Commit 9321d382 authored by Robert Speicher's avatar Robert Speicher

Add custom NamespaceValidator

parent ad6a771d
...@@ -30,12 +30,10 @@ class Namespace < ActiveRecord::Base ...@@ -30,12 +30,10 @@ class Namespace < ActiveRecord::Base
validates :description, length: { within: 0..255 } validates :description, length: { within: 0..255 }
validates :path, validates :path,
uniqueness: { case_sensitive: false },
presence: true,
length: { within: 1..255 }, length: { within: 1..255 },
exclusion: { in: Gitlab::Blacklist.path }, namespace: true,
format: { with: Gitlab::Regex.namespace_regex, presence: true,
message: Gitlab::Regex.namespace_regex_message } uniqueness: { case_sensitive: false }
delegate :name, to: :owner, allow_nil: true, prefix: true delegate :name, to: :owner, allow_nil: true, prefix: true
......
...@@ -148,11 +148,9 @@ class User < ActiveRecord::Base ...@@ -148,11 +148,9 @@ class User < ActiveRecord::Base
validates :bio, length: { maximum: 255 }, allow_blank: true validates :bio, length: { maximum: 255 }, allow_blank: true
validates :projects_limit, presence: true, numericality: { greater_than_or_equal_to: 0 } validates :projects_limit, presence: true, numericality: { greater_than_or_equal_to: 0 }
validates :username, validates :username,
namespace: true,
presence: true, presence: true,
uniqueness: { case_sensitive: false }, uniqueness: { case_sensitive: false }
exclusion: { in: Gitlab::Blacklist.path },
format: { with: Gitlab::Regex.namespace_regex,
message: Gitlab::Regex.namespace_regex_message }
validates :notification_level, inclusion: { in: Notification.notification_levels }, presence: true validates :notification_level, inclusion: { in: Notification.notification_levels }, presence: true
validate :namespace_uniq, if: ->(user) { user.username_changed? } validate :namespace_uniq, if: ->(user) { user.username_changed? }
......
# NamespaceValidator
#
# Custom validator for GitLab namespace values.
#
# Values are checked for formatting and exclusion from `Gitlab::Blacklist.path`.
class NamespaceValidator < ActiveModel::EachValidator
def validate_each(record, attribute, value)
unless value =~ Gitlab::Regex.namespace_regex
record.errors.add(attribute, Gitlab::Regex.namespace_regex_message)
end
if blacklisted?(value)
record.errors.add(attribute, "#{value} is a reserved name")
end
end
private
def blacklisted?(value)
Gitlab::Blacklist.path.include?(value)
end
end
...@@ -91,7 +91,23 @@ describe User do ...@@ -91,7 +91,23 @@ describe User do
end end
describe 'validations' do describe 'validations' do
it { is_expected.to validate_presence_of(:username) } describe 'username' do
it 'validates presence' do
expect(subject).to validate_presence_of(:username)
end
it 'rejects blacklisted names' do
user = build(:user, username: 'dashboard')
expect(user).not_to be_valid
expect(user.errors.values).to eq [['dashboard is a reserved name']]
end
it 'validates uniqueness' do
expect(subject).to validate_uniqueness_of(:username)
end
end
it { is_expected.to validate_presence_of(:projects_limit) } it { is_expected.to validate_presence_of(:projects_limit) }
it { is_expected.to validate_numericality_of(:projects_limit) } it { is_expected.to validate_numericality_of(:projects_limit) }
it { is_expected.to allow_value(0).for(:projects_limit) } it { is_expected.to allow_value(0).for(:projects_limit) }
......
...@@ -153,7 +153,7 @@ describe API::API, api: true do ...@@ -153,7 +153,7 @@ describe API::API, api: true do
expect(json_response['message']['projects_limit']). expect(json_response['message']['projects_limit']).
to eq(['must be greater than or equal to 0']) to eq(['must be greater than or equal to 0'])
expect(json_response['message']['username']). expect(json_response['message']['username']).
to eq([Gitlab::Regex.send(:namespace_regex_message)]) to eq([Gitlab::Regex.namespace_regex_message])
end end
it "shouldn't available for non admin users" do it "shouldn't available for non admin users" do
...@@ -296,7 +296,7 @@ describe API::API, api: true do ...@@ -296,7 +296,7 @@ describe API::API, api: true do
expect(json_response['message']['projects_limit']). expect(json_response['message']['projects_limit']).
to eq(['must be greater than or equal to 0']) to eq(['must be greater than or equal to 0'])
expect(json_response['message']['username']). expect(json_response['message']['username']).
to eq([Gitlab::Regex.send(:namespace_regex_message)]) to eq([Gitlab::Regex.namespace_regex_message])
end end
context "with existing user" do context "with existing user" do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment