Commit b483f589 authored by Aishwarya Subramanian's avatar Aishwarya Subramanian

Group name validation only on group name update

This is to prevent untended consequence
of validating name, even if it was not updated.
parent 7b5ad03d
...@@ -72,7 +72,7 @@ class Group < Namespace ...@@ -72,7 +72,7 @@ class Group < Namespace
validates :two_factor_grace_period, presence: true, numericality: { greater_than_or_equal_to: 0 } validates :two_factor_grace_period, presence: true, numericality: { greater_than_or_equal_to: 0 }
validates :name, validates :name,
format: { with: Gitlab::Regex.group_name_regex, format: { with: Gitlab::Regex.group_name_regex,
message: Gitlab::Regex.group_name_regex_message } message: Gitlab::Regex.group_name_regex_message }, if: :name_changed?
add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required } add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
......
...@@ -202,7 +202,18 @@ describe SubscriptionsController do ...@@ -202,7 +202,18 @@ describe SubscriptionsController do
group.save group.save
subject subject
expect(response.body).to include({ name: ["can't be blank", Gitlab::Regex.group_name_regex_message] }.to_json) expect(response.body).to include({ name: ["can't be blank"] }.to_json)
end
context 'when invalid name is passed' do
let(:group) { Group.new(path: 'foo', name: '<script>alert("attack")</script>') }
it 'returns the errors in json format' do
group.save
subject
expect(response.body).to include({ name: [Gitlab::Regex.group_name_regex_message] }.to_json)
end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment