diff options
| author | Andriy Dyadyura <adyadyura@Andriys-MBP.lan> | 2016-01-14 15:54:15 +0100 |
|---|---|---|
| committer | Andriy Dyadyura <adyadyura@Andriys-MBP.lan> | 2016-01-14 15:54:15 +0100 |
| commit | 3102575316e6eac937eb865346e0d78935c37362 (patch) | |
| tree | 5434a52528390e18ac68ff705f19f8441a952f57 /lib/api/helpers.rb | |
| parent | e29ce9ac267e6724945b9558d069dda2b2ec2755 (diff) | |
| parent | b6ae2def2cb2b1da3ddcb3ceee556628a1147cc4 (diff) | |
| download | gitlab-ce-pr-page-fix1.tar.gz | |
updatepr-page-fix1
Diffstat (limited to 'lib/api/helpers.rb')
| -rw-r--r-- | lib/api/helpers.rb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index a4df810e755..d46b5c42967 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -289,12 +289,14 @@ module API # file helpers - def uploaded_file!(field, uploads_path) + def uploaded_file(field, uploads_path) if params[field] bad_request!("#{field} is not a file") unless params[field].respond_to?(:filename) return params[field] end + return nil unless params["#{field}.path"] && params["#{field}.name"] + # sanitize file paths # this requires all paths to exist required_attributes! %W(#{field}.path) |