Only allow branches/tags, disallow SHA:
Feedback: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5347#note_13170854
This commit is contained in:
parent
87604ed6ce
commit
6054c855a0
2 changed files with 2 additions and 13 deletions
|
@ -20,12 +20,9 @@ module Ci
|
||||||
after_touch :update_state
|
after_touch :update_state
|
||||||
after_save :keep_around_commits
|
after_save :keep_around_commits
|
||||||
|
|
||||||
# ref can't be HEAD, can only be branch/tag name or SHA
|
# ref can't be HEAD or SHA, can only be branch/tag name
|
||||||
scope :latest_successful_for, ->(ref) do
|
scope :latest_successful_for, ->(ref) do
|
||||||
table = quoted_table_name
|
where(ref: ref).success.order(id: :desc)
|
||||||
# TODO: Use `where(ref: ref).or(sha: ref)` in Rails 5
|
|
||||||
where("#{table}.ref = ? OR #{table}.sha = ?", ref, ref).
|
|
||||||
success.order(id: :desc)
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.truncate_sha(sha)
|
def self.truncate_sha(sha)
|
||||||
|
|
|
@ -255,14 +255,6 @@ describe API::API, api: true do
|
||||||
create(:ci_build, status, :artifacts, pipeline: new_pipeline)
|
create(:ci_build, status, :artifacts, pipeline: new_pipeline)
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'with sha' do
|
|
||||||
before do
|
|
||||||
get path_from_ref(pipeline.sha)
|
|
||||||
end
|
|
||||||
|
|
||||||
it('gives the file') { verify }
|
|
||||||
end
|
|
||||||
|
|
||||||
context 'with regular branch' do
|
context 'with regular branch' do
|
||||||
before do
|
before do
|
||||||
pipeline.update(ref: 'master',
|
pipeline.update(ref: 'master',
|
||||||
|
|
Loading…
Reference in a new issue