From e5bdcfbc9b1007332fdaa1d37ce1fac47325850d Mon Sep 17 00:00:00 2001 From: Reuben Pereira Date: Wed, 24 Jul 2019 17:59:38 +0000 Subject: [ADD] outbound requests whitelist Signed-off-by: Istvan szalai --- spec/models/application_setting_spec.rb | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'spec/models/application_setting_spec.rb') diff --git a/spec/models/application_setting_spec.rb b/spec/models/application_setting_spec.rb index ab6f6dfe720..bd87bbd8d68 100644 --- a/spec/models/application_setting_spec.rb +++ b/spec/models/application_setting_spec.rb @@ -37,6 +37,17 @@ describe ApplicationSetting do it { is_expected.not_to allow_value("myemail@example.com").for(:lets_encrypt_notification_email) } it { is_expected.to allow_value("myemail@test.example.com").for(:lets_encrypt_notification_email) } + it { is_expected.to allow_value(['192.168.1.1'] * 1_000).for(:outbound_local_requests_whitelist) } + it { is_expected.not_to allow_value(['192.168.1.1'] * 1_001).for(:outbound_local_requests_whitelist) } + it { is_expected.to allow_value(['1' * 255]).for(:outbound_local_requests_whitelist) } + it { is_expected.not_to allow_value(['1' * 256]).for(:outbound_local_requests_whitelist) } + it { is_expected.not_to allow_value(['ğitlab.com']).for(:outbound_local_requests_whitelist) } + it { is_expected.to allow_value(['xn--itlab-j1a.com']).for(:outbound_local_requests_whitelist) } + it { is_expected.not_to allow_value(['

']).for(:outbound_local_requests_whitelist) } + it { is_expected.to allow_value(['gitlab.com']).for(:outbound_local_requests_whitelist) } + it { is_expected.to allow_value(nil).for(:outbound_local_requests_whitelist) } + it { is_expected.to allow_value([]).for(:outbound_local_requests_whitelist) } + context "when user accepted let's encrypt terms of service" do before do setting.update(lets_encrypt_terms_of_service_accepted: true) -- cgit v1.2.1 From 5c7f2853dc5a8eca874108a0217a115090f29e9b Mon Sep 17 00:00:00 2001 From: Reuben Pereira Date: Wed, 31 Jul 2019 06:54:03 +0000 Subject: Allow blank but not nil in validations - The most common use case for qualified_domain_validator currently is to allow blank ([]) but not allow nil. Modify the qualified_domain_validator to support this use case. --- spec/models/application_setting_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'spec/models/application_setting_spec.rb') diff --git a/spec/models/application_setting_spec.rb b/spec/models/application_setting_spec.rb index bd87bbd8d68..db80b85360f 100644 --- a/spec/models/application_setting_spec.rb +++ b/spec/models/application_setting_spec.rb @@ -45,7 +45,7 @@ describe ApplicationSetting do it { is_expected.to allow_value(['xn--itlab-j1a.com']).for(:outbound_local_requests_whitelist) } it { is_expected.not_to allow_value(['

']).for(:outbound_local_requests_whitelist) } it { is_expected.to allow_value(['gitlab.com']).for(:outbound_local_requests_whitelist) } - it { is_expected.to allow_value(nil).for(:outbound_local_requests_whitelist) } + it { is_expected.not_to allow_value(nil).for(:outbound_local_requests_whitelist) } it { is_expected.to allow_value([]).for(:outbound_local_requests_whitelist) } context "when user accepted let's encrypt terms of service" do -- cgit v1.2.1