestone: milestone) }
before do
sign_in(user)
......@@ -15,10 +15,9 @@ describe Projects::MilestonesController do
describe "#destroy" do
it "should remove milestone" do
merge_request.reload
expect(issue.milestone_id).to eq(milestone.id)
delete :destroy, namespace_id: project.namespace.id, project_id: project.id, id: milestone.id, format: :js
delete :destroy, namespace_id: project.namespace.id, project_id: project.id, id: milestone.iid, format: :js
expect(response).to be_success
expect(Event.first.action).to eq(Event::DESTROYED)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment