Commit graph

9 commits

Author SHA1 Message Date
Bob Van Landuyt
1e14c3c852 Reject paths following namespace for paths including 2 *
Reject the part following `/*namespace_id/:project_id` for paths
containing 2 wildcard parameters
2017-05-01 11:14:24 +02:00
Bob Van Landuyt
ea8e86dac8 Use %r{} regexes to avoid having to escape / 2017-05-01 11:14:24 +02:00
Bob Van Landuyt
e50f4bc066 The dynamic path validator can block out partial paths
So we can block `objects` only when it is contained in `info/lfs` or `gitlab-lfs`
2017-05-01 11:14:24 +02:00
Bob Van Landuyt
c5059cb4f7 Make path validation case-insensitive 2017-05-01 11:14:24 +02:00
Bob Van Landuyt
bccf8d86c5 Rename NamespaceValidator to DynamicPathValidator
This reflects better that it validates paths instead of a namespace model
2017-05-01 11:14:24 +02:00
Bob Van Landuyt
f7511caa5f Split off validating full paths
The first part of a full path needs to be validated as a `top_level`
while the rest need to be validated as `wildcard`
2017-05-01 11:14:24 +02:00
Bob Van Landuyt
e4f5b7ca21 Improve detection of reserved words from routes 2017-05-01 11:14:24 +02:00
Bob Van Landuyt
74fcccaab3 Streamline the path validation in groups & projects
`Project` uses `ProjectPathValidator` which is now a
`NamespaceValidator` that skips the format validation.

That way we're sure we are using the same collection of reserved
paths.

I updated the path constraints to reflect the changes: We now allow
some values that are only used on a top level namespace as a name for
a nested group/project.
2017-05-01 11:14:24 +02:00
Bob Van Landuyt
536f2bdfd1 Add forbidden paths to the namespace validator 2017-05-01 11:14:23 +02:00