2017-04-12 05:28:23 -04:00
|
|
|
# DynamicPathValidator
|
2015-12-07 16:17:12 -05:00
|
|
|
#
|
2017-04-12 05:28:23 -04:00
|
|
|
# Custom validator for GitLab path values.
|
|
|
|
# These paths are assigned to `Namespace` (& `Group` as a subclass) & `Project`
|
2015-12-07 16:17:12 -05:00
|
|
|
#
|
2015-12-07 16:29:39 -05:00
|
|
|
# Values are checked for formatting and exclusion from a list of reserved path
|
|
|
|
# names.
|
2017-04-12 05:28:23 -04:00
|
|
|
class DynamicPathValidator < ActiveModel::EachValidator
|
2017-04-05 09:41:00 -04:00
|
|
|
# All routes that appear on the top level must be listed here.
|
|
|
|
# This will make sure that groups cannot be created with these names
|
|
|
|
# as these routes would be masked by the paths already in place.
|
|
|
|
#
|
|
|
|
# Example:
|
|
|
|
# /api/api-project
|
|
|
|
#
|
|
|
|
# the path `api` shouldn't be allowed because it would be masked by `api/*`
|
|
|
|
#
|
|
|
|
TOP_LEVEL_ROUTES = Set.new(%w[
|
2017-04-24 06:38:09 -04:00
|
|
|
-
|
2016-09-29 04:36:38 -04:00
|
|
|
.well-known
|
2017-04-24 06:38:09 -04:00
|
|
|
abuse_reports
|
2015-12-07 16:29:39 -05:00
|
|
|
admin
|
|
|
|
all
|
2017-04-24 06:38:09 -04:00
|
|
|
api
|
2015-12-07 16:29:39 -05:00
|
|
|
assets
|
2017-04-24 06:38:09 -04:00
|
|
|
autocomplete
|
2015-12-07 16:29:39 -05:00
|
|
|
ci
|
|
|
|
dashboard
|
2017-04-24 06:38:09 -04:00
|
|
|
explore
|
2015-12-07 16:29:39 -05:00
|
|
|
files
|
|
|
|
groups
|
2017-04-24 06:38:09 -04:00
|
|
|
health_check
|
2015-12-07 16:29:39 -05:00
|
|
|
help
|
|
|
|
hooks
|
2017-04-24 06:38:09 -04:00
|
|
|
import
|
|
|
|
invites
|
2015-12-07 16:29:39 -05:00
|
|
|
issues
|
2017-04-24 06:38:09 -04:00
|
|
|
jwt
|
|
|
|
koding
|
|
|
|
member
|
2015-12-07 16:29:39 -05:00
|
|
|
merge_requests
|
2016-01-08 04:19:22 -05:00
|
|
|
new
|
2015-12-07 16:29:39 -05:00
|
|
|
notes
|
2017-04-24 06:38:09 -04:00
|
|
|
notification_settings
|
|
|
|
oauth
|
2015-12-07 16:29:39 -05:00
|
|
|
profile
|
|
|
|
projects
|
|
|
|
public
|
|
|
|
repository
|
2016-10-10 21:58:26 -04:00
|
|
|
robots.txt
|
2015-12-07 16:29:39 -05:00
|
|
|
s
|
|
|
|
search
|
2017-04-24 06:38:09 -04:00
|
|
|
sent_notifications
|
2015-12-07 16:29:39 -05:00
|
|
|
services
|
|
|
|
snippets
|
|
|
|
teams
|
|
|
|
u
|
2017-04-28 12:09:01 -04:00
|
|
|
unicorn_test
|
2015-12-07 16:29:39 -05:00
|
|
|
unsubscribes
|
2017-04-03 08:07:15 -04:00
|
|
|
uploads
|
2017-04-24 06:38:09 -04:00
|
|
|
users
|
2017-04-05 09:41:00 -04:00
|
|
|
]).freeze
|
2015-12-07 16:29:39 -05:00
|
|
|
|
2017-04-05 09:41:00 -04:00
|
|
|
# All project routes with wildcard argument must be listed here.
|
|
|
|
# Otherwise it can lead to routing issues when route considered as project name.
|
|
|
|
#
|
|
|
|
# Example:
|
|
|
|
# /group/project/tree/deploy_keys
|
|
|
|
#
|
|
|
|
# without tree as reserved name routing can match 'group/project' as group name,
|
|
|
|
# 'tree' as project name and 'deploy_keys' as route.
|
|
|
|
#
|
2017-04-24 06:38:09 -04:00
|
|
|
WILDCARD_ROUTES = Set.new(%w[
|
|
|
|
badges
|
|
|
|
blame
|
|
|
|
blob
|
2017-04-28 11:53:28 -04:00
|
|
|
builds
|
2017-04-24 06:38:09 -04:00
|
|
|
commits
|
|
|
|
create
|
|
|
|
create_dir
|
|
|
|
edit
|
|
|
|
environments/folders
|
|
|
|
files
|
|
|
|
find_file
|
|
|
|
gitlab-lfs/objects
|
|
|
|
info/lfs/objects
|
|
|
|
new
|
|
|
|
preview
|
|
|
|
raw
|
2017-04-28 11:53:28 -04:00
|
|
|
refs
|
2017-04-24 06:38:09 -04:00
|
|
|
tree
|
|
|
|
update
|
|
|
|
wikis
|
|
|
|
]).freeze
|
2017-03-06 13:26:58 -05:00
|
|
|
|
2017-04-28 12:09:01 -04:00
|
|
|
# These are all the paths that follow `/groups/*id/ or `/groups/*group_id`
|
|
|
|
# We need to reject these because we have a `/groups/*id` page that is the same
|
|
|
|
# as the `/*id`.
|
|
|
|
#
|
|
|
|
# If we would allow a subgroup to be created with the name `activity` then
|
|
|
|
# this group would not be accessible through `/groups/parent/activity` since
|
|
|
|
# this would map to the activity-page of it's parent.
|
|
|
|
GROUP_ROUTES = Set.new(%w[
|
|
|
|
activity
|
|
|
|
avatar
|
|
|
|
edit
|
|
|
|
group_members
|
|
|
|
issues
|
|
|
|
labels
|
|
|
|
merge_requests
|
|
|
|
milestones
|
|
|
|
projects
|
|
|
|
subgroups
|
|
|
|
])
|
|
|
|
|
|
|
|
CHILD_ROUTES = (WILDCARD_ROUTES | GROUP_ROUTES).freeze
|
|
|
|
|
|
|
|
def self.without_reserved_wildcard_paths_regex
|
|
|
|
@full_path_without_wildcard_regex ||= regex_excluding_child_paths(WILDCARD_ROUTES)
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.without_reserved_child_paths_regex
|
|
|
|
@full_path_without_child_routes_regex ||= regex_excluding_child_paths(CHILD_ROUTES)
|
|
|
|
end
|
|
|
|
|
|
|
|
# This is used to validate a full path.
|
|
|
|
# It doesn't match paths
|
|
|
|
# - Starting with one of the top level words
|
|
|
|
# - Containing one of the child level words in the middle of a path
|
|
|
|
def self.regex_excluding_child_paths(child_routes)
|
|
|
|
reserved_top_level_words = Regexp.union(TOP_LEVEL_ROUTES.to_a)
|
|
|
|
not_starting_in_reserved_word = %r{^(/?)(?!(#{reserved_top_level_words})(/|$))}
|
|
|
|
|
|
|
|
reserved_child_level_words = Regexp.union(child_routes.to_a)
|
|
|
|
not_containing_reserved_child = %r{(?!(\S+)/(#{reserved_child_level_words})(/|$))}
|
|
|
|
|
|
|
|
@full_path_regex = %r{
|
|
|
|
#{not_starting_in_reserved_word}
|
|
|
|
#{not_containing_reserved_child}
|
|
|
|
#{Gitlab::Regex::FULL_NAMESPACE_REGEX_STR}}x
|
|
|
|
end
|
2017-03-06 13:26:58 -05:00
|
|
|
|
2017-04-18 10:27:11 -04:00
|
|
|
def self.valid?(path)
|
|
|
|
path_segments = path.split('/')
|
2017-04-11 09:51:33 -04:00
|
|
|
|
2017-04-18 10:27:11 -04:00
|
|
|
!reserved?(path) && path_segments.all? { |value| follow_format?(value) }
|
2017-04-11 09:51:33 -04:00
|
|
|
end
|
|
|
|
|
2017-04-18 10:27:11 -04:00
|
|
|
def self.reserved?(path)
|
|
|
|
path = path.to_s.downcase
|
2017-04-28 12:09:01 -04:00
|
|
|
_project_parts, namespace_parts = path.reverse.split('/', 2).map(&:reverse)
|
2017-04-18 10:27:11 -04:00
|
|
|
|
2017-04-28 12:09:01 -04:00
|
|
|
wildcard_reserved?(path) || any_reserved?(namespace_parts)
|
2016-11-14 09:55:31 -05:00
|
|
|
end
|
|
|
|
|
2017-04-28 12:09:01 -04:00
|
|
|
def self.any_reserved?(path)
|
|
|
|
return false unless path
|
2017-04-05 09:41:00 -04:00
|
|
|
|
2017-04-28 12:09:01 -04:00
|
|
|
path !~ without_reserved_child_paths_regex
|
2016-11-14 09:55:31 -05:00
|
|
|
end
|
|
|
|
|
2017-04-28 12:09:01 -04:00
|
|
|
def self.wildcard_reserved?(path)
|
|
|
|
return false unless path
|
|
|
|
|
|
|
|
path !~ without_reserved_wildcard_paths_regex
|
2017-04-18 10:27:11 -04:00
|
|
|
end
|
|
|
|
|
2016-11-14 09:55:31 -05:00
|
|
|
def self.follow_format?(value)
|
|
|
|
value =~ Gitlab::Regex.namespace_regex
|
|
|
|
end
|
|
|
|
|
2017-04-28 12:09:01 -04:00
|
|
|
delegate :reserved?,
|
|
|
|
:any_reserved?,
|
|
|
|
:follow_format?, to: :class
|
|
|
|
|
|
|
|
def valid_full_path?(record, value)
|
|
|
|
full_path = record.respond_to?(:full_path) ? record.full_path : value
|
|
|
|
|
|
|
|
case record
|
|
|
|
when Project || User
|
|
|
|
reserved?(full_path)
|
|
|
|
else
|
|
|
|
any_reserved?(full_path)
|
|
|
|
end
|
|
|
|
end
|
2016-11-14 09:55:31 -05:00
|
|
|
|
2015-12-07 16:17:12 -05:00
|
|
|
def validate_each(record, attribute, value)
|
2016-11-14 09:55:31 -05:00
|
|
|
unless follow_format?(value)
|
2015-12-07 16:17:12 -05:00
|
|
|
record.errors.add(attribute, Gitlab::Regex.namespace_regex_message)
|
|
|
|
end
|
|
|
|
|
2017-04-28 12:09:01 -04:00
|
|
|
if valid_full_path?(record, value)
|
2017-04-18 10:27:11 -04:00
|
|
|
record.errors.add(attribute, "#{value} is a reserved name")
|
2017-04-05 09:41:00 -04:00
|
|
|
end
|
|
|
|
end
|
2015-12-07 16:17:12 -05:00
|
|
|
end
|