added import url exposer to construct URL withunencrypted credentials
This commit is contained in:
parent
06b36c00d5
commit
c2b33d3b71
|
@ -13,6 +13,7 @@ require 'file_size_validator'
|
|||
class ProjectImportData < ActiveRecord::Base
|
||||
belongs_to :project
|
||||
attr_encrypted :credentials, key: Gitlab::Application.secrets.db_key_base
|
||||
serialize :credentials, JSON
|
||||
|
||||
serialize :data, JSON
|
||||
|
||||
|
|
|
@ -7,8 +7,7 @@ module Gitlab
|
|||
|
||||
def initialize(project)
|
||||
@project = project
|
||||
import_data = project.import_data.try(:data)
|
||||
github_session = import_data["github_session"] if import_data
|
||||
github_session = project.import_data.credentials if import_data
|
||||
@client = Client.new(github_session["github_access_token"])
|
||||
@formatter = Gitlab::ImportFormatter.new
|
||||
end
|
||||
|
|
|
@ -32,8 +32,8 @@ module Gitlab
|
|||
|
||||
def create_import_data(project)
|
||||
project.create_import_data(
|
||||
credentials: session_data.delete(:github_access_token),
|
||||
data: { "github_session" => session_data })
|
||||
credentials: { github_access_token: session_data.delete(:github_access_token) },
|
||||
data: { github_session: session_data })
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -12,7 +12,9 @@ module Gitlab
|
|||
end
|
||||
|
||||
def import_url
|
||||
project.import_url.sub(/\.git\z/, ".wiki.git")
|
||||
import_url = Gitlab::ImportUrlExposer.expose(import_url: project.import_url,
|
||||
credentials: project.import_data.credentials)
|
||||
import_url.sub(/\.git\z/, ".wiki.git")
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
module Gitlab
|
||||
# Exposes an import URL that includes the credentials unencrypted.
|
||||
# Extracted to its own class to prevent unintended use.
|
||||
module ImportUrlExposer
|
||||
extend self
|
||||
|
||||
def expose(import_url:, credentials: )
|
||||
import_url.sub("//", "//#{parsed_credentials(credentials)}@")
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def parsed_credentials(credentials)
|
||||
credentials.values.join(":")
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue