Use allowlist when importing projects

8d40f35a · Igor Frenkel · Heinrich Lee Yu · 97153f9b · 8d40f35a · 8d40f35a
Commit 8d40f35a authored Dec 14, 2021 by Igor Frenkel Committed by Heinrich Lee Yu Dec 14, 2021
5 changed files
--- a/ee/spec/lib/gitlab/import_export/attributes_permitter_spec.rb
+++ b/ee/spec/lib/gitlab/import_export/attributes_permitter_spec.rb
@@ -15,6 +15,7 @@ RSpec.describe Gitlab::ImportExport::AttributesPermitter do
      :deploy_access_levels    | true
      :protected_environments  | true
      :security_setting        | true
+      :project                 | true
    end
    with_them do
@@ -27,7 +28,11 @@ RSpec.describe Gitlab::ImportExport::AttributesPermitter do
    subject { described_class.new }
-    additional_attributes = { user: %w[id] }
+    # these are attributes for which either a special exception is made or are available only via included modules and not attribute introspection
+    additional_attributes = {
+      user: %w[id],
+      project: %w[auto_devops_deploy_strategy auto_devops_enabled issues_enabled jobs_enabled merge_requests_enabled snippets_enabled wiki_enabled build_git_strategy build_enabled security_and_compliance_enabled requirements_enabled]
+    }
    Gitlab::ImportExport::Config.new.to_h[:included_attributes].each do |relation_sym, permitted_attributes|
      context "for #{relation_sym}" do

--- a/lib/gitlab/import_export/group/relation_tree_restorer.rb
+++ b/lib/gitlab/import_export/group/relation_tree_restorer.rb
@@ -106,12 +106,7 @@ module Gitlab
        def update_params!
          params = @importable_attributes.except(*relations.keys.map(&:to_s))
          params = params.merge(present_override_params)
+          params = filter_attributes(params)
-          # Cleaning all imported and overridden params
-          params = Gitlab::ImportExport::AttributeCleaner.clean(
-            relation_hash: params,
-            relation_class: importable_class,
-            excluded_keys: excluded_keys_for_relation(importable_class_sym))
          @importable.assign_attributes(params)
@@ -122,6 +117,25 @@ module Gitlab
          end
        end
+        def filter_attributes(params)
+          if use_attributes_permitter? && attributes_permitter.permitted_attributes_defined?(importable_class_sym)
+            attributes_permitter.permit(importable_class_sym, params)
+          else
+            Gitlab::ImportExport::AttributeCleaner.clean(
+              relation_hash:  params,
+              relation_class: importable_class,
+              excluded_keys:  excluded_keys_for_relation(importable_class_sym))
+          end
+        end
+        def attributes_permitter
+          @attributes_permitter ||= Gitlab::ImportExport::AttributesPermitter.new
+        end
+        def use_attributes_permitter?
+          Feature.enabled?(:permitted_attributes_for_import_export, default_enabled: :yaml)
+        end
        def present_override_params
          # we filter out the empty strings from the overrides
          # keeping the default values configured

--- a/lib/gitlab/import_export/project/import_export.yml
+++ b/lib/gitlab/import_export/project/import_export.yml
@@ -630,6 +630,74 @@ included_attributes:
    - :expires_at
    - :ldap
    - :override
+  project:
+    - :approvals_before_merge
+    - :archived
+    - :auto_cancel_pending_pipelines
+    - :autoclose_referenced_issues
+    - :build_allow_git_fetch
+    - :build_coverage_regex
+    - :build_timeout
+    - :ci_config_path
+    - :delete_error
+    - :description
+    - :disable_overriding_approvers_per_merge_request
+    - :external_authorization_classification_label
+    - :has_external_issue_tracker
+    - :has_external_wiki
+    - :issues_template
+    - :jobs_cache_index
+    - :last_repository_check_failed
+    - :merge_requests_author_approval
+    - :merge_requests_disable_committers_approval
+    - :merge_requests_ff_only_enabled
+    - :merge_requests_rebase_enabled
+    - :merge_requests_template
+    - :only_allow_merge_if_all_discussions_are_resolved
+    - :only_allow_merge_if_pipeline_succeeds
+    - :pages_https_only
+    - :pending_delete
+    - :printing_merge_request_link_enabled
+    - :public_builds
+    - :remove_source_branch_after_merge
+    - :request_access_enabled
+    - :require_password_to_approve
+    - :reset_approvals_on_push
+    - :resolve_outdated_diff_discussions
+    - :service_desk_enabled
+    - :shared_runners_enabled
+    - :suggestion_commit_message
+    - :visibility_level
+    - :hooks
+    - :issues_access_level
+    - :forking_access_level
+    - :merge_requests_access_level
+    - :wiki_access_level
+    - :snippets_access_level
+    - :builds_access_level
+    - :repository_access_level
+    - :pages_access_level
+    - :metrics_dashboard_access_level
+    - :analytics_access_level
+    - :operations_access_level
+    - :security_and_compliance_access_level
+    - :container_registry_access_level
+    - :allow_merge_on_skipped_pipeline
+    - :auto_devops_deploy_strategy
+    - :auto_devops_enabled
+    - :container_registry_enabled
+    - :issues_enabled
+    - :jobs_enabled
+    - :merge_method
+    - :merge_requests_enabled
+    - :snippets_enabled
+    - :squash_option
+    - :topics
+    - :visibility
+    - :wiki_enabled
+    - :build_git_strategy
+    - :build_enabled
+    - :security_and_compliance_enabled
 # Do not include the following attributes for the models specified.
 excluded_attributes:
@@ -1017,3 +1085,6 @@ ee:
      - :auto_fix_dast
      - :auto_fix_dependency_scanning
      - :auto_fix_sast
+    project:
+    - :requirements_enabled
+    - :requirements_access_level
--- a/spec/lib/gitlab/import_export/attributes_permitter_spec.rb
+++ b/spec/lib/gitlab/import_export/attributes_permitter_spec.rb
@@ -140,6 +140,7 @@ RSpec.describe Gitlab::ImportExport::AttributesPermitter do
      :zoom_meetings               | true
      :issues                      | true
      :group_members               | true
+      :project                     | true
    end
    with_them do
@@ -150,7 +151,11 @@ RSpec.describe Gitlab::ImportExport::AttributesPermitter do
  describe 'included_attributes for Project' do
    subject { described_class.new }
-    additional_attributes = { user: %w[id] }
+    # these are attributes for which either a special exception is made or are available only via included modules and not attribute introspection
+    additional_attributes = {
+      user: %w[id],
+      project: %w[auto_devops_deploy_strategy auto_devops_enabled issues_enabled jobs_enabled merge_requests_enabled snippets_enabled wiki_enabled build_git_strategy build_enabled security_and_compliance_enabled requirements_enabled]
+    }
    Gitlab::ImportExport::Config.new.to_h[:included_attributes].each do |relation_sym, permitted_attributes|
      context "for #{relation_sym}" do

--- a/spec/support/shared_examples/lib/gitlab/import_export/attributes_permitter_shared_examples.rb
+++ b/spec/support/shared_examples/lib/gitlab/import_export/attributes_permitter_shared_examples.rb
@@ -26,7 +26,7 @@ RSpec.shared_examples 'a permitted attribute' do |relation_sym, permitted_attrib
    end
    it 'does not contain attributes that would be cleaned with AttributeCleaner' do
-      expect((cleaned_hash.keys + additional_attributes.to_a.map(&:to_s))).to include(*permitted_hash.keys)
+      expect(cleaned_hash.keys + additional_attributes.to_a.map(&:to_s)).to include(*permitted_hash.keys)
    end
    it 'does not contain prohibited attributes that are not related to given relation' do