diff options
| author | Go MAEDA <maeda@farend.jp> | 2021-04-23 01:44:28 +0000 |
|---|---|---|
| committer | Go MAEDA <maeda@farend.jp> | 2021-04-23 01:44:28 +0000 |
| commit | 1d4042d262c46d623b2cc36465552094fe46a312 (patch) | |
| tree | 2d5fd383f45d9963d90e6990a76382fc97520e80 /app | |
| parent | 79a6a77c5b8c51484f5dd86e583159b1cd4ae783 (diff) | |
| download | redmine-1d4042d262c46d623b2cc36465552094fe46a312.tar.gz redmine-1d4042d262c46d623b2cc36465552094fe46a312.zip | |
Merged r20962 from trunk to 4.1-stable (#35085).
git-svn-id: http://svn.redmine.org/redmine/branches/4.1-stable@20964 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/repositories_controller.rb | 21 | ||||
| -rw-r--r-- | app/models/repository.rb | 4 |
2 files changed, 17 insertions, 8 deletions
diff --git a/app/controllers/repositories_controller.rb b/app/controllers/repositories_controller.rb index ef903f251..69c38584e 100644 --- a/app/controllers/repositories_controller.rb +++ b/app/controllers/repositories_controller.rb @@ -307,7 +307,7 @@ class RepositoriesController < ApplicationController render_404 end - REV_PARAM_RE = %r{\A[a-f0-9]*\Z}i + REV_PARAM_RE = %r{\A[a-f0-9]*\z}i def find_project_repository @project = Project.find(params[:id]) @@ -318,14 +318,12 @@ class RepositoriesController < ApplicationController end (render_404; return false) unless @repository @path = params[:path].is_a?(Array) ? params[:path].join('/') : params[:path].to_s - @rev = params[:rev].blank? ? @repository.default_branch : params[:rev].to_s.strip - @rev_to = params[:rev_to] - unless REV_PARAM_RE.match?(@rev.to_s) && REV_PARAM_RE.match?(@rev_to.to_s) - if @repository.branches.blank? - raise InvalidRevisionParam - end - end + @rev = params[:rev].to_s.strip.presence || @repository.default_branch + raise InvalidRevisionParam unless valid_name?(@rev) + + @rev_to = params[:rev_to].to_s.strip.presence + raise InvalidRevisionParam unless valid_name?(@rev_to) rescue ActiveRecord::RecordNotFound render_404 rescue InvalidRevisionParam @@ -410,4 +408,11 @@ class RepositoriesController < ApplicationController 'attachment' end end + + def valid_name?(rev) + return true if rev.nil? + return true if REV_PARAM_RE.match?(rev) + + @repository ? @repository.valid_name?(rev) : true + end end diff --git a/app/models/repository.rb b/app/models/repository.rb index 089027c9d..4aca619e0 100644 --- a/app/models/repository.rb +++ b/app/models/repository.rb @@ -461,6 +461,10 @@ class Repository < ActiveRecord::Base scope end + def valid_name?(name) + scm.valid_name?(name) + end + protected # Validates repository url based against an optional regular expression |