Commit 8f2dbaf2 authored by Alan (Maciej) Paruszewski's avatar Alan (Maciej) Paruszewski Committed by Max Woolf

Use allowlist of allowed attributes for imported models (part 4)

parent f7881ea3
......@@ -14,6 +14,7 @@ RSpec.describe Gitlab::ImportExport::AttributesPermitter do
:unprotect_access_levels | true
:deploy_access_levels | true
:protected_environments | true
:security_setting | true
end
with_them do
......
......@@ -272,6 +272,49 @@ included_attributes:
- :updated_at
- :filepath
- :link_type
container_expiration_policy:
- :created_at
- :updated_at
- :next_run_at
- :project_id
- :name_regex
- :cadence
- :older_than
- :keep_n
- :enabled
- :name_regex_keep
project_feature:
- :project_id
- :merge_requests_access_level
- :issues_access_level
- :wiki_access_level
- :snippets_access_level
- :builds_access_level
- :created_at
- :updated_at
- :repository_access_level
- :pages_access_level
- :forking_access_level
- :metrics_dashboard_access_level
- :operations_access_level
- :analytics_access_level
- :security_and_compliance_access_level
- :container_registry_access_level
prometheus_metrics:
- :created_at
- :updated_at
- :project_id
- :y_label
- :unit
- :legend
- :title
- :query
- :group
- :dashboard_path
service_desk_setting:
- :project_id
- :issue_template_key
- :project_key
# Do not include the following attributes for the models specified.
excluded_attributes:
......@@ -656,4 +699,13 @@ ee:
- :name
- :created_at
- :updated_at
project_feature:
- :requirements_access_level
security_setting:
- :project_id
- :created_at
- :updated_at
- :auto_fix_container_scanning
- :auto_fix_dast
- :auto_fix_dependency_scanning
- :auto_fix_sast
......@@ -81,24 +81,28 @@ RSpec.describe Gitlab::ImportExport::AttributesPermitter do
let(:attributes_permitter) { described_class.new }
where(:relation_name, :permitted_attributes_defined) do
:user | false
:author | false
:ci_cd_settings | true
:metrics_setting | true
:project_badges | true
:pipeline_schedules | true
:error_tracking_setting | true
:auto_devops | true
:boards | true
:custom_attributes | true
:labels | true
:protected_branches | true
:protected_tags | true
:create_access_levels | true
:merge_access_levels | true
:push_access_levels | true
:releases | true
:links | true
:user | false
:author | false
:ci_cd_settings | true
:metrics_setting | true
:project_badges | true
:pipeline_schedules | true
:error_tracking_setting | true
:auto_devops | true
:boards | true
:custom_attributes | true
:labels | true
:protected_branches | true
:protected_tags | true
:create_access_levels | true
:merge_access_levels | true
:push_access_levels | true
:releases | true
:links | true
:container_expiration_policy | true
:project_feature | true
:prometheus_metrics | true
:service_desk_setting | true
end
with_them do
......
......@@ -80,7 +80,7 @@ RSpec.describe BulkImports::FileTransfer::ProjectConfig do
describe '#tree_relation_definition_for' do
it 'returns relation definition' do
expected = { service_desk_setting: { except: [:outgoing_name, :file_template_project_id], include: [] } }
expected = { service_desk_setting: { except: [:outgoing_name, :file_template_project_id], include: [], only: %i[project_id issue_template_key project_key] } }
expect(subject.tree_relation_definition_for('service_desk_setting')).to eq(expected)
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment