Skip to content

G
gitlab-ce
Commit 8f2dbaf2 authored by Alan (Maciej) Paruszewski's avatar Alan (Maciej) Paruszewski Committed by Max Woolf
Browse files
Options

Use allowlist of allowed attributes for imported models (part 4)

parent f7881ea3
Hide whitespace changes
Inline Side-by-side
Showing with 77 additions and 20 deletions
ee/spec/lib/gitlab/import_export/attributes_permitter_spec.rb
View file @ 8f2dbaf2
......@@ -14,6 +14,7 @@ RSpec.describe Gitlab::ImportExport::AttributesPermitter do
:unprotect_access_levels | true
:deploy_access_levels | true
:protected_environments | true
:security_setting | true
end
with_them do
......
lib/gitlab/import_export/project/import_export.yml
View file @ 8f2dbaf2
......@@ -272,6 +272,49 @@ included_attributes:
- :updated_at
- :filepath
- :link_type
container_expiration_policy:
- :created_at
- :updated_at
- :next_run_at
- :project_id
- :name_regex
- :cadence
- :older_than
- :keep_n
- :enabled
- :name_regex_keep
project_feature:
- :project_id
- :merge_requests_access_level
- :issues_access_level
- :wiki_access_level
- :snippets_access_level
- :builds_access_level
- :created_at
- :updated_at
- :repository_access_level
- :pages_access_level
- :forking_access_level
- :metrics_dashboard_access_level
- :operations_access_level
- :analytics_access_level
- :security_and_compliance_access_level
- :container_registry_access_level
prometheus_metrics:
- :created_at
- :updated_at
- :project_id
- :y_label
- :unit
- :legend
- :title
- :query
- :group
- :dashboard_path
service_desk_setting:
- :project_id
- :issue_template_key
- :project_key
# Do not include the following attributes for the models specified.
excluded_attributes:
......@@ -656,4 +699,13 @@ ee:
- :name
- :created_at
- :updated_at
project_feature:
- :requirements_access_level
security_setting:
- :project_id
- :created_at
- :updated_at
- :auto_fix_container_scanning
- :auto_fix_dast
- :auto_fix_dependency_scanning
- :auto_fix_sast
spec/lib/gitlab/import_export/attributes_permitter_spec.rb
View file @ 8f2dbaf2
......@@ -81,24 +81,28 @@ RSpec.describe Gitlab::ImportExport::AttributesPermitter do
let(:attributes_permitter) { described_class.new }
where(:relation_name, :permitted_attributes_defined) do
:user | false
:author | false
:ci_cd_settings | true
:metrics_setting | true
:project_badges | true
:pipeline_schedules | true
:error_tracking_setting | true
:auto_devops | true
:boards | true
:custom_attributes | true
:labels | true
:protected_branches | true
:protected_tags | true
:create_access_levels | true
:merge_access_levels | true
:push_access_levels | true
:releases | true
:links | true
:user | false
:author | false
:ci_cd_settings | true
:metrics_setting | true
:project_badges | true
:pipeline_schedules | true
:error_tracking_setting | true
:auto_devops | true
:boards | true
:custom_attributes | true
:labels | true
:protected_branches | true
:protected_tags | true
:create_access_levels | true
:merge_access_levels | true
:push_access_levels | true
:releases | true
:links | true
:container_expiration_policy | true
:project_feature | true
:prometheus_metrics | true
:service_desk_setting | true
end
with_them do
......
spec/models/bulk_imports/file_transfer/project_config_spec.rb
View file @ 8f2dbaf2
......@@ -80,7 +80,7 @@ RSpec.describe BulkImports::FileTransfer::ProjectConfig do
describe '#tree_relation_definition_for' do
it 'returns relation definition' do
expected = { service_desk_setting: { except: [:outgoing_name, :file_template_project_id], include: [] } }
expected = { service_desk_setting: { except: [:outgoing_name, :file_template_project_id], include: [], only: %i[project_id issue_template_key project_key] } }
expect(subject.tree_relation_definition_for('service_desk_setting')).to eq(expected)
end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7