Merge branch 'master' into improvements-of-security

This commit is contained in:
Vokhmin Alexey V 2014-11-26 23:50:26 +03:00
commit 13422b19b8
21 changed files with 51 additions and 30 deletions

View File

@ -1,6 +1,6 @@
class Authentication < ActiveRecord::Base class Authentication < ActiveRecord::Base
belongs_to :user belongs_to :user
validates :provider, :uid, :user_id, presence: true validates :provider, :uid, :user, presence: true
validates :uid, uniqueness: { scope: :provider, case_sensitive: false } validates :uid, uniqueness: { scope: :provider, case_sensitive: false }
end end

View File

@ -38,13 +38,13 @@ class BuildList < ActiveRecord::Base
AUTO_PUBLISH_STATUS_TESTING = 'testing' AUTO_PUBLISH_STATUS_TESTING = 'testing'
] ]
validates :project_id, validates :project, :project_id,
:project_version, :project_version,
:arch, :arch, :arch_id,
:include_repos, :include_repos,
:build_for_platform_id, :build_for_platform, :build_for_platform_id,
:save_to_platform_id, :save_to_platform, :save_to_platform_id,
:save_to_repository_id, :save_to_repository, :save_to_repository_id,
presence: true presence: true
validates_numericality_of :priority, greater_than_or_equal_to: 0 validates_numericality_of :priority, greater_than_or_equal_to: 0
validates :external_nodes, inclusion: { in: EXTERNAL_NODES }, allow_blank: true validates :external_nodes, inclusion: { in: EXTERNAL_NODES }, allow_blank: true

View File

@ -9,7 +9,8 @@ class BuildList::Package < ActiveRecord::Base
attr_accessible :fullname, :name, :release, :version, :sha1, :epoch, :dependent_packages attr_accessible :fullname, :name, :release, :version, :sha1, :epoch, :dependent_packages
validates :build_list_id, :project_id, :platform_id, :fullname, validates :build_list, :build_list_id, :project, :project_id,
:platform, :platform_id, :fullname,
:package_type, :name, :release, :version, :package_type, :name, :release, :version,
presence: true presence: true
validates :package_type, inclusion: PACKAGE_TYPES validates :package_type, inclusion: PACKAGE_TYPES

View File

@ -9,8 +9,9 @@ class BuildScript < ActiveRecord::Base
belongs_to :project belongs_to :project
validates :treeish, presence: true validates :treeish, presence: true
validates :project_id, presence: true, uniqueness: { scope: :treeish } validates :project, presence: true
validates :project_id, uniqueness: { scope: :treeish }
scope :by_active, -> { where(status: ACTIVE) } scope :by_active, -> { where(status: ACTIVE) }
scope :by_treeish, -> treeish { where(treeish: treeish) } scope :by_treeish, -> treeish { where(treeish: treeish) }

View File

@ -12,7 +12,7 @@ class Comment < ActiveRecord::Base
belongs_to :project belongs_to :project
serialize :data serialize :data
validates :body, :user_id, :commentable_id, :commentable_type, :project_id, presence: true validates :body, :user, :commentable_id, :commentable_type, :project_id, presence: true
scope :for_commit, ->(c) { where(commentable_id: c.id.hex, commentable_type: c.class) } scope :for_commit, ->(c) { where(commentable_id: c.id.hex, commentable_type: c.class) }
default_scope { order(:created_at) } default_scope { order(:created_at) }

View File

@ -6,7 +6,7 @@ class Hook < ActiveRecord::Base
belongs_to :project belongs_to :project
before_validation :cleanup_data before_validation :cleanup_data
validates :project_id, :data, presence: true validates :project, :data, presence: true
validates :name, presence: true, inclusion: {in: NAMES} validates :name, presence: true, inclusion: {in: NAMES}
attr_accessible :data, :name attr_accessible :data, :name

View File

@ -35,7 +35,7 @@ class Issue < ActiveRecord::Base
has_one :pull_request#, dependent: :destroy has_one :pull_request#, dependent: :destroy
validates :title, :body, :project_id, presence: true validates :title, :body, :project, presence: true
after_create :set_serial_id after_create :set_serial_id
after_create :subscribe_users after_create :subscribe_users

View File

@ -7,7 +7,7 @@ class KeyPair < ActiveRecord::Base
attr_accessible :public, :secret, :repository_id attr_accessible :public, :secret, :repository_id
attr_encrypted :secret, key: APP_CONFIG['keys']['key_pair_secret_key'] attr_encrypted :secret, key: APP_CONFIG['keys']['key_pair_secret_key']
validates :repository_id, :user_id, presence: true validates :repository, :user, presence: true
validates :secret, :public, presence: true, length: { maximum: 10000 }, on: :create validates :secret, :public, presence: true, length: { maximum: 10000 }, on: :create
validates :repository_id, uniqueness: { message: I18n.t("activerecord.errors.key_pair.repo_key_exists") } validates :repository_id, uniqueness: { message: I18n.t("activerecord.errors.key_pair.repo_key_exists") }

View File

@ -7,7 +7,7 @@ class PlatformArchSetting < ActiveRecord::Base
belongs_to :arch belongs_to :arch
belongs_to :platform belongs_to :platform
validates :arch_id, :platform_id, presence: true validates :arch, :platform, presence: true
validates :platform_id, uniqueness: { scope: :arch_id } validates :platform_id, uniqueness: { scope: :arch_id }
validate lambda { validate lambda {
errors.add(:platform, I18n.t('flash.platform_arch_settings.wrong_platform')) unless platform.main? errors.add(:platform, I18n.t('flash.platform_arch_settings.wrong_platform')) unless platform.main?

View File

@ -8,7 +8,7 @@ class Product < ActiveRecord::Base
has_many :product_build_lists, dependent: :destroy has_many :product_build_lists, dependent: :destroy
validates :name, presence: true, uniqueness: { scope: :platform_id } validates :name, presence: true, uniqueness: { scope: :platform_id }
validates :project_id, presence: true validates :project, presence: true
validates :main_script, :params, length: { maximum: 255 } validates :main_script, :params, length: { maximum: 255 }
scope :recent, -> { order(:name) } scope :recent, -> { order(:name) }

View File

@ -45,11 +45,12 @@ class ProductBuildList < ActiveRecord::Base
before_validation -> { self.arch_id = Arch.find_by(name: 'x86_64').id }, on: :create before_validation -> { self.arch_id = Arch.find_by(name: 'x86_64').id }, on: :create
# field "not_delete" can be changed only if build has been completed # field "not_delete" can be changed only if build has been completed
before_validation -> { self.not_delete = false unless build_completed?; true } before_validation -> { self.not_delete = false unless build_completed?; true }
validates :product_id, validates :product, :product_id,
:status, :status,
:project_id, :project, :project_id,
:main_script, :main_script,
:arch_id, presence: true :arch, :arch_id,
presence: true
validates :status, inclusion: { in: STATUSES } validates :status, inclusion: { in: STATUSES }
validates :main_script, :params, length: { maximum: 255 } validates :main_script, :params, length: { maximum: 255 }

View File

@ -41,9 +41,9 @@ class Project < ActiveRecord::Base
presence: true, presence: true,
format: { with: /\A#{NAME_REGEXP.source}\z/, format: { with: /\A#{NAME_REGEXP.source}\z/,
message: I18n.t("activerecord.errors.project.uname") } message: I18n.t("activerecord.errors.project.uname") }
validates :maintainer_id, presence: true, unless: :new_record? validates :maintainer, presence: true, unless: :new_record?
validates :url, presence: true, format: { with: /\Ahttps?:\/\/[\S]+\z/ }, if: :mass_import validates :url, presence: true, format: { with: /\Ahttps?:\/\/[\S]+\z/ }, if: :mass_import
validates :add_to_repository_id, presence: true, if: :mass_import validates :add_to_repository, presence: true, if: :mass_import
validates :visibility, presence: true, inclusion: { in: VISIBILITIES } validates :visibility, presence: true, inclusion: { in: VISIBILITIES }
validate { errors.add(:base, :can_have_less_or_equal, count: MAX_OWN_PROJECTS) if owner.projects.size >= MAX_OWN_PROJECTS } validate { errors.add(:base, :can_have_less_or_equal, count: MAX_OWN_PROJECTS) if owner.projects.size >= MAX_OWN_PROJECTS }
validate :check_default_branch validate :check_default_branch

View File

@ -3,7 +3,7 @@ class ProjectImport < ActiveRecord::Base
belongs_to :platform belongs_to :platform
validates :name, uniqueness: { scope: :platform_id, case_sensitive: false } validates :name, uniqueness: { scope: :platform_id, case_sensitive: false }
validates :name, :platform_id, :version, presence: true validates :name, :platform, :version, presence: true
scope :by_name, ->(name) { where("#{table_name}.name ILIKE ?", name) } scope :by_name, ->(name) { where("#{table_name}.name ILIKE ?", name) }

View File

@ -3,7 +3,7 @@ class ProjectStatistic < ActiveRecord::Base
belongs_to :arch belongs_to :arch
belongs_to :project belongs_to :project
validates :arch_id, :project_id, :average_build_time, :build_count, presence: true validates :arch, :project, :average_build_time, :build_count, presence: true
validates :project_id, uniqueness: { scope: :arch_id } validates :project_id, uniqueness: { scope: :arch_id }
attr_accessible :average_build_time, :build_count attr_accessible :average_build_time, :build_count

View File

@ -8,7 +8,7 @@ class ProjectTag < ActiveRecord::Base
belongs_to :project belongs_to :project
validates :project_id, :commit_id, :sha1, :tag_name, :format_id, presence: true validates :project, :commit, :sha1, :tag_name, :format_id, presence: true
validates :project_id, uniqueness: { scope: [:tag_name, :format_id] } validates :project_id, uniqueness: { scope: [:tag_name, :format_id] }
attr_accessible :project_id, :commit_id, :sha1, :tag_name, :format_id attr_accessible :project_id, :commit_id, :sha1, :tag_name, :format_id

View File

@ -28,7 +28,7 @@ class RepositoryStatus < ActiveRecord::Base
belongs_to :platform belongs_to :platform
belongs_to :repository belongs_to :repository
validates :repository_id, :platform_id, presence: true validates :repository, :platform, presence: true
validates :repository_id, uniqueness: { scope: :platform_id } validates :repository_id, uniqueness: { scope: :platform_id }
attr_accessible :platform_id, :repository_id attr_accessible :platform_id, :repository_id

View File

@ -1,7 +1,7 @@
class SettingsNotifier < ActiveRecord::Base class SettingsNotifier < ActiveRecord::Base
belongs_to :user belongs_to :user
validates :user_id, presence: true validates :user, presence: true
attr_accessible :can_notify, attr_accessible :can_notify,
:update_code, :update_code,
@ -9,7 +9,7 @@ class SettingsNotifier < ActiveRecord::Base
:new_comment_commit_repo_owner, :new_comment_commit_repo_owner,
:new_comment_commit_commentor, :new_comment_commit_commentor,
:new_comment, :new_comment,
:new_comment_reply, :new_comment_reply,
:new_issue, :new_issue,
:issue_assign, :issue_assign,
:new_build, :new_build,

View File

@ -51,6 +51,20 @@ shared_examples_for 'create build list via api' do
it 'should not create without existing commit hash in project' do it 'should not create without existing commit hash in project' do
lambda{ post :create, @create_params.deep_merge(build_list: {commit_hash: 'wrong'})}.should change{@project.build_lists.count}.by(0) lambda{ post :create, @create_params.deep_merge(build_list: {commit_hash: 'wrong'})}.should change{@project.build_lists.count}.by(0)
end end
it 'should not create without existing arch' do
lambda{ post :create, @create_params.deep_merge(build_list: {arch_id: -1})}.should change{@project.build_lists.count}.by(0)
end
it 'should not create without existing save_to_platform' do
lambda{
post :create, @create_params.deep_merge(build_list: {save_to_platform_id: -1, save_to_repository_id: -1})
}.should change{@project.build_lists.count}.by(0)
end
it 'should not create without existing save_to_repository' do
lambda{ post :create, @create_params.deep_merge(build_list: {save_to_repository_id: -1})}.should change{@project.build_lists.count}.by(0)
end
end end
shared_examples_for 'not create build list via api' do shared_examples_for 'not create build list via api' do

View File

@ -120,6 +120,10 @@ shared_examples_for 'api projects user with admin rights' do
get :members, id: @project.id, format: :json get :members, id: @project.id, format: :json
response.should be_success response.should be_success
end end
it 'should not set a wrong maintainer_id' do
put :update, project: { maintainer_id: -1 }, id: @project.id, format: :json
response.should_not be_success
end
context 'api project user with update rights' do context 'api project user with update rights' do
before do before do
@ -129,7 +133,7 @@ shared_examples_for 'api projects user with admin rights' do
it 'should be able to perform update action' do it 'should be able to perform update action' do
response.should be_success response.should be_success
end end
it 'ensures that group has been updated' do it 'ensures that description has been updated' do
@project.reload @project.reload
@project.description.should == 'new description' @project.description.should == 'new description'
end end

View File

@ -12,7 +12,7 @@ describe BuildScript do
context 'ensures that validations and associations exist' do context 'ensures that validations and associations exist' do
it { should belong_to(:project) } it { should belong_to(:project) }
it { should validate_presence_of(:project_id) } it { should validate_presence_of(:project) }
it { should validate_presence_of(:treeish) } it { should validate_presence_of(:treeish) }
context 'uniqueness' do context 'uniqueness' do

View File

@ -6,8 +6,8 @@ describe ProjectStatistic do
it { should belong_to(:project) } it { should belong_to(:project) }
it { should belong_to(:arch) } it { should belong_to(:arch) }
it { should validate_presence_of(:project_id) } it { should validate_presence_of(:project) }
it { should validate_presence_of(:arch_id) } it { should validate_presence_of(:arch) }
it { should validate_presence_of(:average_build_time) } it { should validate_presence_of(:average_build_time) }
it { should validate_presence_of(:build_count) } it { should validate_presence_of(:build_count) }