Remove unencrypted webhook token and URL columns
This commit is contained in:
parent
c616327c12
commit
ff9881d991
|
@ -37,38 +37,4 @@ class WebHook < ActiveRecord::Base
|
||||||
def allow_local_requests?
|
def allow_local_requests?
|
||||||
false
|
false
|
||||||
end
|
end
|
||||||
|
|
||||||
# In 11.4, the web_hooks table has both `token` and `encrypted_token` fields.
|
|
||||||
# Ensure that the encrypted version always takes precedence if present.
|
|
||||||
alias_method :attr_encrypted_token, :token
|
|
||||||
def token
|
|
||||||
attr_encrypted_token.presence || read_attribute(:token)
|
|
||||||
end
|
|
||||||
|
|
||||||
# In 11.4, the web_hooks table has both `token` and `encrypted_token` fields.
|
|
||||||
# Pending a background migration to encrypt all fields, we should just clear
|
|
||||||
# the unencrypted value whenever the new value is set.
|
|
||||||
alias_method :'attr_encrypted_token=', :'token='
|
|
||||||
def token=(value)
|
|
||||||
self.attr_encrypted_token = value
|
|
||||||
|
|
||||||
write_attribute(:token, nil)
|
|
||||||
end
|
|
||||||
|
|
||||||
# In 11.4, the web_hooks table has both `url` and `encrypted_url` fields.
|
|
||||||
# Ensure that the encrypted version always takes precedence if present.
|
|
||||||
alias_method :attr_encrypted_url, :url
|
|
||||||
def url
|
|
||||||
attr_encrypted_url.presence || read_attribute(:url)
|
|
||||||
end
|
|
||||||
|
|
||||||
# In 11.4, the web_hooks table has both `url` and `encrypted_url` fields.
|
|
||||||
# Pending a background migration to encrypt all fields, we should just clear
|
|
||||||
# the unencrypted value whenever the new value is set.
|
|
||||||
alias_method :'attr_encrypted_url=', :'url='
|
|
||||||
def url=(value)
|
|
||||||
self.attr_encrypted_url = value
|
|
||||||
|
|
||||||
write_attribute(:url, nil)
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
title: Remove legacy unencrypted webhook columns from the database
|
||||||
|
merge_request: 22199
|
||||||
|
author:
|
||||||
|
type: changed
|
|
@ -0,0 +1,15 @@
|
||||||
|
class StealEncryptColumns < ActiveRecord::Migration
|
||||||
|
include Gitlab::Database::MigrationHelpers
|
||||||
|
|
||||||
|
DOWNTIME = false
|
||||||
|
|
||||||
|
disable_ddl_transaction!
|
||||||
|
|
||||||
|
def up
|
||||||
|
Gitlab::BackgroundMigration.steal('EncryptColumns')
|
||||||
|
end
|
||||||
|
|
||||||
|
def down
|
||||||
|
# no-op
|
||||||
|
end
|
||||||
|
end
|
|
@ -0,0 +1,10 @@
|
||||||
|
class RemoveWebHooksTokenAndUrl < ActiveRecord::Migration
|
||||||
|
include Gitlab::Database::MigrationHelpers
|
||||||
|
|
||||||
|
DOWNTIME = false
|
||||||
|
|
||||||
|
def change
|
||||||
|
remove_column :web_hooks, :token, :string
|
||||||
|
remove_column :web_hooks, :url, :string, limit: 2000
|
||||||
|
end
|
||||||
|
end
|
|
@ -11,7 +11,7 @@
|
||||||
#
|
#
|
||||||
# It's strongly recommended that you check this file into your version control system.
|
# It's strongly recommended that you check this file into your version control system.
|
||||||
|
|
||||||
ActiveRecord::Schema.define(version: 20181002172433) do
|
ActiveRecord::Schema.define(version: 20181008145359) do
|
||||||
|
|
||||||
# These are extensions that must be enabled in order to support this database
|
# These are extensions that must be enabled in order to support this database
|
||||||
enable_extension "plpgsql"
|
enable_extension "plpgsql"
|
||||||
|
@ -2256,7 +2256,6 @@ ActiveRecord::Schema.define(version: 20181002172433) do
|
||||||
add_index "web_hook_logs", ["web_hook_id"], name: "index_web_hook_logs_on_web_hook_id", using: :btree
|
add_index "web_hook_logs", ["web_hook_id"], name: "index_web_hook_logs_on_web_hook_id", using: :btree
|
||||||
|
|
||||||
create_table "web_hooks", force: :cascade do |t|
|
create_table "web_hooks", force: :cascade do |t|
|
||||||
t.string "url", limit: 2000
|
|
||||||
t.integer "project_id"
|
t.integer "project_id"
|
||||||
t.datetime "created_at"
|
t.datetime "created_at"
|
||||||
t.datetime "updated_at"
|
t.datetime "updated_at"
|
||||||
|
@ -2269,7 +2268,6 @@ ActiveRecord::Schema.define(version: 20181002172433) do
|
||||||
t.boolean "note_events", default: false, null: false
|
t.boolean "note_events", default: false, null: false
|
||||||
t.boolean "enable_ssl_verification", default: true
|
t.boolean "enable_ssl_verification", default: true
|
||||||
t.boolean "wiki_page_events", default: false, null: false
|
t.boolean "wiki_page_events", default: false, null: false
|
||||||
t.string "token"
|
|
||||||
t.boolean "pipeline_events", default: false, null: false
|
t.boolean "pipeline_events", default: false, null: false
|
||||||
t.boolean "confidential_issues_events", default: false, null: false
|
t.boolean "confidential_issues_events", default: false, null: false
|
||||||
t.boolean "repository_update_events", default: false, null: false
|
t.boolean "repository_update_events", default: false, null: false
|
||||||
|
|
Loading…
Reference in New Issue