Render only valid paths in artifacts metadata
In this version we will support only relative paths in artifacts metadata. Support for absolute paths will be introduced later.
This commit is contained in:
parent
61fb47a432
commit
09a4a5aff8
|
@ -16,7 +16,10 @@ class Projects::ArtifactsController < Projects::ApplicationController
|
|||
|
||||
def browse
|
||||
return render_404 unless build.artifacts?
|
||||
@path = build.artifacts_metadata_path(params[:path].to_s)
|
||||
|
||||
directory = params[:path] ? "#{params[:path]}/" : ''
|
||||
@path = build.artifacts_metadata_path(directory)
|
||||
|
||||
return render_404 unless @path.exists?
|
||||
end
|
||||
|
||||
|
|
|
@ -347,10 +347,8 @@ module Ci
|
|||
artifacts? && artifacts_file.path.end_with?('zip') && artifacts_metadata.exists?
|
||||
end
|
||||
|
||||
|
||||
def artifacts_metadata_path(path)
|
||||
metadata_file = artifacts_metadata.path
|
||||
Gitlab::Ci::Build::Artifacts::Metadata.new(metadata_file, path).to_path
|
||||
Gitlab::Ci::Build::Artifacts::Metadata.new(artifacts_metadata.path, path).to_path
|
||||
end
|
||||
|
||||
private
|
||||
|
|
|
@ -12,7 +12,6 @@ module Gitlab
|
|||
def initialize(file, path)
|
||||
@file, @path = file, path
|
||||
@full_version = read_version
|
||||
@path << '/' unless path.end_with?('/') || path.empty?
|
||||
end
|
||||
|
||||
def version
|
||||
|
@ -43,14 +42,15 @@ module Gitlab
|
|||
|
||||
def match_entries(gz)
|
||||
paths, metadata = [], []
|
||||
child_pattern = %r{^#{Regexp.escape(@path)}[^/\s]*/?$}
|
||||
match_pattern = %r{^#{Regexp.escape(@path)}[^/\s]*/?$}
|
||||
|
||||
until gz.eof? do
|
||||
begin
|
||||
path = read_string(gz)
|
||||
meta = read_string(gz)
|
||||
|
||||
next unless path =~ child_pattern
|
||||
next unless path =~ match_pattern
|
||||
next unless path_valid?(path)
|
||||
|
||||
paths.push(path)
|
||||
metadata.push(JSON.parse(meta.chomp, symbolize_names: true))
|
||||
|
@ -62,6 +62,10 @@ module Gitlab
|
|||
[paths, metadata]
|
||||
end
|
||||
|
||||
def path_valid?(path)
|
||||
!(path.start_with?('/') || path =~ %r{\.?\./})
|
||||
end
|
||||
|
||||
def read_version
|
||||
gzip do|gz|
|
||||
version_string = read_string(gz)
|
||||
|
|
|
@ -23,7 +23,7 @@ module Gitlab
|
|||
end
|
||||
|
||||
def directory?
|
||||
@path.end_with?('/') || @path.blank?
|
||||
blank_node? || @path.end_with?('/')
|
||||
end
|
||||
|
||||
def file?
|
||||
|
@ -40,11 +40,11 @@ module Gitlab
|
|||
end
|
||||
|
||||
def basename
|
||||
directory? ? name + ::File::SEPARATOR : name
|
||||
(directory? && !blank_node?) ? name + ::File::SEPARATOR : name
|
||||
end
|
||||
|
||||
def name
|
||||
@name || @path.split(::File::SEPARATOR).last
|
||||
@name || @path.split(::File::SEPARATOR).last.to_s
|
||||
end
|
||||
|
||||
def children
|
||||
|
@ -83,7 +83,11 @@ module Gitlab
|
|||
end
|
||||
|
||||
def exists?
|
||||
@path.blank? || @universe.include?(@path)
|
||||
blank_node? || @universe.include?(@path)
|
||||
end
|
||||
|
||||
def blank_node?
|
||||
@path.empty? # "" is considered to be './'
|
||||
end
|
||||
|
||||
def to_s
|
||||
|
|
|
@ -108,14 +108,14 @@ describe Gitlab::Ci::Build::Artifacts::Metadata::Path do
|
|||
end
|
||||
end
|
||||
|
||||
describe '#nodes', path: './test' do
|
||||
describe '#nodes', path: 'test' do
|
||||
subject { |example| path(example).nodes }
|
||||
it { is_expected.to eq 2 }
|
||||
it { is_expected.to eq 1 }
|
||||
end
|
||||
|
||||
describe '#nodes', path: './test/' do
|
||||
describe '#nodes', path: 'test/' do
|
||||
subject { |example| path(example).nodes }
|
||||
it { is_expected.to eq 2 }
|
||||
it { is_expected.to eq 1 }
|
||||
end
|
||||
|
||||
describe '#metadata' do
|
||||
|
|
|
@ -28,8 +28,8 @@ describe Gitlab::Ci::Build::Artifacts::Metadata do
|
|||
end
|
||||
end
|
||||
|
||||
describe '#match! other_artifacts_0.1.2' do
|
||||
subject { metadata('other_artifacts_0.1.2').match! }
|
||||
describe '#match! other_artifacts_0.1.2/' do
|
||||
subject { metadata('other_artifacts_0.1.2/').match! }
|
||||
|
||||
it 'matches correct paths' do
|
||||
expect(subject.first).
|
||||
|
@ -39,7 +39,7 @@ describe Gitlab::Ci::Build::Artifacts::Metadata do
|
|||
end
|
||||
end
|
||||
|
||||
describe '#match! other_artifacts_0.1.2/another-subdirectory' do
|
||||
describe '#match! other_artifacts_0.1.2/another-subdirectory/' do
|
||||
subject { metadata('other_artifacts_0.1.2/another-subdirectory/').match! }
|
||||
|
||||
it 'matches correct paths' do
|
||||
|
@ -52,7 +52,7 @@ describe Gitlab::Ci::Build::Artifacts::Metadata do
|
|||
|
||||
describe '#to_path' do
|
||||
subject { metadata('').to_path }
|
||||
it { is_expected.to be_an_instance_of(Gitlab::Ci::Build::Artifacts::Metdata::Path) }
|
||||
it { is_expected.to be_an_instance_of(Gitlab::Ci::Build::Artifacts::Metadata::Path) }
|
||||
end
|
||||
|
||||
describe '#full_version' do
|
||||
|
|
Loading…
Reference in New Issue