kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add strict validation to snippet file names

Browse source 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
This commit is contained in:
Dmitriy Zaporozhets 2014-12-12 13:15:42 +02:00
parent 9a3ae331ad
commit f28a12a559
No known key found for this signature in database
GPG key ID: 161B5D6A44D3D88A
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/models/snippet.rb
View file

@ -29,7 +29,9 @@ class Snippet < ActiveRecord::Base
validates :author, presence: true
validates :title, presence: true, length: { within: 0..255 }
validates :file_name, presence: true, length: { within: 0..255 }
validates :file_name, presence: true, length: { within: 0..255 },
format: { with: Gitlab::Regex.path_regex,
message: Gitlab::Regex.path_regex_message }
validates :content, presence: true
validates :visibility_level, inclusion: { in: Gitlab::VisibilityLevel.values }
@ -72,7 +74,7 @@ class Snippet < ActiveRecord::Base
def visibility_level_field
visibility_level
end
end
class << self
def search(query)