delta/gitlab/gitlab-ce.git/lib/api/validations, branch docs-better-autodevops-customization-docs gitlab.com: gitlab-org/gitlab-ce.git Review updates and cleanup 2019-05-17T10:56:25+00:00 Alexandru Croitor acroitor@gitlab.com 2019-05-17T09:46:33+00:00 9ff6edf690423a284f4d0ad924ff2a9a4285eb50 * Cleaned issues and issues_statistics docs * Renamed param with_labels_data to with_labels_details * Added spec for N+1 check when retrieving labels from issue * Refactoed CheckAssigneesCount validation class 
* Cleaned issues and issues_statistics docs
* Renamed param with_labels_data to with_labels_details
* Added spec for N+1 check when retrieving labels from issue
* Refactoed CheckAssigneesCount validation class
Add params validations and remove extra params support 2019-05-15T07:15:17+00:00 Alexandru Croitor acroitor@gitlab.com 2019-04-24T13:08:14+00:00 f117c032ac6c414e6c1dfeab98184363c1f61608 Remove label_name and milestone_title params support Add mutually_exclusive validation for author_id and author_username Add mutually_exclusive validation for assignee_id and assignee_username Add validation to allow single value for asignee_username on CE Add separate issue_stats_params helper for statistics params and reuse in issues_params. 
Remove label_name and milestone_title params support
Add mutually_exclusive validation for author_id and author_username
Add mutually_exclusive validation for assignee_id and assignee_username
Add validation to allow single value for asignee_username on CE
Add separate issue_stats_params helper for statistics params and
reuse in issues_params.
Add array support for labels 2019-03-06T11:28:42+00:00 Alexandru Croitor acroitor@gitlab.com 2019-03-01T14:37:22+00:00 be3578d24585c7f330103cc546eb50416cd951d3 * Support label parameter as comma separated and array of strings for merge requests and issues api endpoints 
* Support label parameter as comma separated and array of strings
for merge requests and issues api endpoints
Validate Wiki attachments are valid temporary files 2018-10-24T03:47:38+00:00 Stan Hu stanhu@gmail.com 2018-10-23T21:59:00+00:00 a12d25d8a5e95ef868370e7c09e777237047366b A malicious attacker could craft a request to read arbitrary files on the system. This change adds a Grape validation to ensure that the tempfile parameter delivered by the Rack multipart uploader is a Tempfile type to prevent users from being able to specify arbitrary filenames. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/53072 
A malicious attacker could craft a request to read arbitrary files on
the system. This change adds a Grape validation to ensure that the
tempfile parameter delivered by the Rack multipart uploader is a
Tempfile type to prevent users from being able to specify arbitrary
filenames.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/53072